Skip to content

Commit

Permalink
fuzz: make fuzzers work with nightly
Browse files Browse the repository at this point in the history
Recent Rust compilers have bugs that appear when fuzzing
optimized binaries:

rust-lang/rust#53945

This patch works around the issue by adding the "-C codegen-units=1 -C
incremental=fuzz-incremental" arguments to `RUSTFLAGS`.

Why this works I don't actually know. This workaround isn't mentioned
in the linked issue, and afaik the "incremental" flag is simply
changing the directory of the incremental cache, not turning it on or
off.

Signed-off-by: Brian Anderson <[email protected]>
  • Loading branch information
brson committed Jan 7, 2019
1 parent 0f9004e commit d8e9cb7
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 0 deletions.
3 changes: 3 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -24,3 +24,6 @@ out/
target
tmp
/bin

# fuzzing hack, see fuzz/cli.rs
fuzz-incremental/
7 changes: 7 additions & 0 deletions fuzz/cli.rs
Original file line number Diff line number Diff line change
Expand Up @@ -211,9 +211,16 @@ fn run_libfuzzer(target: &str) -> Result<(), Error> {
#[cfg(not(any(target_os = "linux", target_os = "macos")))]
panic!("libfuzzer-sys only supports Linux and macOS");

// FIXME: The -C codegen-units=1 and -C incremental=..
// below seem to workaround some difficult issues in Rust nightly
// https://github.com/rust-lang/rust/issues/53945.
// If this is ever fixed remember to remove the fuzz-incremental
// entry from .gitignore.
let mut rust_flags = env::var("RUSTFLAGS").unwrap_or_default();
rust_flags.push_str(
"--cfg fuzzing \
-C codegen-units=1 \
-C incremental=fuzz-incremental \
-C passes=sancov \
-C llvm-args=-sanitizer-coverage-level=4 \
-C llvm-args=-sanitizer-coverage-trace-pc-guard \
Expand Down

0 comments on commit d8e9cb7

Please sign in to comment.