fuzzer/ClientSession.cpp | 3 +++
1 file changed, 3 insertions(+)
New commits:
commit 1016de956a80ccb34bbc784801007197a79cef81
Author: Miklos Vajna <[email protected]>
AuthorDate: Thu Feb 27 13:58:06 2020 +0100
Commit: Miklos Vajna <[email protected]>
CommitDate: Thu Feb 27 15:11:31 2020 +0100
fuzzer: fix OOM with an ever-growing SocketPoll::_newCallbacks
Admin::instance().dumpState(std::cerr) at the end of a run shows:
Poll [0] - wakeup r: 11 w: 12
callbacks: 103
fd events rsize wsize
This is more a problem in the fuzzer itself than in the code, the
unprocessed callbacks reached the intentionally set 2GB limit in about
20 mins, so process them at the end of each run.
Change-Id: Ic12d3e8555417371f4ca44228fc1ff515d704592
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/89632
Tested-by: Jenkins CollaboraOffice <[email protected]>
Reviewed-by: Miklos Vajna <[email protected]>
diff --git a/fuzzer/ClientSession.cpp b/fuzzer/ClientSession.cpp
index 53872d5ca..d68f27fb7 100644
--- a/fuzzer/ClientSession.cpp
+++ b/fuzzer/ClientSession.cpp
@@ -34,6 +34,9 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data,
size_t size)
std::vector<char> lineVector(line.data(), line.data() + line.size());
session->handleMessage(fin, code, lineVector);
}
+
+ // Make sure SocketPoll::_newCallbacks does not grow forever, leading to
OOM.
+ Admin::instance().poll(SocketPoll::DefaultPollTimeoutMs);
return 0;
}
_______________________________________________
Libreoffice-commits mailing list
[email protected]
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
