diff options
author | Max Moroz <mmoroz@chromium.org> | 2017-09-12 02:01:54 +0000 |
---|---|---|
committer | Max Moroz <mmoroz@chromium.org> | 2017-09-12 02:01:54 +0000 |
commit | 79d3d0a1edcec3f199f8de2e6b937017a7bb044b (patch) | |
tree | fbbd88ae4603babc9cd508380a691427e7172c52 /lib/fuzzer/FuzzerLoop.cpp | |
parent | a16d671c83feef2f63925d62a581a2fc32a97d5e (diff) | |
download | compiler-rt-79d3d0a1edcec3f199f8de2e6b937017a7bb044b.tar.gz |
[libfuzzer] Compare TotalNumberOfRuns with MaxNumberOfRuns when testing a memory leak.
Summary:
Fuzzer::TryDetectingAMemoryLeak may call ExecuteCallback which would
increment TotalNumberOfRuns, but it doesn't respect Options.MaxNumberOfRuns
value specified by a user.
Context: https://github.com/google/oss-fuzz/issues/822#issuecomment-328153970
Reviewers: kcc
Reviewed By: kcc
Differential Revision: https://reviews.llvm.org/D37632
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@312993 91177308-0d34-0410-b5e6-96231b3b80d8
Diffstat (limited to 'lib/fuzzer/FuzzerLoop.cpp')
-rw-r--r-- | lib/fuzzer/FuzzerLoop.cpp | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/lib/fuzzer/FuzzerLoop.cpp b/lib/fuzzer/FuzzerLoop.cpp index 0354fc86e..d6185fdee 100644 --- a/lib/fuzzer/FuzzerLoop.cpp +++ b/lib/fuzzer/FuzzerLoop.cpp @@ -525,6 +525,8 @@ void Fuzzer::TryDetectingAMemoryLeak(const uint8_t *Data, size_t Size, bool DuringInitialCorpusExecution) { if (!HasMoreMallocsThanFrees) return; // mallocs==frees, a leak is unlikely. if (!Options.DetectLeaks) return; + if (!DuringInitialCorpusExecution && + TotalNumberOfRuns >= Options.MaxNumberOfRuns) return; if (!&(EF->__lsan_enable) || !&(EF->__lsan_disable) || !(EF->__lsan_do_recoverable_leak_check)) return; // No lsan. |