Currently a fuzz target looks like
#![no_main]
#[macro_use] extern crate libfuzzer_sys;
extern crate thing;
fuzz_target!(|data: Type| {
//stuff
});Ideally, it would instead look like
extern crate thing;
#[macro_use] extern crate arbitrary_macros;
target!(|data: Type| {
// stuff
});where the macro introduces the no_main and the libfuzzer_sys.
This means we could use the same script for a quickcheck, or for running with seer
The exact code it expands to can be controlled by a cfg that is a part of the macro expansion. This way we can have cargo-fuzz also do things like cargo fuzz seer name_of_script or cargo fuzz quickcheck name_of_script, which will pass different cfg args to the fuzzer script and do a completely different thing.
Having a common API would be pretty neat, overall. Also makes it easier to be agnostic over the fuzzer.
cc @nagisa @frewsxcv @dwrensha
Currently a fuzz target looks like
Ideally, it would instead look like
where the macro introduces the no_main and the libfuzzer_sys.
This means we could use the same script for a
quickcheck, or for running with seerThe exact code it expands to can be controlled by a cfg that is a part of the macro expansion. This way we can have cargo-fuzz also do things like
cargo fuzz seer name_of_scriptorcargo fuzz quickcheck name_of_script, which will pass different cfg args to the fuzzer script and do a completely different thing.Having a common API would be pretty neat, overall. Also makes it easier to be agnostic over the fuzzer.
cc @nagisa @frewsxcv @dwrensha