Index: third_party/WebKit/Source/bindings/core/v8/serialization/SerializedScriptValueFuzzer.cpp |
diff --git a/third_party/WebKit/Source/bindings/core/v8/serialization/SerializedScriptValueFuzzer.cpp b/third_party/WebKit/Source/bindings/core/v8/serialization/SerializedScriptValueFuzzer.cpp |
index 814474534d404cf6e5f41067e2ef1a304ce893d1..e9cd65bd6cf6425639e954734d7ab2ba9dd31b2e 100644 |
--- a/third_party/WebKit/Source/bindings/core/v8/serialization/SerializedScriptValueFuzzer.cpp |
+++ b/third_party/WebKit/Source/bindings/core/v8/serialization/SerializedScriptValueFuzzer.cpp |
@@ -10,6 +10,7 @@ |
#include "core/testing/DummyPageHolder.h" |
#include "platform/RuntimeEnabledFeatures.h" |
#include "platform/testing/BlinkFuzzerTestSupport.h" |
+#include "platform/testing/UnitTestHelpers.h" |
#include "public/platform/WebBlobInfo.h" |
#include "public/platform/WebMessagePortChannel.h" |
#include "wtf/StringHasher.h" |
@@ -93,9 +94,16 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { |
RefPtr<SerializedScriptValue> serializedScriptValue = |
SerializedScriptValue::create(reinterpret_cast<const char*>(data), size); |
serializedScriptValue->deserialize(isolate, messagePorts, blobs); |
- |
- // Clean up. |
CHECK(!tryCatch.HasCaught()) |
<< "deserialize() should return null rather than throwing an exception."; |
+ |
+ // Clean up. We have to periodically run pending tasks so that scheduled |
+ // Oilpan GC occurs. |
+ static int iterations = 0; |
+ if (iterations++ == 2048) { |
+ testing::runPendingTasks(); |
+ iterations = 0; |
+ } |
+ |
return 0; |
} |