This is very cool, thanks!
I've made several minor comments.
The patch does not apply to ToT (arc patch D19585 says 2 out of 14 hunks FAILED), for some reason, you may need to svn up / merge.
For no particular reason I prefer libFuzzer.
via a specific fuzzing entrypoint (aka "target function");
I don't want to be this verbose.
(unless you disable this by `-reload=0` command line flag)
s/blocks/blocks or edges
Remove outer ()
why not svn?
While you are at it, remove this part (about function-scope statics).
Sorry, forgot to merge up first. BTW, does Phabricator show whether the patch applies cleanly somewhere? I can't immediately see it in the UI.
OK, but how do you want to handle sentences that start with the name -- capitalize or not?
(At the moment I've left sentence starts as "LibFuzzer does xyz...")
When I tried it, the current SVN tip wouldn't build, so I thought it safer to stick with a fixed release -- less vulnerable that way.