Timeout in pdf_fm2js_fuzzer |
||||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5437490689998848 Fuzzer: libFuzzer_pdf_fm2js_fuzzer Job Type: libfuzzer_chrome_asan_debug Platform Id: linux Crash Type: Timeout (exceeds 25 secs) Crash Address: Crash State: pdf_fm2js_fuzzer Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=539070:539072 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5437490689998848 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.
,
Apr 21 2018
,
Apr 22 2018
,
Apr 23 2018
,
Apr 30 2018
Unable to provide possible suspect using Predator, CL and Code Search. Could someone please look into the issue.
,
Apr 30 2018
,
May 8 2018
The following revision refers to this bug: https://pdfium.googlesource.com/pdfium/+/dec08c8d3fbc4e89748f2d655b32727cfab373ed commit dec08c8d3fbc4e89748f2d655b32727cfab373ed Author: Dan Sinclair <dsinclair@chromium.org> Date: Tue May 08 15:20:27 2018 [fm2js] Fail transpiling if lexer has left over data If there is remaining data after the lexer has said it's complete then something has gone wrong while lexing the formcalc data. This CL changes the transpiler to return an error in the case of the lexer havign extra data. Bug: chromium:834575 Change-Id: I8a1288a7f01cc69faf2033829d68246d815258de Reviewed-on: https://pdfium-review.googlesource.com/32130 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Henrique Nakashima <hnakashima@chromium.org> [modify] https://crrev.com/dec08c8d3fbc4e89748f2d655b32727cfab373ed/xfa/fxfa/fm2js/cxfa_fmlexer.h [modify] https://crrev.com/dec08c8d3fbc4e89748f2d655b32727cfab373ed/xfa/fxfa/fm2js/cxfa_fmlexer.cpp [modify] https://crrev.com/dec08c8d3fbc4e89748f2d655b32727cfab373ed/xfa/fxfa/fm2js/cxfa_fmparser.cpp [modify] https://crrev.com/dec08c8d3fbc4e89748f2d655b32727cfab373ed/xfa/fxfa/fm2js/cxfa_fmlexer_unittest.cpp
,
May 8 2018
The following revision refers to this bug: https://pdfium.googlesource.com/pdfium/+/3645dbcf8f6b830ad5b371b9aaae6ee2be33eb98 commit 3645dbcf8f6b830ad5b371b9aaae6ee2be33eb98 Author: Dan Sinclair <dsinclair@chromium.org> Date: Tue May 08 15:30:07 2018 [fm2js] Create fewer CFX_WideTextBuf classes This CL modifies the formcalc transpiler to create less CFX_WideTextBuf classes as we convert to JavaScript. This can take some pathalogical formcal from 20sec to convert to .5sec. Bug: chromium:834575 Change-Id: I428883297bbc3a6a325a4ab0ad51834f2f02ab82 Reviewed-on: https://pdfium-review.googlesource.com/32154 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: Henrique Nakashima <hnakashima@chromium.org> Reviewed-by: Ryan Harrison <rharrison@chromium.org> [modify] https://crrev.com/3645dbcf8f6b830ad5b371b9aaae6ee2be33eb98/xfa/fxfa/fm2js/cxfa_fmexpression.cpp [modify] https://crrev.com/3645dbcf8f6b830ad5b371b9aaae6ee2be33eb98/xfa/fxfa/fm2js/cxfa_fmsimpleexpression.cpp [modify] https://crrev.com/3645dbcf8f6b830ad5b371b9aaae6ee2be33eb98/core/fxcrt/cfx_binarybuf.cpp
,
May 8 2018
,
May 8 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/559a83e74fab436d09c5338d3e35f758ee1232b3 commit 559a83e74fab436d09c5338d3e35f758ee1232b3 Author: pdfium-chromium-autoroll@skia-buildbots.google.com.iam.gserviceaccount.com <pdfium-chromium-autoroll@skia-buildbots.google.com.iam.gserviceaccount.com> Date: Tue May 08 19:00:40 2018 Roll src/third_party/pdfium/ 967aa0793..9ec0bca73 (4 commits) https://pdfium.googlesource.com/pdfium.git/+log/967aa0793c0b..9ec0bca735b5 $ git log 967aa0793..9ec0bca73 --date=short --no-merges --format='%ad %ae %s' 2018-05-08 thestig Simplify more code in CPDF_TextObject. 2018-05-08 dsinclair [fm2js] Create fewer CFX_WideTextBuf classes 2018-05-08 dsinclair [fm2js] Fail transpiling if lexer has left over data 2018-05-08 thestig Move CalculatePitch8() to core/fxcodec. Created with: roll-dep src/third_party/pdfium BUG= chromium:834575 , chromium:834575 The AutoRoll server is located here: https://pdfium-roll.skia.org Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+/master/autoroll/README.md If the roll is causing failures, please contact the current sheriff, who should be CC'd on the roll, and stop the roller if necessary. TBR=dsinclair@chromium.org Change-Id: I17f2467f429b3a99b040bda60f9515488cbe26d7 Reviewed-on: https://chromium-review.googlesource.com/1050511 Commit-Queue: pdfium-chromium-autoroll <pdfium-chromium-autoroll@skia-buildbots.google.com.iam.gserviceaccount.com> Reviewed-by: pdfium-chromium-autoroll <pdfium-chromium-autoroll@skia-buildbots.google.com.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#556906} [modify] https://crrev.com/559a83e74fab436d09c5338d3e35f758ee1232b3/DEPS
,
May 9 2018
ClusterFuzz has detected this issue as fixed in range 556904:556921. Detailed report: https://clusterfuzz.com/testcase?key=5437490689998848 Fuzzer: libFuzzer_pdf_fm2js_fuzzer Job Type: libfuzzer_chrome_asan_debug Platform Id: linux Crash Type: Timeout (exceeds 25 secs) Crash Address: Crash State: pdf_fm2js_fuzzer Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=539070:539072 Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=556904:556921 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5437490689998848 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
May 9 2018
ClusterFuzz testcase 5437490689998848 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
||||||||
►
Sign in to add a comment |
||||||||
Comment 1 by dtapu...@chromium.org
, Apr 19 2018