[short] skip
[!fuzz-instrumented] skip
env GOCACHE=$WORK/cache

# TODO(#51484): enabled debugging info to help diagnose a deadlock in the fuzzer
env GODEBUG=fuzzdebug=1
! go test -fuzz=FuzzCov -v
! stderr 'cov instrumentation working'

-- go.mod --
module test

-- cov_test.go --
package cov

import "testing"

func FuzzCov(f *testing.F) {
	f.Fuzz(func(t *testing.T, b []byte) {

			*sa = spec.SchemaOrStringArray{}
			if c.RandBool() {
				c.Fuzz(&sa.Schema)
			} else {
				c.Fuzz(&sa.Property)
			}
			if sa.Schema == nil && len(sa.Property) == 0 {
				*sa = spec.SchemaOrStringArray{Schema: &spec.Schema{}}
			}
		},
		func(url *spec.SchemaURL, c fuzz.Continue) {
			*url = spec.SchemaURL("http://url")
		},
		func(s *spec.Dependencies, c fuzz.Continue) {

	}
	resp.Count = mem.header().count
	h := sha256.Sum256(entryOut.Data)
	entryOut.Path = fmt.Sprintf("%x", h[:4])
	return entryOut, resp, retErr
}

// fuzz tells the worker to call the fuzz method. See workerServer.fuzz.
func (wc *workerClient) fuzz(ctx context.Context, entryIn CorpusEntry, args fuzzArgs) (entryOut CorpusEntry, resp fuzzResponse, isInternalError bool, err error) {
	wc.mu.Lock()
	defer wc.mu.Unlock()

[!fuzz] skip
[short] skip
env GOCACHE=$WORK/cache

# FuzzA attempts to cause the mutator to create duplicate inputs that generate
# new coverage. Previously this would trigger a corner case when the fuzzer
# had an execution limit, causing it to deadlock and sit in the coordinator
# loop indefinitely, failing to exit once the limit had been exhausted.

go test -fuzz=FuzzA -fuzztime=100x -parallel=1

-- go.mod --
module m

go 1.16

var Funcs = func(codecs runtimeserializer.CodecFactory) []interface{} {
	return []interface{}{
		func(obj *discovery.EndpointSlice, c fuzz.Continue) {
			c.FuzzNoCustom(obj) // fuzz self without calling this function again

			addressTypes := []discovery.AddressType{discovery.AddressTypeIPv4, discovery.AddressTypeIPv6, discovery.AddressTypeFQDN}
			obj.AddressType = addressTypes[c.Rand.Intn(len(addressTypes))]

var Funcs = func(codecs runtimeserializer.CodecFactory) []interface{} {
	return []interface{}{
		func(obj *storage.StorageClass, c fuzz.Continue) {
			c.FuzzNoCustom(obj) // fuzz self without calling this function again
			reclamationPolicies := []api.PersistentVolumeReclaimPolicy{api.PersistentVolumeReclaimDelete, api.PersistentVolumeReclaimRetain}
			obj.ReclaimPolicy = &reclamationPolicies[c.Rand.Intn(len(reclamationPolicies))]

package webhook

import (
	"math/rand"
	"reflect"
	"testing"
	"time"

	"github.com/google/go-cmp/cmp"
	fuzz "github.com/google/gofuzz"

	authorizationv1 "k8s.io/api/authorization/v1"
	authorizationv1beta1 "k8s.io/api/authorization/v1beta1"
)

func TestRoundTrip(t *testing.T) {
	f := fuzz.New()
	seed := time.Now().UnixNano()
	t.Logf("seed = %v", seed)
	f.RandSource(rand.New(rand.NewSource(seed)))

		f.Add([]byte(test.compressed))
	}
	for _, s := range badStrings {
		f.Add([]byte(s))
	}
	f.Fuzz(func(t *testing.T, b []byte) {
		r := NewReader(bytes.NewReader(b))
		io.Copy(io.Discard, r)
	})
}

// Fuzz test to verify that what we decompress is what we compress.
// This isn't a great fuzz test because the fuzzer can't efficiently
// explore the space of decompressor behavior, since it can't see

--- PASS: TestInlining (0.10s)
=== RUN   FuzzParse
fuzz: elapsed: 0s, gathering baseline coverage: 0/390 completed
fuzz: elapsed: 0s, gathering baseline coverage: 390/390 completed, now fuzzing with 16 workers
fuzz: elapsed: 3s, execs: 438666 (146173/sec), new interesting: 12 (total: 402)
fuzz: elapsed: 4s, execs: 558467 (147850/sec), new interesting: 15 (total: 405)
--- PASS: FuzzParse (3.85s)

// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package fuzz

import (
	"fmt"

	fuzz "github.com/AdaLogics/go-fuzz-headers"

	"istio.io/istio/pilot/pkg/networking/util"
	"istio.io/istio/pilot/pkg/security/authz/matcher"
)

func FuzzCidrRange(data []byte) int {