Allow running initialization code before `fuzz_target!` code

[mgeisler]

Hi there,

I'm working on a fuzzer for which I would like to initialize a mutable variable once at the start of the program. I will then use this repeatedly in my fuzzing loop.

Since I believe the fuzzing loop is single threaded, it ought to be simple and safe to setup such a variable at the start of my program. However, due to how fuzz_target! expands, I don't think I can do this without using statics? I was thinking to use LLVMFuzzerInitialize, but then I saw that it's actually used already by libfuzzer :slightly_smiling_face: This was also touched upon in #46.

I started using a static mut with a OnceCell, but I was immediately told that I'm leaking memory. I was hoping that it would be okay since I expect the static to be dropped as part of the program cleanup when the fuzzing loops stops? However, I see a few hundred messages saying both

Direct leak of 40968 byte(s) in 1 object(s) allocated from:
Direct leak of 30728 byte(s) in 1 object(s) allocated from:
Direct leak of 30728 byte(s) in 1 object(s) allocated from:

and

Indirect leak of 65556 byte(s) in 1 object(s) allocated from:
Indirect leak of 49192 byte(s) in 2 object(s) allocated from:
Indirect leak of 36530 byte(s) in 2 object(s) allocated from:

After all these messages, the fuzzer found a problem and I exited out of the fuzzing loop with a panic!.

Is there a better way to do expensive initialization of a mutable variable?

[darosior]

I agree it would be super useful.

There were a couple attempts (https://github.com/rust-fuzz/libfuzzer/pull/33, https://github.com/rust-fuzz/libfuzzer/pull/51) but it seems like the contributors / maintainers lost interest in this.