[libFuzzer] fix a use-after-free (!) in libFuzzer caused by r270905: that CL caused a push_back in the main corpus invalidating the vector<> iterators in rare cases.

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@271186 91177308-0d34-0410-b5e6-96231b3b80d8

lib/Fuzzer/FuzzerLoop.cpp

@@ -655,7 +655,7 @@ void Fuzzer::TryDetectingAMemoryLeak(const uint8_t *Data, size_t Size,
   // Run the target once again, but with lsan disabled so that if there is
   // a real leak we do not report it twice.
   __lsan_disable();
-  RunOneAndUpdateCorpus(Data, Size);
+  RunOne(Data, Size);
   __lsan_enable();
   if (!HasMoreMallocsThanFrees) return;  // a leak is unlikely.
   if (NumberOfLeakDetectionAttempts++ > 1000) {

lib/Fuzzer/test/fuzzer-threaded.test

@@ -1,7 +1,10 @@
 CHECK: Done 1000 runs in
 
-RUN: LLVMFuzzer-ThreadedTest -use_traces=1 -runs=1000  2>&1 | FileCheck %s
-RUN: LLVMFuzzer-ThreadedTest -use_traces=1 -runs=1000  2>&1 | FileCheck %s
-RUN: LLVMFuzzer-ThreadedTest -use_traces=1 -runs=1000  2>&1 | FileCheck %s
-RUN: LLVMFuzzer-ThreadedTest -use_traces=1 -runs=1000  2>&1 | FileCheck %s
+# TODO(kcc): re-enable leak detection here.
+# Currently laak detection makes run counts imprecise.
+
+RUN: LLVMFuzzer-ThreadedTest -use_traces=1 -runs=1000 -detect_leaks=0 2>&1 | FileCheck %s
+RUN: LLVMFuzzer-ThreadedTest -use_traces=1 -runs=1000 -detect_leaks=0 2>&1 | FileCheck %s
+RUN: LLVMFuzzer-ThreadedTest -use_traces=1 -runs=1000 -detect_leaks=0 2>&1 | FileCheck %s
+RUN: LLVMFuzzer-ThreadedTest -use_traces=1 -runs=1000 -detect_leaks=0 2>&1 | FileCheck %s