diff options
| author | Alexander Bulekov <alxndr@bu.edu> | 2021-07-13 11:00:35 -0400 |
|---|---|---|
| committer | Alexander Bulekov <alxndr@bu.edu> | 2021-09-01 07:33:13 -0400 |
| commit | 993f52f4d43ddcddcb6f68b79a528599f4f099f9 (patch) | |
| tree | 8e0058355365985417189a686f215a647ed40a99 /scripts/oss-fuzz | |
| parent | af16990a1b3aac7a32a58cd4e3509e9e4d44fe69 (diff) | |
| download | focaccia-qemu-993f52f4d43ddcddcb6f68b79a528599f4f099f9.tar.gz focaccia-qemu-993f52f4d43ddcddcb6f68b79a528599f4f099f9.zip | |
fuzz: adjust timeout to allow for longer inputs
Using a custom timeout is useful to continue fuzzing complex devices, even after we run into some slow code-path. However, simply adding a fixed timeout to each input effectively caps the maximum input length/number of operations at some artificial value. There are two major problems with this: 1. Some code might only be reachable through long IO sequences. 2. Longer inputs can actually be _better_ for performance. While the raw number of fuzzer executions decreases with larger inputs, the number of MMIO/PIO/DMA operation/second actually increases, since were are speding proportionately less time fork()ing. With this change, we keep the custom-timeout, but we renew it, prior to each MMIO/PIO/DMA operation. Thus, we time-out only when a specific operation takes a long time. Reviewed-by: Darren Kenny <darren.kenny@oracle.com> Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Diffstat (limited to 'scripts/oss-fuzz')
0 files changed, 0 insertions, 0 deletions