From 6ae6fc7a797d1629fb8ceba4c5b8792f7c24c4a3 Mon Sep 17 00:00:00 2001
From: Craig Tiller <ctiller@google.com>
Date: Wed, 1 Jun 2016 16:28:00 -0700
Subject: [PATCH] Fix server side memory leak
If clients send GOAWAY followed by HEADER
---
.../chttp2/transport/chttp2_transport.c | 6 +-
.../23f261e44d54a2736f6e288128d98db9e5015206 | Bin 0 -> 100 bytes
.../552199651d942e7220141a93ec33dd8256210a18 | Bin 0 -> 46 bytes
.../7a946bf3cd91b63001f2cf3f40c515c747f2ecde | Bin 0 -> 696 bytes
.../7d25c28298fb4d0fe41209d0d14307e4aa67c59e | Bin 0 -> 47 bytes
.../8138b18a9a743659befc2f2b23d23cb9c3086a09 | Bin 0 -> 348 bytes
.../925011abb99fd56bb0f425ae5e0d92e6d341f804 | Bin 0 -> 49 bytes
...h-c1f66840627e3bfdedf2e4c225bc4de0c267ed37 | Bin 0 -> 100 bytes
.../d6bed9cc3c10338a8c5f41064ff8bec0bbc267ce | Bin 0 -> 48 bytes
.../dda9643679f8c8b796e64232a7d153e447d64991 | Bin 0 -> 650 bytes
.../e7b08e36420fa107f0aee652e62158af85a4ef15 | Bin 0 -> 1091 bytes
tools/run_tests/tests.json | 170 ++++++++++++++++++
12 files changed, 174 insertions(+), 2 deletions(-)
create mode 100644 test/core/end2end/fuzzers/server_fuzzer_corpus/23f261e44d54a2736f6e288128d98db9e5015206
create mode 100644 test/core/end2end/fuzzers/server_fuzzer_corpus/552199651d942e7220141a93ec33dd8256210a18
create mode 100644 test/core/end2end/fuzzers/server_fuzzer_corpus/7a946bf3cd91b63001f2cf3f40c515c747f2ecde
create mode 100644 test/core/end2end/fuzzers/server_fuzzer_corpus/7d25c28298fb4d0fe41209d0d14307e4aa67c59e
create mode 100644 test/core/end2end/fuzzers/server_fuzzer_corpus/8138b18a9a743659befc2f2b23d23cb9c3086a09
create mode 100644 test/core/end2end/fuzzers/server_fuzzer_corpus/925011abb99fd56bb0f425ae5e0d92e6d341f804
create mode 100644 test/core/end2end/fuzzers/server_fuzzer_corpus/crash-c1f66840627e3bfdedf2e4c225bc4de0c267ed37
create mode 100644 test/core/end2end/fuzzers/server_fuzzer_corpus/d6bed9cc3c10338a8c5f41064ff8bec0bbc267ce
create mode 100644 test/core/end2end/fuzzers/server_fuzzer_corpus/dda9643679f8c8b796e64232a7d153e447d64991
create mode 100644 test/core/end2end/fuzzers/server_fuzzer_corpus/e7b08e36420fa107f0aee652e62158af85a4ef15
diff --git a/src/core/ext/transport/chttp2/transport/chttp2_transport.c b/src/core/ext/transport/chttp2/transport/chttp2_transport.c
index b6886a2201..d531d215e9 100644
--- a/src/core/ext/transport/chttp2/transport/chttp2_transport.c
+++ b/src/core/ext/transport/chttp2/transport/chttp2_transport.c
@@ -804,8 +804,10 @@ void grpc_chttp2_add_incoming_goaway(
gpr_free(msg);
gpr_slice_unref(goaway_text);
transport_global->seen_goaway = 1;
- connectivity_state_set(exec_ctx, transport_global, GRPC_CHANNEL_FATAL_FAILURE,
- "got_goaway");
+ /* lie: use transient failure from the transport to indicate goaway has been
+ * received */
+ connectivity_state_set(exec_ctx, transport_global,
+ GRPC_CHANNEL_TRANSIENT_FAILURE, "got_goaway");
}
static void maybe_start_some_streams(
diff --git a/test/core/end2end/fuzzers/server_fuzzer_corpus/23f261e44d54a2736f6e288128d98db9e5015206 b/test/core/end2end/fuzzers/server_fuzzer_corpus/23f261e44d54a2736f6e288128d98db9e5015206
new file mode 100644
index 0000000000000000000000000000000000000000..1452256ec7f7ec1680e657f27704cebbd1f0e69a
GIT binary patch
literal 100
zcmWFt@>I}L@CXSB&^OXE;N{}w3ibt&3=9k`3=km62x2h`@T3<NB<q%B=BDPCmT(#R
d8srzJrYIyAGcZ6@Fr%q3Q7BGL&d*CJ1^{y06*B+;
literal 0
HcmV?d00001
diff --git a/test/core/end2end/fuzzers/server_fuzzer_corpus/552199651d942e7220141a93ec33dd8256210a18 b/test/core/end2end/fuzzers/server_fuzzer_corpus/552199651d942e7220141a93ec33dd8256210a18
new file mode 100644
index 0000000000000000000000000000000000000000..c8c54f443d7d31d3d2032246c16aa4ecee8999c7
GIT binary patch
literal 46
ucmWFt@>I}L@CXSB&^OXE;N{}w3ibt&3=9k%EDRu^$-vGCVln==Y5)MRg$B$3
literal 0
HcmV?d00001
diff --git a/test/core/end2end/fuzzers/server_fuzzer_corpus/7a946bf3cd91b63001f2cf3f40c515c747f2ecde b/test/core/end2end/fuzzers/server_fuzzer_corpus/7a946bf3cd91b63001f2cf3f40c515c747f2ecde
new file mode 100644
index 0000000000000000000000000000000000000000..8ef1b0ad7e9b1b0296610b941a573b75fe88bdef
GIT binary patch
literal 696
zcmWFt@>I}L@CXSB&^OXE;N{}w3ibt&3=9k`3}C>-z{ujjz`!WLYE_U}lEI;$mY=Vm
zlvpIdZdII|k(!&zl2KApAi!>wn_7~QpTZIl93sGFl~`JmkzbTqQpuT<pPZPJkzZUQ
zz>}PxSCX1nqFYi~kSdT^P>_?EoLG{XpQoQ*RFEtn0wQ%2lao^mN_126lJiqC^U_6A
zQqyu0OHy?*Q&RIvGD|9T(yKBH1ei)vIZBEWGjmdliUqhzi&Kkq6Vp@kN(g(0;R_=J
z3j-qq%sWa+i7C3tIhm<>B?@2%B<maK85-#s=ou(z<YeZRR%kNV{{e>tBbcN=!3}m-
zaY<rHX)&WArv2!iMyTKg>x6|R2P_N`3g9e^Sj9{T3@nT+3=E74_77PY(Bs@cI7EO2
e6v>e2h8s&9<3AK&Q7w-w2C_haCz&BXj{yMXKz`Ez
literal 0
HcmV?d00001
diff --git a/test/core/end2end/fuzzers/server_fuzzer_corpus/7d25c28298fb4d0fe41209d0d14307e4aa67c59e b/test/core/end2end/fuzzers/server_fuzzer_corpus/7d25c28298fb4d0fe41209d0d14307e4aa67c59e
new file mode 100644
index 0000000000000000000000000000000000000000..a323f7a1abda4f8abefe0567cf1dc458074b05fb
GIT binary patch
literal 47
xcmWFt@>I}L@CXSB&^OXE;N{}w3ibt&3=9k%EDRu^$-vIY!fe98z`*#w0RXk92FU;b
literal 0
HcmV?d00001
diff --git a/test/core/end2end/fuzzers/server_fuzzer_corpus/8138b18a9a743659befc2f2b23d23cb9c3086a09 b/test/core/end2end/fuzzers/server_fuzzer_corpus/8138b18a9a743659befc2f2b23d23cb9c3086a09
new file mode 100644
index 0000000000000000000000000000000000000000..2bcef177a33a9a2a32faf6b1f48afd791eaedcda
GIT binary patch
literal 348
zcmWFt@>I}L@CXSB&^OXE;N{}w3ibt&3=9k`3=r^@5yWB?V6`epEXm-|Ps`8OPf9Ej
zV7Dqx&PdHoWyvThDG*?{%1tfF$WLJj@DC0V;Ic|AEy>6)$}Fkm%*jtq%*n_vE)n2K
z&d)1J%`4F@sVqnpNGvGG$xKcx$;{8wPcJG+77ziEx{1ljsRbpvsd>ryDVcfcqM0eF
zc_o=8l{zV@X*r1{sXFOZnFRv8V6`wsGL`wIx+(d2CA!&p`Q^G9`Q^GL`MN3jx+NKz
z#R5zvsT?ImiJ3X6Ma2SKrNya5x{2wjc_m6oi7C3tIhm<>B}l<wj3XEr7+DyY85kKD
o6c`x6mM7~Q=ouR6fdhxZK+ixyBPUZKue3swfq_wzfq{V$0EqrxTL1t6
literal 0
HcmV?d00001
diff --git a/test/core/end2end/fuzzers/server_fuzzer_corpus/925011abb99fd56bb0f425ae5e0d92e6d341f804 b/test/core/end2end/fuzzers/server_fuzzer_corpus/925011abb99fd56bb0f425ae5e0d92e6d341f804
new file mode 100644
index 0000000000000000000000000000000000000000..948d5fafa33dd00337d84bfac9cd398ff5b479d1
GIT binary patch
literal 49
zcmWFt@>I}L@CXSB&^OXE;N{}w3ibt&3=9k%EDRu^$-vIY!faw-!oa}5_`d-F!zBkT
literal 0
HcmV?d00001
diff --git a/test/core/end2end/fuzzers/server_fuzzer_corpus/crash-c1f66840627e3bfdedf2e4c225bc4de0c267ed37 b/test/core/end2end/fuzzers/server_fuzzer_corpus/crash-c1f66840627e3bfdedf2e4c225bc4de0c267ed37
new file mode 100644
index 0000000000000000000000000000000000000000..a7fa57e78e8f55481508a7dac448104bf386bb47
GIT binary patch
literal 100
zcmWFt@>I}L@CXSB&^OXE;N{}w3ibt&3=9k`3=km64q`D1@T3<NB<q%B=BDPCmT(#R
f8srzJrYIyAGcZUpf>bc0sW4F}PEF3wODP5bbX*lV
literal 0
HcmV?d00001
diff --git a/test/core/end2end/fuzzers/server_fuzzer_corpus/d6bed9cc3c10338a8c5f41064ff8bec0bbc267ce b/test/core/end2end/fuzzers/server_fuzzer_corpus/d6bed9cc3c10338a8c5f41064ff8bec0bbc267ce
new file mode 100644
index 0000000000000000000000000000000000000000..2b3424a332f810bbcc6519bc6a07ca4d729b8b0e
GIT binary patch
literal 48
ycmWFt@>I}L@CXSB&^OXE;N{}w3ibt&3=9k%EDRu^$-vIY!fax~z`(%xzX1TeTn7CB
literal 0
HcmV?d00001
diff --git a/test/core/end2end/fuzzers/server_fuzzer_corpus/dda9643679f8c8b796e64232a7d153e447d64991 b/test/core/end2end/fuzzers/server_fuzzer_corpus/dda9643679f8c8b796e64232a7d153e447d64991
new file mode 100644
index 0000000000000000000000000000000000000000..b8ba07b16bf2aed5df8bc97fc570043ea4589b13
GIT binary patch
literal 650
zcmWFt@>I}L@CXSB&^OXE;N{}w3ibt&3=9k`3}C>-zzAY73b0xgB$i}w=%?l9>n9}^
z39wrgCugMQrm|#|loSZCTji#fWaOu?1o#Js2yj^?mX>7X7iE@Ia^~bGC+1|N7nca|
zB<JUqq~?|AmQ)s`3M3X3<YXo%mSpDV>8BSJBnyauNZrKb<kW%^-PF9~{FKbRbkUU5
zw4B6}RGrL})Vva%lFX{i%Jc#Orjk^SlA^@SoYbOX241j6m=2cos>}l1{$cpS$iTwD
z$N=+?Qc_}yZgNg$YF>!~*qmg213g0{Jp(-h1&y4{ywVCy2KzstpkM?MsMrdX%fP_!
z9||xeC=lQVyQ{b)v81$^F&UphybNrq6$PouB@Cdj;{b<QW=$m)Eks2lOGbWi2_yp1
djSxT=K;c6J;XjHX3daG=%g_fW3x@nW1^@x4fr|hD
literal 0
HcmV?d00001
diff --git a/test/core/end2end/fuzzers/server_fuzzer_corpus/e7b08e36420fa107f0aee652e62158af85a4ef15 b/test/core/end2end/fuzzers/server_fuzzer_corpus/e7b08e36420fa107f0aee652e62158af85a4ef15
new file mode 100644
index 0000000000000000000000000000000000000000..523c785612efbb325e6812d8beac59ad13bc6832
GIT binary patch
literal 1091
zcmWFt@>I}L@CXSB&^OXE;N{}w3ibt&3=9k`3=nXL5zOLEFDgjZP0dTrPsz+n=g3S+
z%`3?)smx7f$tWo)5MZ~;O)bgDPhko04-OIFvPvv1$;dCtEUDzo$xlwq$;dA*5#UMA
z&nrpIE7AQ@S&+(El3G!s&%ka~T#{H)TFh)>V33?zPy)9>6lQ}?N@`k8Vo9n_dR1nD
z08>dSM@dm)W=?8Ru>e<TacYrnVtQ&`iBeKxif(dFW@=suVLvf3fc?ZMz-m>HSdzh^
zpO&AmpOjc6z;0EXoRNy;CnC&ZhL~j!Qc8RflvEa^3M3X3<YXo%mSpDV>4Sn-Km<hU
zCMKhX1S|mHA%Zs~K<<D>sUeOi{Q_|^%=<`TrvP?9vc7?yp^=_}o`Hf!PG(+dg(idj
zA8=}51e3HPNHU!p>{LkVA>Bc^qZ}y?SwP7al7I=>prwEm?%1*tmORD`&tn*-b0C>!
y42eZ8w4BKXjzq9dNEXGKoWb(Q1SowY^BF*X6yQP2#>ou%c?_Vuj4MGP@;CrC_|tCy
literal 0
HcmV?d00001
diff --git a/tools/run_tests/tests.json b/tools/run_tests/tests.json
index 850f9474ae..c171d05354 100644
--- a/tools/run_tests/tests.json
+++ b/tools/run_tests/tests.json
@@ -70513,6 +70513,23 @@
],
"uses_polling": false
},
+ {
+ "args": [
+ "test/core/end2end/fuzzers/server_fuzzer_corpus/23f261e44d54a2736f6e288128d98db9e5015206"
+ ],
+ "ci_platforms": [
+ "linux"
+ ],
+ "cpu_cost": 0.1,
+ "exclude_configs": [],
+ "flaky": false,
+ "language": "c",
+ "name": "server_fuzzer_one_entry",
+ "platforms": [
+ "linux"
+ ],
+ "uses_polling": false
+ },
{
"args": [
"test/core/end2end/fuzzers/server_fuzzer_corpus/2463aea879c5ab49f8409d0e5c062c7e086b034b"
@@ -71941,6 +71958,23 @@
],
"uses_polling": false
},
+ {
+ "args": [
+ "test/core/end2end/fuzzers/server_fuzzer_corpus/552199651d942e7220141a93ec33dd8256210a18"
+ ],
+ "ci_platforms": [
+ "linux"
+ ],
+ "cpu_cost": 0.1,
+ "exclude_configs": [],
+ "flaky": false,
+ "language": "c",
+ "name": "server_fuzzer_one_entry",
+ "platforms": [
+ "linux"
+ ],
+ "uses_polling": false
+ },
{
"args": [
"test/core/end2end/fuzzers/server_fuzzer_corpus/55af20415ead0ddd417f37fa91a4c767b749ee34"
@@ -72706,6 +72740,23 @@
],
"uses_polling": false
},
+ {
+ "args": [
+ "test/core/end2end/fuzzers/server_fuzzer_corpus/7a946bf3cd91b63001f2cf3f40c515c747f2ecde"
+ ],
+ "ci_platforms": [
+ "linux"
+ ],
+ "cpu_cost": 0.1,
+ "exclude_configs": [],
+ "flaky": false,
+ "language": "c",
+ "name": "server_fuzzer_one_entry",
+ "platforms": [
+ "linux"
+ ],
+ "uses_polling": false
+ },
{
"args": [
"test/core/end2end/fuzzers/server_fuzzer_corpus/7b453adcb9c4bf31dbc448ff32c2bc90ebcbdf0f"
@@ -72723,6 +72774,23 @@
],
"uses_polling": false
},
+ {
+ "args": [
+ "test/core/end2end/fuzzers/server_fuzzer_corpus/7d25c28298fb4d0fe41209d0d14307e4aa67c59e"
+ ],
+ "ci_platforms": [
+ "linux"
+ ],
+ "cpu_cost": 0.1,
+ "exclude_configs": [],
+ "flaky": false,
+ "language": "c",
+ "name": "server_fuzzer_one_entry",
+ "platforms": [
+ "linux"
+ ],
+ "uses_polling": false
+ },
{
"args": [
"test/core/end2end/fuzzers/server_fuzzer_corpus/7ddfac7d7845b424bf670070781ca6ff8586c63b"
@@ -72774,6 +72842,23 @@
],
"uses_polling": false
},
+ {
+ "args": [
+ "test/core/end2end/fuzzers/server_fuzzer_corpus/8138b18a9a743659befc2f2b23d23cb9c3086a09"
+ ],
+ "ci_platforms": [
+ "linux"
+ ],
+ "cpu_cost": 0.1,
+ "exclude_configs": [],
+ "flaky": false,
+ "language": "c",
+ "name": "server_fuzzer_one_entry",
+ "platforms": [
+ "linux"
+ ],
+ "uses_polling": false
+ },
{
"args": [
"test/core/end2end/fuzzers/server_fuzzer_corpus/8164d3c4af043c47cfd6966873bccd2353d072bf"
@@ -73182,6 +73267,23 @@
],
"uses_polling": false
},
+ {
+ "args": [
+ "test/core/end2end/fuzzers/server_fuzzer_corpus/925011abb99fd56bb0f425ae5e0d92e6d341f804"
+ ],
+ "ci_platforms": [
+ "linux"
+ ],
+ "cpu_cost": 0.1,
+ "exclude_configs": [],
+ "flaky": false,
+ "language": "c",
+ "name": "server_fuzzer_one_entry",
+ "platforms": [
+ "linux"
+ ],
+ "uses_polling": false
+ },
{
"args": [
"test/core/end2end/fuzzers/server_fuzzer_corpus/93beeba2.bin"
@@ -74593,6 +74695,23 @@
],
"uses_polling": false
},
+ {
+ "args": [
+ "test/core/end2end/fuzzers/server_fuzzer_corpus/crash-c1f66840627e3bfdedf2e4c225bc4de0c267ed37"
+ ],
+ "ci_platforms": [
+ "linux"
+ ],
+ "cpu_cost": 0.1,
+ "exclude_configs": [],
+ "flaky": false,
+ "language": "c",
+ "name": "server_fuzzer_one_entry",
+ "platforms": [
+ "linux"
+ ],
+ "uses_polling": false
+ },
{
"args": [
"test/core/end2end/fuzzers/server_fuzzer_corpus/crash-dae0f07934a527989f23f06e630710ff6ca8c809"
@@ -74695,6 +74814,23 @@
],
"uses_polling": false
},
+ {
+ "args": [
+ "test/core/end2end/fuzzers/server_fuzzer_corpus/d6bed9cc3c10338a8c5f41064ff8bec0bbc267ce"
+ ],
+ "ci_platforms": [
+ "linux"
+ ],
+ "cpu_cost": 0.1,
+ "exclude_configs": [],
+ "flaky": false,
+ "language": "c",
+ "name": "server_fuzzer_one_entry",
+ "platforms": [
+ "linux"
+ ],
+ "uses_polling": false
+ },
{
"args": [
"test/core/end2end/fuzzers/server_fuzzer_corpus/d8a1d141a9e3876b71c7decbe6e3affccf6de397"
@@ -74848,6 +74984,23 @@
],
"uses_polling": false
},
+ {
+ "args": [
+ "test/core/end2end/fuzzers/server_fuzzer_corpus/dda9643679f8c8b796e64232a7d153e447d64991"
+ ],
+ "ci_platforms": [
+ "linux"
+ ],
+ "cpu_cost": 0.1,
+ "exclude_configs": [],
+ "flaky": false,
+ "language": "c",
+ "name": "server_fuzzer_one_entry",
+ "platforms": [
+ "linux"
+ ],
+ "uses_polling": false
+ },
{
"args": [
"test/core/end2end/fuzzers/server_fuzzer_corpus/df5d3cf5f05eab65ef9d385e263780ae73c42b19"
@@ -74950,6 +75103,23 @@
],
"uses_polling": false
},
+ {
+ "args": [
+ "test/core/end2end/fuzzers/server_fuzzer_corpus/e7b08e36420fa107f0aee652e62158af85a4ef15"
+ ],
+ "ci_platforms": [
+ "linux"
+ ],
+ "cpu_cost": 0.1,
+ "exclude_configs": [],
+ "flaky": false,
+ "language": "c",
+ "name": "server_fuzzer_one_entry",
+ "platforms": [
+ "linux"
+ ],
+ "uses_polling": false
+ },
{
"args": [
"test/core/end2end/fuzzers/server_fuzzer_corpus/e96ad9c17795e52edc810a08d4fc61fe8790002a"
--
GitLab