rust-fuzz / cargo-fuzz

Command line helpers for fuzzing
https://rust-fuzz.github.io/book/cargo-fuzz.html
Apache License 2.0
1.54k stars 110 forks source link

Cannot fuzz if `profile.release.lto = true` #384

Open ijc opened 1 month ago

ijc commented 1 month ago

With:

[profile.release]
lto = true

in my workspace Cargo.toml running cargo fuzz run «target» fails to link with:

  = note: rust-lld: error: undefined symbol: __sancov_gen_.327
          >>> referenced by «target».d25d56b5730432d9-cgu.0
          >>>               /home/ianc/Development/cvpn/orga-expressvpn/lightway/target/x86_64-unknown-linux-gnu/release/deps/«target»-3abb84e625a12f1f.«target».d25d56b5730432d9-cgu.0.rcgu.o:(asan.module_dtor.263)

          rust-lld: error: undefined symbol: __sancov_gen_.210
          >>> referenced by «target».d25d56b5730432d9-cgu.0
          >>>               /home/ianc/Development/cvpn/orga-expressvpn/lightway/target/x86_64-unknown-linux-gnu/release/deps/«target»-3abb84e625a12f1f.«target».d25d56b5730432d9-cgu.0.rcgu.o:(asan.module_dtor.535)

(there are dozens of these).

Commenting out lto = true results in a successful link and run.

If this isn't an easy fix perhaps cargo fuzz could pass --config profile.release.lto=false to cargo? Alternatively being able to choose a custom profile (not just release vs dev) might be a useful feature in its own right.

Reproduced with

rustc 1.83.0-nightly (9c01301c5 2024-09-05)

and

rustc 1.83.0-nightly (c52c23b6f 2024-09-16)
fitzgen commented 1 month ago

If this isn't an easy fix perhaps cargo fuzz could pass --config profile.release.lto=false to cargo? Alternatively being able to choose a custom profile (not just release vs dev) might be a useful feature in its own right.

I'd be happy to review PRs for both of these things.