[libfuzzer] Compare TotalNumberOfRuns with MaxNumberOfRuns when testing a memory leak.

Summary: Fuzzer::TryDetectingAMemoryLeak may call ExecuteCallback which would increment TotalNumberOfRuns, but it doesn't respect Options.MaxNumberOfRuns value specified by a user. Context: https://github.com/google/oss-fuzz/issues/822#issuecomment-328153970 Reviewers: kcc Reviewed By: kcc Differential Revision: https://reviews.llvm.org/D37632 llvm-svn: 312993
2017-09-12 02:01:54 +00:00 · 2017-09-12 02:01:54 +00:00 · 3f26dac416
parent d56b90fb4c
commit 3f26dac416
2 changed files with 12 additions and 0 deletions
--- a/compiler-rt/lib/fuzzer/FuzzerLoop.cpp
+++ b/compiler-rt/lib/fuzzer/FuzzerLoop.cpp
@ -525,6 +525,8 @@ void Fuzzer::TryDetectingAMemoryLeak(const uint8_t *Data, size_t Size,
                                     bool DuringInitialCorpusExecution) {
  if (!HasMoreMallocsThanFrees) return;  // mallocs==frees, a leak is unlikely.
  if (!Options.DetectLeaks) return;
+  if (!DuringInitialCorpusExecution &&
+      TotalNumberOfRuns >= Options.MaxNumberOfRuns) return;
  if (!&(EF->__lsan_enable) || !&(EF->__lsan_disable) ||
      !(EF->__lsan_do_recoverable_leak_check))
    return;  // No lsan.
--- a/compiler-rt/test/fuzzer/max-number-of-runs.test
+++ b/compiler-rt/test/fuzzer/max-number-of-runs.test
@ -0,0 +1,10 @@
+RUN: %cpp_compiler %S/AccumulateAllocationsTest.cpp -o %t-AccumulateAllocationsTest
+
+RUN: %t-AccumulateAllocationsTest -seed=1 -runs=2 2>&1 | FileCheck %s --check-prefix=CHECK1
+CHECK1: Done 2 runs
+
+RUN: %t-AccumulateAllocationsTest -seed=1 -runs=3 2>&1 | FileCheck %s --check-prefix=CHECK2
+CHECK2: Done 3 runs
+
+RUN: %t-AccumulateAllocationsTest -seed=1 -runs=4 2>&1 | FileCheck %s --check-prefix=CHECK3
+CHECK3: Done 4 runs