fuzzer/ClientSession.cpp | 3 +++ 1 file changed, 3 insertions(+) New commits: commit 1016de956a80ccb34bbc784801007197a79cef81 Author: Miklos Vajna <vmik...@collabora.com> AuthorDate: Thu Feb 27 13:58:06 2020 +0100 Commit: Miklos Vajna <vmik...@collabora.com> CommitDate: Thu Feb 27 15:11:31 2020 +0100
fuzzer: fix OOM with an ever-growing SocketPoll::_newCallbacks Admin::instance().dumpState(std::cerr) at the end of a run shows: Poll [0] - wakeup r: 11 w: 12 callbacks: 103 fd events rsize wsize This is more a problem in the fuzzer itself than in the code, the unprocessed callbacks reached the intentionally set 2GB limit in about 20 mins, so process them at the end of each run. Change-Id: Ic12d3e8555417371f4ca44228fc1ff515d704592 Reviewed-on: https://gerrit.libreoffice.org/c/online/+/89632 Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoff...@gmail.com> Reviewed-by: Miklos Vajna <vmik...@collabora.com> diff --git a/fuzzer/ClientSession.cpp b/fuzzer/ClientSession.cpp index 53872d5ca..d68f27fb7 100644 --- a/fuzzer/ClientSession.cpp +++ b/fuzzer/ClientSession.cpp @@ -34,6 +34,9 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) std::vector<char> lineVector(line.data(), line.data() + line.size()); session->handleMessage(fin, code, lineVector); } + + // Make sure SocketPoll::_newCallbacks does not grow forever, leading to OOM. + Admin::instance().poll(SocketPoll::DefaultPollTimeoutMs); return 0; } _______________________________________________ Libreoffice-commits mailing list libreoffice-comm...@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits