New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 811540 link

Starred by 1 user
Status: WontFix
Owner:
rharrison@chromium.org
Closed: Feb 2018
Cc:
brajkumar@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Mac
Pri: 1
Type: Bug-Regression

Blocking:
issue 62400



Sign in to add a comment

Timeout in pdf_codec_gif_fuzzer

Project Member Reported by ClusterFuzz, Feb 13 2018 
Detailed report: https://clusterfuzz.com/testcase?key=6042319544123392

Fuzzer: libFuzzer_pdf_codec_gif_fuzzer
Job Type: libfuzzer_chrome_ubsan
Platform Id: linux

Crash Type: Timeout (exceeds 25 secs)
Crash Address: 
Crash State:
  pdf_codec_gif_fuzzer
  
Sanitizer: undefined (UBSAN)

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=511207:511229

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6042319544123392

Issue filed automatically.

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.
Project Member

Comment 1 by ClusterFuzz, Feb 13 2018

Labels: OS-Mac

Comment 2 by brajkumar@chromium.org, Feb 13 2018

Cc: brajkumar@chromium.org
Components: Internals>Plugins>PDF
Labels: -Type-Bug M-64 Test-Predator-Wrong Type-Bug-Regression
Owner: rharrison@chromium.org
Status: Assigned (was: Untriaged)
Predator could not provide any possible suspects.

From the below CL observing some changes related to pdf_codec_gif_fuzzer, hence suspecting the same
https://chromium.googlesource.com/chromium/src/+log/03e1e29acb376a116deab2de050e90a3e810123d..875c40e390c9bea6b4f467f0550e426882c5edd1?pretty=fuller&n=10000

Suspect CL: https://chromium.googlesource.com/chromium/src/+/f2d24819ac5cb5a0c682f50d56ede57c124b94b1

rharrison@ -- Could you please check whether this is caused with respect to your change, if not please help us in assigning it to the right owner.

Thanks!

Comment 3 by rharrison@chromium.org, Feb 13 2018

Blocking: 62400

Comment 4 by rharrison@chromium.org, Feb 14 2018

Status: WontFix (was: Assigned)
Nudging up the timeout a little allows this to complete successfully. The way the image is setup the code table, which is about 16k long needs to be reset in a tight loop. There is not much to do about this, since it is just a badly laid out image.
Project Member

Comment 5 by ClusterFuzz, Feb 21 2018

Labels: Needs-Feedback
ClusterFuzz testcase 6042319544123392 is still reproducing on tip-of-tree build (trunk).

If this testcase was not reproducible locally or unworkable, ignore this notification and we will file another bug soon with hopefully a better and workable testcase.

Otherwise, if this is not intended to be fixed (e.g. this is an intentional crash), please add ClusterFuzz-Ignore label to prevent future bug filing with similar crash stacktrace.

Comment 6 by rharrison@chromium.org, Feb 21 2018

Labels: ClusterFuzz-Ignore
Project Member

Comment 7 by ClusterFuzz, Apr 13 2018 

ClusterFuzz has detected this issue as fixed in range 550377:550381.

Detailed report: https://clusterfuzz.com/testcase?key=6042319544123392

Fuzzer: libFuzzer_pdf_codec_gif_fuzzer
Job Type: libfuzzer_chrome_ubsan
Platform Id: linux

Crash Type: Timeout (exceeds 25 secs)
Crash Address: 
Crash State:
  pdf_codec_gif_fuzzer
  
Sanitizer: undefined (UBSAN)

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=511207:511229
Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=550377:550381

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6042319544123392

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

Sign in to add a comment