This is intended for integration fuzzing and those decoders that do not yet live in their own crate. image-png for example has their own fuzzing targets.

Install afl:

$ cargo install afl

Build fuzz target:

$ cargo afl build --bin fuzz_<format>

Run afl:

$ mkdir out/<format>
$ cargo afl fuzz -i ./in/<format> -o ./out/<format> ./target/debug/fuzz_<format>

To reproduce a crash:

$ cargo run --bin reproduce_<format>

Since about Oct. 2021 the nightly Rust builds use an llvm version that no longer accepts one of the sanitizer passes. As a temporary workaround you must adjust the flags passed to afl:

$ RUSTFLAGS="-Znew-llvm-pass-manager=no" cargo +nightly afl run …