On Wed, Sep 3, 2025 at 10:58 AM Ignat Korchagin <ignat@xxxxxxxxxxxxxx> wrote: > nit: can I ask for another real example? AFAIK this subsystem is > rarely used (at least directly by users). However, one user-controlled > widely used parser terrifies me: load_script() function from > binfmt_script.c, which parses the shebang line for scripts. I would > really like to see what this framework can do to fuzz that. Thanks for the suggestion! It looks like a promising target. > I'm a bit worried about the scalability of defining one (visible) > config option per fuzz file/module. Is there a use-case, where a user > would want to enable some targets, but not the others? Can it be > unconditionally enabled and compiled only if CONFIG_KFUZZTEST=y? That's a good point. I agree it's best to enable them all by default if CONFIG_KFUZZTEST=y. A fuzzer can pick and choose which targets it wants to fuzz so there's no downside there. My original thought was to maintain consistency with how KUnit tests are built, but since KFuzzTest targets aren't executed directly it makes sense to diverge here.
