Author: aizatsky
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/3c482cd2ad66372133cb411d5a0f9f8480497b09
Time: Fri Dec 11 00:37:04 2015
The CL last changed line 186 of file pdfium_fuzzer.cc, which is stack frame 11.

Author: aizatsky
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/3c482cd2ad66372133cb411d5a0f9f8480497b09
Time: Fri Dec 11 00:37:04 2015
The CL last changed line 194 of file pdfium_fuzzer.cc, which is stack frame 12.

Author: aizatsky
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/3c482cd2ad66372133cb411d5a0f9f8480497b09
Time: Fri Dec 11 00:37:04 2015
The CL last changed line 193 of file pdfium_fuzzer.cc, which is stack frame 13.

Author: aizatsky
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/3c482cd2ad66372133cb411d5a0f9f8480497b09
Time: Fri Dec 11 00:37:04 2015
The CL last changed line 217 of file pdfium_fuzzer.cc, which is stack frame 14.

@aizatsky: Assigning to you, Request you to please take a look into it, Please help us to reassign to the right owner if not with respect to any of your changes.

Thanks.!

Wrong owner assignment. Mike is a memory tool author.

I think that assignment is right. https://chromium.googlesource.com/chromium/src/+/3c482cd2ad66372133cb411d5a0f9f8480497b09 was a change to start trying to get the program name from /proc/self/exe, which doesn't exist on Mac.

 Issue 657447  has been merged into this issue.

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Robert, could you please suggest an appropriate solution for Mac?

aizatsky@ is not at Google anymore, so we have to find a new owner.

Tanin, I remember you were interested in doing some libFuzzer stuff, as well as you have macbook. This issue might be a good candidate, in case if you're interested :)

Can you use PathService and base::FILE_EXE? That will do the right thing on all platforms.

This is a pdfium fuzzer bug, there is no /proc/self/exe, so we are crashing. Dan, can you please fix as per suggestion in c#7.

hnakashima@ can you take a look at fixing this issue per comment #7?

Automatically applying components based on information from OWNERS files. If this seems incorrect, please apply the Test-Predator-Wrong-Components label.

For more information, please see https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md.

The link referenced in the description is no longer valid.

(bulk edit)

ClusterFuzz has detected this issue as fixed in range 513206:513315.

Detailed report: https://clusterfuzz.com/testcase?key=6174987843272704

Fuzzer: libFuzzer_pdfium_fuzzer
Job Type: mac_libfuzzer_chrome_asan
Platform Id: mac

Crash Type: UNKNOWN
Crash Address: 0x7fff89f67f06
Crash State:
  /usr/lib/libc++abi.dylib
  /usr/lib/libc++abi.dylib
  _objc_terminate
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=mac_libfuzzer_chrome_asan&range=419764:419788
Fixed: https://clusterfuzz.com/revisions?job=mac_libfuzzer_chrome_asan&range=513206:513315

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6174987843272704

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 6174987843272704 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

I fixed this when fixing a similar issue for the XFA fuzzers. https://chromium-review.googlesource.com/c/chromium/src/+/740344

ClusterFuzz testcase 5078278429999104 is still reproducing on tip-of-tree build (trunk).

Please re-test your fix against this testcase and if the fix was incorrect or incomplete, please re-open the bug. Otherwise, ignore this notification and add ClusterFuzz-Wrong label.

Max, I think there might be something up with ClusterFuzz here. Testcase 5078278429999104 in #16 isn't related to this issue, though it is caused by an abort, the call stack is completely different from the original report.

Thanks for catching! CF testcase 5078278429999104 was reported as  issue 657447 , but then it was manually duplicated into this issue (c#4). Due to that, CF posts comments here rather than on the initial report.

However, duplication seems wrong here, so I'm de-duping it back into a separate issue.

Thanks Ryan!