New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 825527 link

Starred by 3 users
Status: WontFix
Owner:
dsinclair@chromium.org
Closed: Apr 2018
Cc:
brajkumar@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 2
Type: Bug-Regression

Blocking:
issue 62400



Sign in to add a comment

Out-of-memory in pdf_formcalc_fuzzer

Project Member Reported by ClusterFuzz, Mar 24 2018 
Detailed report: https://clusterfuzz.com/testcase?key=6211281452007424

Fuzzer: libFuzzer_pdf_formcalc_fuzzer
Job Type: libfuzzer_chrome_asan
Platform Id: linux

Crash Type: Out-of-memory (exceeds 2048 MB)
Crash Address: 
Crash State:
  pdf_formcalc_fuzzer
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan&range=510517:510554

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6211281452007424

Issue filed automatically.

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.

Comment 1 by brajkumar@chromium.org, Mar 26 2018

Cc: brajkumar@chromium.org
Components: Internals>Plugins>PDF
Labels: -Pri-1 -Type-Bug M-66 Test-Predator-Wrong Pri-2 Type-Bug-Regression
Owner: rharrison@chromium.org
Status: Assigned (was: Untriaged)
Predator could not provide any possible suspects.

From the below CL observing some changes related to 'PDFium FormCalc fuzzer' , hence suspecting the same
https://chromium.googlesource.com/chromium/src/+log/562aecdb55f624e6304eea68480f05c9083f8dd1..3ded4a2234ea0fde3d5ad44773e1fa56c18f497c?pretty=fuller&n=10000

Suspect CL: https://chromium.googlesource.com/chromium/src/+/b7fad4f92d59d901fb1331c5c179dc23fbb290f4

rharrison@ -- Could you please check whether this is caused with respect to your change, if not please help us in assigning it to the right owner.

Thanks!

Comment 2 by dsinclair@chromium.org, Mar 26 2018

Blocking: 62400
Labels: -M-66
Owner: dsinclair@chromium.org

Comment 3 by dsinclair@chromium.org, Apr 3 2018

Status: WontFix (was: Assigned)
As far as I can tell, this is a valid formcalc document, it's just really big (365k) which takes a lot of memory to build the parse tree.
Project Member

Comment 4 by ClusterFuzz, Apr 10 2018

Labels: Needs-Feedback
ClusterFuzz testcase 6211281452007424 is still reproducing on tip-of-tree build (trunk).

If this testcase was not reproducible locally or unworkable, ignore this notification and we will file another bug soon with hopefully a better and workable testcase.

Otherwise, if this is not intended to be fixed (e.g. this is an intentional crash), please add ClusterFuzz-Ignore label to prevent future bug filing with similar crash stacktrace.

Sign in to add a comment