|
|
@@ -34,6 +34,24 @@ To run several fuzz jobs in parallel, pass `-jobs=24 -workers=24`.
|
|
|
To get less log output, pass `-close_fd_mask=3` -- but that but hides assertion messages. Just `1` only closes stdout.
|
|
|
It's good to move overzealous log output behind `FOO_DEBUG` macros.
|
|
|
|
|
|
+### Keeping track of interesting testcases
|
|
|
+
|
|
|
+There are many quirky files that exercise a lot of interesting edge cases.
|
|
|
+We should probably keep track of them, somewhere.
|
|
|
+
|
|
|
+We have a [bmp suite and a jpg suite and several others](https://github.com/SerenityOS/serenity/tree/master/Base/res/html/misc).
|
|
|
+They are GPL'ed, and therefore not quite as compatible with the rest of Serenity.
|
|
|
+That's probably not a problem, but keeping "our" testcases separate from those GPL'ed suits sounds like a good idea.
|
|
|
+
|
|
|
+We could keep those testcases somewhere else in the repository, like [a `fuzz` directory](https://github.com/SerenityOS/serenity/tree/master/Base/res/html/misc/jpgsuite_files/fuzz).
|
|
|
+But fuzzing tends to generate more and more and more files, and they will blow up in size.
|
|
|
+Especially if we keep all interesting testcases, which is exactly what I intend to do.
|
|
|
+
|
|
|
+So we should keep the actual testcases out of the main serenity repo,
|
|
|
+that's why we created https://github.com/SerenityOS/serenity-fuzz-corpora
|
|
|
+
|
|
|
+Feel free to upload lots and lots files there, or use them for great good!
|
|
|
+
|
|
|
### Fuzzing on OSS-Fuzz
|
|
|
|
|
|
https://oss-fuzz.com/ automatically runs all fuzzers in the Fuzzers/ subdirectory whose name starts with "Fuzz" and which are added to the build in `Fuzzers/CMakeLists.txt` if `ENABLE_OSS_FUZZ` is set. Looking for "serenity" on oss-fuzz.com finds interesting links, in particular:
|
Ben Wiederhake