Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Could someone please take a look?.
Thank you.

ClusterFuzz has detected this issue as fixed in range 459701:459705.

Detailed report: https://clusterfuzz.com/testcase?key=6531870100815872

Fuzzer: libfuzzer_pdf_fm2js_fuzzer
Job Type: libfuzzer_chrome_ubsan
Platform Id: linux

Crash Type: Timeout (exceeds 25 secs)
Crash Address: 
Crash State:
  pdf_fm2js_fuzzer
  
Sanitizer: undefined (UBSAN)

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=395640:395746
Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=459701:459705

Reproducer Testcase: https://clusterfuzz.com/download/AMIfv95HxDjMSnNpnd0CWCrlzR2548IbS4P7Ez5AGkS3D3DXFAeRmJj8T10AHehBgasa_xMK-JxDCBAjmV-FNGusdcvPUBkjilfxj2pEZlNWbrZRc0jGOvRhUoCLXbbS2H6FXkE5gq4z32yIQjNYDphRWa4MCu5vZwVbwKTzRLxg1NWgnW4_XCce2tCOmBm6626hSysT1DKTFcfXGmG8fAQFymaveCSkacDaT6MgHtj3VNBVy9mk9w-StjW9c3jN5xN_lESKmaVqtSi0o66wSnWXC4kRlphRkda8Ziy-2bPLhW_8Gs0Tivlvn8gT6xWZbzXbF_uXrKk8w77OIOk1l0vGrQflwSE8VrbgdLtrLNUXQVAMYG5E1gk?testcase_id=6531870100815872


See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 6531870100815872 is verified as fixed, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

The following revision refers to this bug:
  https://pdfium.googlesource.com/pdfium/+/5c97fd86374a1638710870a8603438f6d6fa11d1

commit 5c97fd86374a1638710870a8603438f6d6fa11d1
Author: Nicolas Pena <npm@chromium.org>
Date: Tue Apr 11 15:27:16 2017

Avoid long assignment chain in FM parser

We only parse FM right before translating to JS. Our current implementation of
assignment will duplicate to first expression's ToJavascript. So having a long
chain of assignments will result in a huge ToJavascript.

Bug:  chromium:665087 
Change-Id: I542371b5787113be2f2d686153ed0a6c48191bab
Reviewed-on: https://pdfium-review.googlesource.com/4030
Commit-Queue: Nicolás Peña <npm@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>

[modify] https://crrev.com/5c97fd86374a1638710870a8603438f6d6fa11d1/xfa/fxfa/fm2js/xfa_error.h
[modify] https://crrev.com/5c97fd86374a1638710870a8603438f6d6fa11d1/xfa/fxfa/fm2js/xfa_fmparse.cpp
[modify] https://crrev.com/5c97fd86374a1638710870a8603438f6d6fa11d1/xfa/fxfa/fm2js/xfa_error.cpp

The following revision refers to this bug:
  https://pdfium.googlesource.com/pdfium/+/4da1e7623c52572bc8677ac53b908f39543f13b1

commit 4da1e7623c52572bc8677ac53b908f39543f13b1
Author: Lei Zhang <thestig@chromium.org>
Date: Thu May 11 01:00:39 2017

Limit XFA FormCalc program translation size.

BUG= chromium:665087 , chromium:718492 

Change-Id: I09e93b4167ab2c0b3b53641243aa0cbeb5b98c4f
Reviewed-on: https://pdfium-review.googlesource.com/3114
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: Nicolás Peña <npm@chromium.org>

[modify] https://crrev.com/4da1e7623c52572bc8677ac53b908f39543f13b1/xfa/fxfa/fm2js/xfa_fmparse.h
[modify] https://crrev.com/4da1e7623c52572bc8677ac53b908f39543f13b1/xfa/fxfa/fm2js/xfa_expression.h
[modify] https://crrev.com/4da1e7623c52572bc8677ac53b908f39543f13b1/xfa/fxfa/fm2js/xfa_expression.cpp
[modify] https://crrev.com/4da1e7623c52572bc8677ac53b908f39543f13b1/xfa/fxfa/fm2js/xfa_program.cpp
[modify] https://crrev.com/4da1e7623c52572bc8677ac53b908f39543f13b1/xfa/fxfa/fm2js/xfa_simpleexpression.h
[modify] https://crrev.com/4da1e7623c52572bc8677ac53b908f39543f13b1/xfa/fxfa/fm2js/xfa_fm2jscontext.cpp
[modify] https://crrev.com/4da1e7623c52572bc8677ac53b908f39543f13b1/xfa/fxfa/fm2js/xfa_simpleexpression.cpp
[modify] https://crrev.com/4da1e7623c52572bc8677ac53b908f39543f13b1/xfa/fxfa/fm2js/xfa_fmparse.cpp

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/715c833d5ba12cedbf0250778ce9c7db4a517490

commit 715c833d5ba12cedbf0250778ce9c7db4a517490
Author: pdfium-deps-roller@chromium.org <pdfium-deps-roller@chromium.org>
Date: Thu May 11 09:11:23 2017

Roll src/third_party/pdfium/ 21f88ffe5..4da1e7623 (7 commits)

https://pdfium.googlesource.com/pdfium.git/+log/21f88ffe5c2c..4da1e7623c52

$ git log 21f88ffe5..4da1e7623 --date=short --no-merges --format='%ad %ae %s'
2017-05-10 thestig Limit XFA FormCalc program translation size.
2017-05-09 thestig Split DCT decoder creation from CPDF_DIBSource::CreateDecoder().
2017-05-10 thestig Replace operator bool with HasRef() in classes with a CFX_SharedCopyOnWrite member.
2017-05-10 thestig Check CXFA_FM2JSContext::Translate() return value.
2017-05-10 dsinclair Store the offset in the archive buffer
2017-05-10 dsinclair Cleaning up Edit code
2017-05-10 npm Cleanup CGifDecompressor part 2

Created with:
  roll-dep src/third_party/pdfium
BUG= 665087 , 718492 


Documentation for the AutoRoller is here:
https://skia.googlesource.com/buildbot/+/master/autoroll/README.md

If the roll is causing failures, see:
http://www.chromium.org/developers/tree-sheriffs/sheriff-details-chromium#TOC-Failures-due-to-DEPS-rolls


TBR=dsinclair@chromium.org

Change-Id: I72ea21ff11451a57fa0cdc532b5eceae31a682bb
Reviewed-on: https://chromium-review.googlesource.com/502630
Reviewed-by: <pdfium-deps-roller@chromium.org>
Commit-Queue: <pdfium-deps-roller@chromium.org>
Cr-Commit-Position: refs/heads/master@{#470884}
[modify] https://crrev.com/715c833d5ba12cedbf0250778ce9c7db4a517490/DEPS

We have made a bunch of changes on ClusterFuzz side, so resetting ClusterFuzz-Wrong label.