Bo Chen ef603fde4c fuzz: Reduce the guest memory size for balloon fuzzer ... As the virt queues are initialized with random bytes from the fuzzing engine, a descriptor buffer for the available ring can have a very large length (e.g. up to 4GB). This means there can be up to 1 billion entries (e.g. page frame number) for virtio-balloon to process a signal available descriptor (given each entry is 4 bytes). This is the reason why oss-fuzz reported a hanging issue for this fuzzer, where the generated descriptor buffer length is 4,278,321,152. We can avoid this kind of long execution by reducing the size of guest memory. For example, with 1MB of guest memory, the number of descriptor entries for processing is limited ~256K. Signed-off-by: Bo Chen <chen.bo@intel.com>		2022-09-23 08:28:07 +01:00
..
fuzz_targets	fuzz: Reduce the guest memory size for balloon fuzzer	2022-09-23 08:28:07 +01:00
.gitignore	fuzz: Add fuzzing infrastructure and QCOW fuzzer	2020-07-17 08:49:35 +02:00
Cargo.lock	build: Bump serde from 1.0.144 to 1.0.145 in /fuzz	2022-09-22 23:38:42 +00:00
Cargo.toml	build: Bump once_cell from 1.14.0 to 1.15.0 in /fuzz	2022-09-20 23:42:38 +00:00