I'm surprised that this project found bugs so quickly. I had assumed that most popular software already used some kind of fuzzer paired with a sanitizer, or at least run their tests with a sanitizer build.
Fuzzing is not trivial and even if you do it, people with different approaches can find different issues. Then, even if you do it, you need to let it run for days to find the non-trivial scenarios (assuming single machine).
On top of that, the knowledge about sanitizers and fuzzers is pretty low, if you look at an average project. Some don't even care about integrating the existing efforts.
I'm not sure what's the state these days, but 2 years ago I took 5 projects I was using, pointed a very trivial setup of AFL at them and found bugs in each. From yaml parsers to systemd-resolved.
I don't think the industry in general knows about fuzzying.
I first learned of fuzzers here on HN, and between my current and previous job, I didn't meet a person that would recognize the term (or method) when I mentioned it. From this small sample I conclude people simply aren't aware of these methods.
