An impediment to fuzzing with TSAN is that coverage instrumentation for coverage-guided fuzzing is not thread safe (see https://github.com/google/oss-fuzz/issues/5272#issuecomment-790805359). We can circumvent the problem of racy coverage instrumentation by abandoning coverage instrumentation altogether.
I was able to set up black box fuzzing with TSAN and honggfuzz. Unfortunately, since I use toolchain features rather than rules_fuzzing's configuration transitions to instrument my fuzz tests, I can't trivially upstream my code change directly here. But it might be worth implementing support for tsan-* configurations.
Requested Behavior
Support for black box fuzzing with TSAN.
An impediment to fuzzing with TSAN is that coverage instrumentation for coverage-guided fuzzing is not thread safe (see https://github.com/google/oss-fuzz/issues/5272#issuecomment-790805359). We can circumvent the problem of racy coverage instrumentation by abandoning coverage instrumentation altogether.
I was able to set up black box fuzzing with TSAN and honggfuzz. Unfortunately, since I use toolchain features rather than rules_fuzzing's configuration transitions to instrument my fuzz tests, I can't trivially upstream my code change directly here. But it might be worth implementing support for
tsan-*
configurations.