Cargo-fuzz is now 10x faster, better supports sanitizers

Shnatsel · June 26, 2020, 12:47pm

Fuzzing is a highly effective way of discovering bugs, including security vulnerabilities. cargo-fuzz is a cargo subcommand that makes fuzzing easy.

cargo-fuzz has picked up a lot of improvements since the beginning of the year:

~10x faster execution for code built in release mode thanks to tweaks to fuzzing instrumentation and compiler flags.
Code is now compiled in release mode with debug assertions by default instead of debug mode. This brings another ~10x speedup to the default configuration.
Added cargo fuzz fmt command to print the fuzzer-generated data via its Debug implementation. This is particularly useful in conjunction with structure-aware fuzzing.
Much better support for Memory Sanitizer. Now it "Just Works" for pure-Rust code. Code linking to C still requires passing extra flags to C compiler.
Support for fuzzing without any sanitizers. This is useful for testing 100% safe code where you don't have to watch out for memory errors.
Many smaller improvements and fixes.

Fuzzing Rust code has never been easier! Check out the Rust Fuzz Book to get started.

system · September 24, 2020, 12:47pm

This topic was automatically closed 90 days after the last reply. We invite you to open a new topic if you have further questions or comments.

Topic		Replies	Views
Fuzzing with cargo fuzz	4	1104	January 12, 2023
Fuzzing Using Honggfuzz-rs help	4	627	September 27, 2019
Announcing afl.rs 0.2 - bindings for American fuzzy lop announcements	5	4011	January 12, 2023
[Error Handling] 'workspace-inheritance' is required	4	113	February 29, 2024
`arbitrary` version 1.0 released! announcements	1	415	May 25, 2021

Cargo-fuzz is now 10x faster, better supports sanitizers

Related Topics