Issue metadata
Sign in to add a comment
|
Timeout in feature_policy_fuzzer |
||||||||||||||||||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5110647453646848 Fuzzer: libFuzzer_feature_policy_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Timeout (exceeds 25 secs) Crash Address: Crash State: feature_policy_fuzzer Sanitizer: undefined (UBSAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=498203:498244 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5110647453646848 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.
,
Feb 23 2018
,
Mar 29 2018
This looks like a similar issue to issue 802259 , except that there is no unicode / high ascii in the test case. However, it is a 67K string being interpreted as an origin, hitting the worst-case performance characteristics of punycode, causing the timeouts. I'll put a general sanity-length check in to the FP parser, which should fix this.
,
Apr 13 2018
ClusterFuzz has detected this issue as fixed in range 550604:550608. Detailed report: https://clusterfuzz.com/testcase?key=5110647453646848 Fuzzer: libFuzzer_feature_policy_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Timeout (exceeds 25 secs) Crash Address: Crash State: feature_policy_fuzzer Sanitizer: undefined (UBSAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=498203:498244 Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=550604:550608 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5110647453646848 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Apr 13 2018
ClusterFuzz testcase 5110647453646848 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by brajkumar@chromium.org
, Feb 14 2018Components: Blink>FeaturePolicy
Labels: -Type-Bug M-65 Test-Predator-Wrong Type-Bug-Regression
Owner: iclell...@chromium.org
Status: Assigned (was: Untriaged)