Google has launched a new continuous fuzzing project. Similar to Coverity, we could participate to get notifications about bugs in QEMU.
Does anyone want to be QEMU's OSS-Fuzz coordinator? https://github.com/google/oss-fuzz#accepting-new-projects You need to: 1. Be an active QEMU contributor 2. Write a fuzz target that OSS-Fuzz can execute (e.g. disk image formats, VNC, QMP monitor, etc). It's up to you what we should test. 3. Triage bug alerts and coordinate with others to fix the bugs within 90 days. 4. Sign up and apply for QEMU with OSS-Fuzz. This does involve some effort but the pay-off is that you will help QEMU increase code quality and learn a lot about bugs :). Stefan