feat(fuzz): add coverage guided fuzzing for stateless tests (currently only invariant mode works)

[0xalpharush]

Component

Forge

Describe the feature you would like

#10190 introduced support for coverage-guided, stateful fuzzing/invariant mode. Add support for stateless fuzzing with mutations limited to ABI args. As part of this more mutations should be added. For benchmarking mutations, it's useful to have a saturated corpus i.e. no new coverage has been seen in X time after say 24 hours and see whether the candidate mutation is capable of bringing new coverage that otherwise wouldn't have been reached

foundry/crates/evm/evm/src/executors/invariant/corpus.rs

Lines 424 to 438 in bc96621

	// TODO mutation strategy for individual ABI types
	let mut prev_inputs = function
	.abi_decode_input(&tx.call_details.calldata[4..])
	.expect("fuzzed_artifacts returned wrong sig");
	// For now, only new inputs are generated, no existing inputs are
	// mutated.
	let mut gen_input = |input: &alloy_json_abi::Param| {
	fuzz_param_from_state(
	&input.selector_type().parse().unwrap(),
	&test.fuzz_state,
	)
	.new_tree(test_runner)
	.expect("Could not generate case")
	.current()
	};

See examples from ityfuzz
https://github.com/fuzzland/ityfuzz/blob/35b7f08962fdd0c2e02df7ef8a43164913d514d9/src/evm/abi.rs#L379
and medusa
https://github.com/crytic/medusa/blob/master/fuzzing/valuegeneration/generator_mutational.go

Additional context

No response