fuzz: make fuzzers work with nightly

Recent Rust compilers have bugs that appear when fuzzing optimized binaries: rust-lang/rust#53945 This patch works around the issue by adding the "-C codegen-units=1 -C incremental=fuzz-incremental" arguments to `RUSTFLAGS`. Why this works I don't actually know. This workaround isn't mentioned in the linked issue, and afaik the "incremental" flag is simply changing the directory of the incremental cache, not turning it on or off. Signed-off-by: Brian Anderson <[email protected]>
brson · Jan 3, 2019 · a4a24a4 · a4a24a4
1 parent 7e4e3f8
commit a4a24a4
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 0 deletions.
diff --git a/.gitignore b/.gitignore
@@ -24,3 +24,6 @@ out/
 target
 tmp
 /bin
+
+# fuzzing hack, see fuzz/cli.rs
+fuzz-incremental/
diff --git a/fuzz/cli.rs b/fuzz/cli.rs
@@ -211,9 +211,16 @@ fn run_libfuzzer(target: &str) -> Result<(), Error> {
     #[cfg(not(any(target_os = "linux", target_os = "macos")))]
     panic!("libfuzzer-sys only supports Linux and macOS");
 
+    // FIXME: The -C codegen-units=1 and -C incremental=..
+    // below seem to workaround some difficult issues in Rust nightly
+    // https://github.com/rust-lang/rust/issues/53945.
+    // If this is ever fixed remember to remove the fuzz-incremental
+    // entry from .gitignore.
     let mut rust_flags = env::var("RUSTFLAGS").unwrap_or_default();
     rust_flags.push_str(
         "--cfg fuzzing \
+         -C codegen-units=1 \
+         -C incremental=fuzz-incremental \
          -C passes=sancov \
          -C llvm-args=-sanitizer-coverage-level=4 \
          -C llvm-args=-sanitizer-coverage-trace-pc-guard \
-Original file line number
+Diff line change
@@ Expand Up / @@ -24,3 +24,6 @@ out/ @@
     target
     tmp
     /bin
+    # fuzzing hack, see fuzz/cli.rs
+    fuzz-incremental/