Out-of-memory in pdfium_xfa_fuzzer |
||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=4800177618812928 Fuzzer: libfuzzer_pdfium_xfa_fuzzer Job Type: libfuzzer_chrome_msan Platform Id: linux Crash Type: Out-of-memory (exceeds 2048 MB) Crash Address: Crash State: pdfium_xfa_fuzzer Sanitizer: memory (MSAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_msan&range=462791:462804 Reproducer Testcase: https://clusterfuzz.com/download/AMIfv94PwLHDlV9AXvnj7LgyJx2z6A16UORXC0ncSh1zqGQs90iWYsN9Rvx7ZQY61QyeMQwLlFMYvkJ88GJ4_AYQ12FRhz23XLCd_uidxY7XEE2Wyy61vgVMwmyGVPxuJrJmpKHu-m1pvyGmJYERzR9D1kF7R7iBRD6Jgnhe7ThhrzHKpBAv88jSdggjcEO5prDnxuxQKoLGQN3gz2__25Srh5gyI_FQ634GMXoOk2UP5UYjvvQepuBGrSdXBInqvBbiwyreBGrgMhDfwAT7G9V8hpI1nJqMpFfWV7RJDn6xGOGhfn0JjqC-b4YqZiJ5U5L9p4jFbn5RJZHbtTEP8tLwjWbu_b_xuGG7_EMvTJIkxjils8PmnFs?testcase_id=4800177618812928 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
,
Apr 8 2017
ClusterFuzz has detected this issue as fixed in range 462804:462820. Detailed report: https://clusterfuzz.com/testcase?key=4800177618812928 Fuzzer: libfuzzer_pdfium_xfa_fuzzer Job Type: libfuzzer_chrome_msan Platform Id: linux Crash Type: Out-of-memory (exceeds 2048 MB) Crash Address: Crash State: pdfium_xfa_fuzzer Sanitizer: memory (MSAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_msan&range=462791:462804 Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_msan&range=462804:462820 Reproducer Testcase: https://clusterfuzz.com/download/AMIfv94PwLHDlV9AXvnj7LgyJx2z6A16UORXC0ncSh1zqGQs90iWYsN9Rvx7ZQY61QyeMQwLlFMYvkJ88GJ4_AYQ12FRhz23XLCd_uidxY7XEE2Wyy61vgVMwmyGVPxuJrJmpKHu-m1pvyGmJYERzR9D1kF7R7iBRD6Jgnhe7ThhrzHKpBAv88jSdggjcEO5prDnxuxQKoLGQN3gz2__25Srh5gyI_FQ634GMXoOk2UP5UYjvvQepuBGrSdXBInqvBbiwyreBGrgMhDfwAT7G9V8hpI1nJqMpFfWV7RJDn6xGOGhfn0JjqC-b4YqZiJ5U5L9p4jFbn5RJZHbtTEP8tLwjWbu_b_xuGG7_EMvTJIkxjils8PmnFs?testcase_id=4800177618812928 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Apr 8 2017
ClusterFuzz testcase 4800177618812928 is verified as fixed, so closing issue. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
,
Apr 10 2017
Appears to be flaky, even locally.
,
Apr 10 2017
I'm not sure if there is anything we can do here. The PDF requests a page that is quite large (224 x 792,792). We then request a Bitmap for that image which is 723,854,102B. That, in itself, is fine and the allocation proceeds. We just sometimes seem to use the rest of the memory in other allocations. Dropping the page height down an order of magnitude and I'm not able to trigger the issue anymore.
,
May 15 2017
,
Sep 18 2017
We have made a bunch of changes on ClusterFuzz side, so resetting ClusterFuzz-Wrong label. |
||||||
►
Sign in to add a comment |
||||||
Comment 1 by msrchandra@chromium.org
, Apr 7 2017Labels: Test-Predator-Wrong M-59
Owner: dsinclair@chromium.org
Status: Assigned (was: Untriaged)