Unable to find actual suspect through code search and also observing no CL's under regression range, hence adding appropriate label and requesting someone from dev team to look in to this issue.

Thanks!

bungeman@, can you please see if this change (https://chromium.googlesource.com/chromium/src/+/2d9e7ee4ec4a19c96295fddc6c35f9f2c2d04572) is related?

Thank you!

On my workstation, this used to take 0.5 seconds, and now takes 14 seconds. Bisected to https://chromium.googlesource.com/chromium/src/third_party/freetype2/+/8ed53468772ec0bc70d121cc1af2c77b1a15e8d0

Are you sure that's the right bisect? All of the FT_TRACEX macros should expand to "do { } while ( 0 )" when FT_DEBUG_LEVEL_TRACE isn't defined, and it doesn't look like we define it. As a result the only change the compiler should see is a few extra ""do { } while ( 0 )" and one extra "for ( i = 0; i < face->len_buildchar; i++ )" which has a body which does nothing. I'll take a look.

Alas, I have bisected to the same change... taking a look.

Opened https://savannah.nongnu.org/bugs/index.php?54858 with a patch. Turns out that one extra "for ( i = 0; i < face->len_buildchar; i++ )" was the issue. Keeping this open to track waiting for upstream to land and the for us to roll the fix in.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/2cde09762accbeaf889ce843eaecabe2b25dbc6f

commit 2cde09762accbeaf889ce843eaecabe2b25dbc6f
Author: Ben Wagner <bungeman@chromium.org>
Date: Thu Oct 25 08:02:46 2018

Roll src/third_party/freetype/src/ 428854931..f56830ed4 (2 commits)

https://chromium.googlesource.com/chromium/src/third_party/freetype2.git/+log/428854931e68..f56830ed406f

$ git log 428854931..f56830ed4 --date=short --no-merges --format='%ad %ae %s'
2018-10-20 wl Avoid endless loop while tracing (#54858).
2018-10-17 wl * CMakeLists.txt: Specify `RUNTIME DESTINATION'.

Created with:
  roll-dep src/third_party/freetype/src
R=bungeman@chromium.org,drott@chromium.org

CQ_INCLUDE_TRYBOTS=luci.chromium.try:linux_chromium_msan_rel_ng

PDFium-Issue:  pdfium:1177 
Bug:  chromium:889216 
Change-Id: I81dd50ab7684d137fe73aa036c32532350968f60
Reviewed-on: https://chromium-review.googlesource.com/c/1298184
Reviewed-by: Dominik Röttsches <drott@chromium.org>
Commit-Queue: Dominik Röttsches <drott@chromium.org>
Cr-Commit-Position: refs/heads/master@{#602641}
[modify] https://crrev.com/2cde09762accbeaf889ce843eaecabe2b25dbc6f/DEPS
[modify] https://crrev.com/2cde09762accbeaf889ce843eaecabe2b25dbc6f/third_party/freetype/README.chromium

ClusterFuzz has detected this issue as fixed in range 602640:602642.

Detailed report: https://clusterfuzz.com/testcase?key=5884704925155328

Fuzzer: libFuzzer_pdf_font_fuzzer
Job Type: libfuzzer_chrome_asan_debug
Platform Id: linux

Crash Type: Timeout (exceeds 25 secs)
Crash Address: 
Crash State:
  pdf_font_fuzzer
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=579341:579344
Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=602640:602642

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5884704925155328

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5884704925155328 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.