| Index: third_party/WebKit/Source/bindings/core/v8/serialization/SerializedScriptValueFuzzer.cpp
|
| diff --git a/third_party/WebKit/Source/bindings/core/v8/serialization/SerializedScriptValueFuzzer.cpp b/third_party/WebKit/Source/bindings/core/v8/serialization/SerializedScriptValueFuzzer.cpp
|
| index 814474534d404cf6e5f41067e2ef1a304ce893d1..e9cd65bd6cf6425639e954734d7ab2ba9dd31b2e 100644
|
| --- a/third_party/WebKit/Source/bindings/core/v8/serialization/SerializedScriptValueFuzzer.cpp
|
| +++ b/third_party/WebKit/Source/bindings/core/v8/serialization/SerializedScriptValueFuzzer.cpp
|
| @@ -10,6 +10,7 @@
|
| #include "core/testing/DummyPageHolder.h"
|
| #include "platform/RuntimeEnabledFeatures.h"
|
| #include "platform/testing/BlinkFuzzerTestSupport.h"
|
| +#include "platform/testing/UnitTestHelpers.h"
|
| #include "public/platform/WebBlobInfo.h"
|
| #include "public/platform/WebMessagePortChannel.h"
|
| #include "wtf/StringHasher.h"
|
| @@ -93,9 +94,16 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
|
| RefPtr<SerializedScriptValue> serializedScriptValue =
|
| SerializedScriptValue::create(reinterpret_cast<const char*>(data), size);
|
| serializedScriptValue->deserialize(isolate, messagePorts, blobs);
|
| -
|
| - // Clean up.
|
| CHECK(!tryCatch.HasCaught())
|
| << "deserialize() should return null rather than throwing an exception.";
|
| +
|
| + // Clean up. We have to periodically run pending tasks so that scheduled
|
| + // Oilpan GC occurs.
|
| + static int iterations = 0;
|
| + if (iterations++ == 2048) {
|
| + testing::runPendingTasks();
|
| + iterations = 0;
|
| + }
|
| +
|
| return 0;
|
| }
|
|
|