Rewrite the bit-rotted fuzzing code. Summary of changes:
Fuzzing is now enabled similar to sanitizers, with -DENABLE_FUZZER=ON parameter to cmake
When fuzzing is enabled, the output binary is subzero_fuzzer rather than subzero.
When fuzzing is enabled, all log output is suppressed, per recommendation from libfuzzer docs.
When fuzzing is enabled, debug symbols are included, per recommendation from libfuzzer docs.
When fuzzing is enabled, -O1 optimization level is used, per recommendation from libfuzzer docs.
When fuzzing is enabled, QR signature check failures are ignored, so we can fuzz the post-signature-check code paths.
When fuzzing is enabled, ignore AES-GCM decryption errors, so we can fuzz the post-decryption code paths.
Added new options --generate-fuzzing-corpus and --fuzzing-corpus-output-dir to the GUI. These can be used to generate an initial fuzzing corpus (together with --signtx-test and --generate-wallet-files-test).
Fixed a bug with --generate-wallet-files-test - it needs to initialize screens in order to work.
Added a new fuzz testing section to documentation page.
Potential future work:
use google's libprotobuf-mutator for structure-aware fuzzing
Rewrite the bit-rotted fuzzing code. Summary of changes:
subzero_fuzzer
rather thansubzero
.Potential future work: