4fea40f008
With the guest memory size of 1MB, a valid descriptor size can be close to the guest memory size (e.g. 1MB) and can contain close to 256k valid pfn entries (each entry is 4 bytes). Multiplying the queue size (e.g. 256), there can be close to 64 millions pfn entries to process in a single request. This is why the oss-fuzz reported a timeout (with a limit of 60s). By reducing the guest memory size and the queue size, the worst-case now is 8 million pfn entries for fuzzing, which can be finished in around 20 seconds according to my local experiment. Signed-off-by: Bo Chen <chen.bo@intel.com> |
||
|---|---|---|
| .. | ||
| fuzz_targets | ||
| .gitignore | ||
| Cargo.lock | ||
| Cargo.toml | ||