v5:
- Fix a name collision in 3/3, between "GString *pattern" and the
struct pattern type, which lead to some bad heap problems during
fuzzing
v4:
- Instead of changing the patterns in the AC97 and ES1370 configs,
make the type/name pattern matching case-insensitive.
- Copy the instrumentation filter into the build-dir, so it can be
adapted on-the-fly.
v3:
- Check in ./configure whether clang supports -fsanitize-coverage-allowlist
v2:
- Add the instrumentation filter to the instrumentation filter patch
These patches
1.) Change generic-fuzzer timeouts so they are reconfigured prior to
each individual IO command, to allow for longer-running inputs
2.) Add an instrumentation filter to prevent libfuzzer from tracking
noisy/irrelevant parts of the code.
3.) Make pattern-matching against types/names case-insensitive.
Alexander Bulekov (3):
fuzz: adjust timeout to allow for longer inputs
fuzz: add an instrumentation filter
fuzz: make object-name matching case-insensitive
configure | 13 +++++++
.../oss-fuzz/instrumentation-filter-template | 14 +++++++
tests/qtest/fuzz/generic_fuzz.c | 37 +++++++++++++++----
3 files changed, 56 insertions(+), 8 deletions(-)
create mode 100644 scripts/oss-fuzz/instrumentation-filter-template
--
2.28.0
