Timeout in pdf_formcalc_fuzzer |
||||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=6390414802944000 Fuzzer: libFuzzer_pdf_formcalc_fuzzer Job Type: libfuzzer_chrome_msan Platform Id: linux Crash Type: Timeout (exceeds 25 secs) Crash Address: Crash State: pdf_formcalc_fuzzer Sanitizer: memory (MSAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_msan&range=558431:558448 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6390414802944000 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.
,
May 24 2018
Automatically assigning owner based on suspected regression changelist https://pdfium.googlesource.com/pdfium/+/77c223be193b303b833053a757a2f1f2534da610 (Use internal wcstof instead of system wcstod in formcalc lexer). If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.
,
May 28 2018
,
May 29 2018
,
Jun 14 2018
,
Jun 14 2018
,
Jun 14 2018
The following revision refers to this bug: https://pdfium.googlesource.com/pdfium/+/e90469e4c9b22ff912c70ec70392cf607fb1ad57 commit e90469e4c9b22ff912c70ec70392cf607fb1ad57 Author: Dan Sinclair <dsinclair@chromium.org> Date: Thu Jun 14 19:55:22 2018 [formcalc] Calculate length of string when calling FXSYS_wcstof When calling the FXSYS_wctof method we currently pass in -1 from AdvanceForNumber. This tells the method to calculate the string length. This can be slow for a formcalc string with a lot of numbers. This CL changes the call to pass in the length of remaining data in the original string. This takes the MSAN runtime of the case in the linked bug from ~21seconds to ~500ms. The debug runtime goes from ~2s to ~500ms. Bug: chromium:846104 Change-Id: Idbd19a728160f35982e21c0d97567fbbeefe667a Reviewed-on: https://pdfium-review.googlesource.com/35210 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org> [modify] https://crrev.com/e90469e4c9b22ff912c70ec70392cf607fb1ad57/xfa/fxfa/fm2js/cxfa_fmlexer.cpp
,
Jun 14 2018
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/5da61dbe887e02c83b99f8ba72e85087f205a397 commit 5da61dbe887e02c83b99f8ba72e85087f205a397 Author: pdfium-chromium-autoroll <pdfium-chromium-autoroll@skia-buildbots.google.com.iam.gserviceaccount.com> Date: Fri Jun 15 00:47:33 2018 Roll src/third_party/pdfium e16ffd4fc3f2..ee3e3a4f3cba (4 commits) https://pdfium.googlesource.com/pdfium.git/+log/e16ffd4fc3f2..ee3e3a4f3cba git log e16ffd4fc3f2..ee3e3a4f3cba --date=short --no-merges --format='%ad %ae %s' 2018-06-14 npm@chromium.org Merge 3 methods of CJBig2_GRDProc together 2018-06-14 dsinclair@chromium.org [formcalc] Calculate length of string when calling FXSYS_wcstof 2018-06-14 pcc@google.com Move definition of XFA_SCRIPTATTRIBUTEINFO into cjx_object.h. 2018-06-14 hnakashima@chromium.org Rewrite content stream regeneration. Created with: gclient setdep -r src/third_party/pdfium@ee3e3a4f3cba The AutoRoll server is located here: https://pdfium-roll.skia.org Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+/master/autoroll/README.md If the roll is causing failures, please contact the current sheriff, who should be CC'd on the roll, and stop the roller if necessary. BUG= chromium:846104 ,chromium:847724 TBR=dsinclair@chromium.org Change-Id: Ib391fca7b13757f3b2dc733c4d20fd67d42d1d96 Reviewed-on: https://chromium-review.googlesource.com/1101720 Reviewed-by: pdfium-chromium-autoroll <pdfium-chromium-autoroll@skia-buildbots.google.com.iam.gserviceaccount.com> Commit-Queue: pdfium-chromium-autoroll <pdfium-chromium-autoroll@skia-buildbots.google.com.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#567501} [modify] https://crrev.com/5da61dbe887e02c83b99f8ba72e85087f205a397/DEPS
,
Jun 16 2018
ClusterFuzz has detected this issue as fixed in range 567491:567502. Detailed report: https://clusterfuzz.com/testcase?key=6390414802944000 Fuzzer: libFuzzer_pdf_formcalc_fuzzer Job Type: libfuzzer_chrome_msan Platform Id: linux Crash Type: Timeout (exceeds 25 secs) Crash Address: Crash State: pdf_formcalc_fuzzer Sanitizer: memory (MSAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_msan&range=558431:558448 Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_msan&range=567491:567502 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6390414802944000 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Jun 16 2018
ClusterFuzz testcase 6390414802944000 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
,
Sep 13
|
||||||||
►
Sign in to add a comment |
||||||||
Comment 1 by ClusterFuzz
, May 24 2018Labels: ClusterFuzz-Auto-CC