Fuzz tests don't link correctly on macos

[brson]

There have been several reports that attempting to compile a cargo-fuzz test on macos fails to link. Possibly arm-specific.

Discord thread: https://discord.com/channels/897514728459468821/1141102329085567048/1141102329085567048

Some examples:

= note: LC_ALL="C" PATH="/Users/tylervanderhoeven/.rustup/toolchains/nightly-aarch64-apple-darwin/lib/rustlib/aarch64-apple-darwin/bin:/Users/tylervanderhoeven/miniconda3/bin:/Users/tylervanderhoeven/miniconda3/condabin:/opt/homebrew/opt/ruby@2.7/bin:target/bin:/Users/tylervanderhoeven/bin:/opt/homebrew/bin:/usr/local/bin:/usr/local/bin:/Users/tylervanderhoeven/Library/pnpm:/Users/tylervanderhoeven/.yarn/bin:/Users/tylervanderhoeven/.config/yarn/global/node_modules/.bin:/Users/tylervanderhoeven/.deno/bin:/opt/homebrew/bin:/opt/homebrew/sbin:/usr/local/bin:/System/Cryptexes/App/usr/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/MacGPG2/bin:/Library/Apple/usr/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/local/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/appleinternal/bin:/Users/tylervanderhoeven/.cargo/bin:/Users/tylervanderhoeven/.yarn/bin:/Users/tylervanderhoeven/.config/yarn/global/node_modules/.bin:/Users/tylervanderhoeven/.deno/bin:/opt/homebrew/bin:/opt/homebrew/sbin:/usr/local/bin:/System/Cryptexes/App/usr/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/MacGPG2/bin:/Library/Apple/usr/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/local/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/appleinternal/bin:/Users/tylervanderhoeven/.cargo/bin:/opt/homebrew/opt/llvm/bin" VSLANG="1033" ZERO_AR_DATE="1" "cc" "-Wl,-exported_symbols_list,/var/folders/fl/nb3q3cd51j9_068ffjhm1qx40000gn/T/rustchuHrRt/list" "-arch" "arm64" "/var/folders/fl/nb3q3cd51j9_068ffjhm1qx40000gn/T/rustchuHrRt/symbols.o" "-Wl,-rpath" "-Xlinker" "/Users/tylervanderhoeven/.rustup/toolchains/nightly-aarch64-apple-darwin/lib/rustlib/aarch64-apple-darwin/lib" "-lrustc-nightly_rt.asan" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/soroban_fuzzing_contract.soroban_fuzzing_contract.89926f0d767ae4b0-cgu.0.rcgu.o" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/soroban_fuzzing_contract.344mz72hkhta6meg.rcgu.o" "-L" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps" "-L" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/release/deps" "-L" "/Users/tylervanderhoeven/.rustup/toolchains/nightly-aarch64-apple-darwin/lib/rustlib/aarch64-apple-darwin/lib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libsoroban_sdk-68c467b4fb6d4778.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libsoroban_ledger_snapshot-260f2cf0def0cf2a.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libserde_json-0e50ee1763413110.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libryu-a8079a81d57b7ece.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libitoa-a4e94834596ef6db.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libsoroban_env_host-c5c96374190253ad.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libnum_integer-c57898950d047bd0.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libstellar_strkey-40c27650a42d9727.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libbase32-f33e42399a4e6f5c.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libthiserror-b092d309615b1159.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libbacktrace-111ee64977fcfc47.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libobject-ff46632e5e5f791d.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libmemchr-31ec0e7c8d6d71da.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libaddr2line-9f1ab7a0e7cf83dd.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libgimli-06d58e05d6a46ca7.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/librustc_demangle-65ccb532b247fc4c.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libk256-fcbd1070ce1ed786.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libsha2-5be7e4b81b496ada.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libecdsa-f901518eb8319ffc.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/librfc6979-969c273cb89e962f.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libhmac-01f8a363ecc5dc68.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libsignature-2d074b0fad3dcad9.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libonce_cell-431e1e35f115d595.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libelliptic_curve-43000ff2ab5e734d.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libpkcs8-80537a72ca1d32e0.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libspki-cc8587c35cf3338e.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libsec1-05118a9264541e53.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libder-841dade5803f4819.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libcrypto_bigint-228b7a04614d916b.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libbase16ct-0360a86cf6fcd049.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libgroup-3a13f653c7e4e9ce.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libff-f0a09dbc47c372cc.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/librand_core-fdced1bc83b86892.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libgetrandom-17a92a733359e651.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libed25519_dalek-8506bb84fdf0519c.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/librand-7e1fec20f34c147a.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/librand_chacha-9026ee33d99b5c7f.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libppv_lite86-78f8b298196a9372.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libcurve25519_dalek-15d526a631be5c9c.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/librand_core-6107abf68a0dbdd7.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libgetrandom-3229882db2301d84.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/liblibc-7cd53a27f9f1b8cc.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libbyteorder-8a18fded8e219965.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libed25519-9333f9978081f222.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libsignature-13e99a978e08d608.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libsha3-2db49a9e4854257c.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libkeccak-aeb41813891e62ea.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libdigest-d7c131a8f13c13be.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libsubtle-ca828a75f371eedd.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libconst_oid-b470b4724740b3be.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libblock_buffer-5e7626519d4eb098.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libcrypto_common-c2e1a2f5a1c15750.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libsha2-0921a32bedde6ec6.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libcfg_if-478ba40b2d651091.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libopaque_debug-0a753251ada41fde.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libdigest-362ca72eaccad308.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libblock_buffer-4328ef5bcdb05f54.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libgeneric_array-224a9be563b0aa39.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libtypenum-80544f2f3796e61a.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libzeroize-eb71bf20b51a95ee.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/liblog-fa386b31c0ba1878.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libsoroban_env_common-09598e8408d634a2.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libsoroban_wasmi-14758ff117df9637.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libsmallvec-2db9f2edcbb8c512.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libspin-d0c7578198a7afbb.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libintx-15b2c8e14dfee35b.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libwasmparser_nostd-5cd5c4cceefa41fe.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libindexmap_nostd-99092a63541b7fbe.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libwasmi_arena-6a2366c5c61fa15d.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libwasmi_core-2484be9069728f55.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libdowncast_rs-1933b21794814daf.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libnum_traits-c8694c0c23c177c6.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libethnum-49ea967d043e08a1.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libstellar_xdr-ff8f38aed65092cf.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libhex-d30d9907e57f48b6.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libbase64-b60ed07a7c234c6b.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libserde_with-9999a1595f2cef24.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libserde-393949dab783a8ce.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libarbitrary-e37dde2de728ce14.rlib" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libstatic_assertions-9970a17ffac5f61f.rlib" "/Users/tylervanderhoeven/.rustup/toolchains/nightly-aarch64-apple-darwin/lib/rustlib/aarch64-apple-darwin/lib/libstd-bff7f270c7778e6c.rlib" "/Users/tylervanderhoeven/.rustup/toolchains/nightly-aarch64-apple-darwin/lib/rustlib/aarch64-apple-darwin/lib/libpanic_unwind-ad85ad76f276e64a.rlib" "/Users/tylervanderhoeven/.rustup/toolchains/nightly-aarch64-apple-darwin/lib/rustlib/aarch64-apple-darwin/lib/libobject-3a8adcc3224fe64a.rlib" "/Users/tylervanderhoeven/.rustup/toolchains/nightly-aarch64-apple-darwin/lib/rustlib/aarch64-apple-darwin/lib/libmemchr-c89584874ca32ce0.rlib" "/Users/tylervanderhoeven/.rustup/toolchains/nightly-aarch64-apple-darwin/lib/rustlib/aarch64-apple-darwin/lib/libaddr2line-420459b879de8e4e.rlib" "/Users/tylervanderhoeven/.rustup/toolchains/nightly-aarch64-apple-darwin/lib/rustlib/aarch64-apple-darwin/lib/libgimli-bf9b94f6be723392.rlib" "/Users/tylervanderhoeven/.rustup/toolchains/nightly-aarch64-apple-darwin/lib/rustlib/aarch64-apple-darwin/lib/librustc_demangle-41635c0bce4baa15.rlib" "/Users/tylervanderhoeven/.rustup/toolchains/nightly-aarch64-apple-darwin/lib/rustlib/aarch64-apple-darwin/lib/libstd_detect-74565307b6db180c.rlib" "/Users/tylervanderhoeven/.rustup/toolchains/nightly-aarch64-apple-darwin/lib/rustlib/aarch64-apple-darwin/lib/libhashbrown-1240931510765389.rlib" "/Users/tylervanderhoeven/.rustup/toolchains/nightly-aarch64-apple-darwin/lib/rustlib/aarch64-apple-darwin/lib/librustc_std_workspace_alloc-c415a68cda74da2b.rlib" "/Users/tylervanderhoeven/.rustup/toolchains/nightly-aarch64-apple-darwin/lib/rustlib/aarch64-apple-darwin/lib/libminiz_oxide-586c32226e1c016f.rlib" "/Users/tylervanderhoeven/.rustup/toolchains/nightly-aarch64-apple-darwin/lib/rustlib/aarch64-apple-darwin/lib/libadler-5acd026c1d9d2147.rlib" "/Users/tylervanderhoeven/.rustup/toolchains/nightly-aarch64-apple-darwin/lib/rustlib/aarch64-apple-darwin/lib/libunwind-9486a87104336700.rlib" "/Users/tylervanderhoeven/.rustup/toolchains/nightly-aarch64-apple-darwin/lib/rustlib/aarch64-apple-darwin/lib/libcfg_if-6e0d31c93bee4064.rlib" "/Users/tylervanderhoeven/.rustup/toolchains/nightly-aarch64-apple-darwin/lib/rustlib/aarch64-apple-darwin/lib/liblibc-165ef8fb7c1e2eab.rlib" "/Users/tylervanderhoeven/.rustup/toolchains/nightly-aarch64-apple-darwin/lib/rustlib/aarch64-apple-darwin/lib/liballoc-14f0a3aa7cedcd7c.rlib" "/Users/tylervanderhoeven/.rustup/toolchains/nightly-aarch64-apple-darwin/lib/rustlib/aarch64-apple-darwin/lib/librustc_std_workspace_core-f4d733c7c8b5a29f.rlib" "/Users/tylervanderhoeven/.rustup/toolchains/nightly-aarch64-apple-darwin/lib/rustlib/aarch64-apple-darwin/lib/libcore-49cb3ef59194e1e6.rlib" "/Users/tylervanderhoeven/.rustup/toolchains/nightly-aarch64-apple-darwin/lib/rustlib/aarch64-apple-darwin/lib/libcompiler_builtins-f7211d8d2678cb1a.rlib" "-liconv" "-lSystem" "-lc" "-lm" "-L" "/Users/tylervanderhoeven/.rustup/toolchains/nightly-aarch64-apple-darwin/lib/rustlib/aarch64-apple-darwin/lib" "-o" "/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/libsoroban_fuzzing_contract.dylib" "-dynamiclib" "-Wl,-dylib" "-nodefaultlibs"
  = note: 0  0x1050c2649  __assert_rtn + 139
          1  0x105042431  ld::passes::inits::doPass(Options&, ld::Internal&) + 1697
          2  0x104ebfeb8  main + 968
          A linker snapshot was created at:
              /tmp/libsoroban_fuzzing_contract.dylib-2023-08-15-161036.ld
          ld: Assertion failed: (index < orderedInitOffsetAtoms.size()), function doPass, file inits.cpp, line 131.

mootz12@Alexs-MBP fuzz % cargo +nightly fuzz run fuzz_target_1
   Compiling stellar-xdr v0.0.17 (https://github.com/stellar/rs-stellar-xdr?rev=4eaf2388c1de6fc295ed5f7df8174c199923df5b#4eaf2388)
   Compiling soroban-env-common v0.0.17 (https://github.com/stellar/rs-soroban-env?rev=63cf7fe3d5ffc60db57fba97e9fc9c5778cd559c#63cf7fe3)
   Compiling soroban-env-host v0.0.17 (https://github.com/stellar/rs-soroban-env?rev=63cf7fe3d5ffc60db57fba97e9fc9c5778cd559c#63cf7fe3)
   Compiling soroban-ledger-snapshot v0.9.2 (https://github.com/stellar/rs-soroban-sdk?rev=b1cec10b79cee3c1ecf63079b1088ce97b32c68a#b1cec10b)
   Compiling soroban-sdk v0.9.2 (https://github.com/stellar/rs-soroban-sdk?rev=b1cec10b79cee3c1ecf63079b1088ce97b32c68a#b1cec10b)
error: unsupported relocation of variable 'L___unnamed_430'

error: could not compile `soroban-sdk` (lib) due to previous error

I don't see anything obviously related on the cargo-fuzz issue tracker.

[brson]

I have reproduced the first error, (index < orderedInitOffsetAtoms.size()). There is a workaround at the bottom of this message.

I reproduced the error on MacOS Ventura, ARM, and I think the ld I have installed is revision 711 (https://github.com/apple-oss-distributions/ld64/releases/tag/ld64-711), the latest as of today. Unfortunately building their ld to debug is not trivial - there are some instructions at https://github.com/dmaclach/ld64, but I have not tried.

---

The error is related to static initializers in the macho-o __DATA, __mod_init_func section. The source of the error is https://github.com/kallsyms/apple-opensource/blob/8c92d6af1f78a68fe0b7f31fcc5d41bf23d0e7ab/src/ld64/src/ld/passes/inits.cpp#L123

I also see a single other report of this error here: getsentry/sentry-cocoa#1990. They were explicitly placing data in __mod_init_func and resolved the issue by switching to a different gcc static initializer syntax. Not clear why that fixed the issue.

I cannot find any rust source code that mentions __mod_init_func.

---

I have tested with the sold linker, which also fails, but produces a potentially more useful error:

$ RUSTFLAGS="-Clink-args=-fuse-ld=/usr/local/bin/ld64.sold" cargo +nightly fuzz run fuzz_target_2
...
  = note: mold: fatal: /Users/ec2-user/soroban-examples/fuzzing/fuzz/target/aarch64-apple-darwin/release/deps/soroban_fuzzing_contract.soroban_fuzzing_contract.dd1a04920e7eb7f9-cgu.0.rcgu.o: __mod_init_func: unexpected relocation offset

And sold is easy to build, so could be useful for debugging.

---

I have found a workaround, but do not understand the issue:

Using libfuzzer seems to require activating some sanitizer, and cargo-fuzz defaults to asan. Telling it to use thread sanitizer instead makes the error go away in my limited testing:

cargo +nightly fuzz run fuzz_target_2 --sanitizer=thread

The libfuzzer docs mention a "fuzzer" sanitizer, but it does not seem to exist, or at least not be exposed by rustc.

---

Using both the workaround, and linking with sold, produces a fuzzer that either does not work or is very slow - unclear.

[brson]

Also this issue does not present itself for trivial fuzz tests, which makes sense as seemingly nobody else has reported this error. I tried to reduce a test case but the results were kind of nonsense so far. Not linking to soroban-sdk at all makes the error go away, adding some seemingly-arbitrary soroban-sdk-using code makes it appear.

[graydon]

I believe this is #1011 which is, coincidentally, the next thing on my list. We should coordinate :)

[kalepail]

Running

cargo +nightly fuzz run fuzz_target_1 --sanitizer=thread

Produces

fuzz_target_1(99375,0x1f00d9e00) malloc: nano zone abandoned due to inability to reserve vm space.
INFO: Running with entropic power schedule (0xFF, 100).
INFO: Seed: 3619271091
INFO: Loaded 1 modules   (157408 inline 8-bit counters): 157408 [0x1030beaa8, 0x1030e5188), 
INFO: Loaded 1 PC tables (157408 PCs): 157408 [0x1030e5188,0x10334bf88), 
INFO:        3 files found in /Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/corpus/fuzz_target_1
INFO: -max_len is not provided; libFuzzer will not generate inputs larger than 4096 bytes
INFO: seed corpus: files: 3 min: 32b max: 32b total: 96b rss: 66Mb
#4	INITED cov: 3452 ft: 3529 corp: 3/96b exec/s: 0 rss: 85Mb
#5	NEW    cov: 3452 ft: 3542 corp: 4/128b lim: 32 exec/s: 0 rss: 85Mb L: 32/32 MS: 1 ChangeBinInt-
==99375== ERROR: libFuzzer: deadly signal
    #0 __sanitizer_print_stack_trace <null>:103817808 (librustc-nightly_rt.tsan.dylib:arm64+0x4df6c)
    #1 <null> <null>:104865024 (fuzz_target_1:arm64+0x1009b1a8c)
    #2 <null> <null>:104865024 (fuzz_target_1:arm64+0x1009a7c20)
    #3 __tsan::CallUserSignalHandler(__tsan::ThreadState*, bool, bool, int, __sanitizer::__sanitizer_siginfo_pad*, void*) <null>:103817808 (librustc-nightly_rt.tsan.dylib:arm64+0xb384)
    #4 sighandler(int, __sanitizer::__sanitizer_siginfo_pad*, void*) <null>:103817808 (librustc-nightly_rt.tsan.dylib:arm64+0xb7f8)
    #5 _sigtramp <null>:99638192 (libsystem_platform.dylib:arm64+0x3a20)
    #6 <null> <null> 
    #7 <null> <null> 
    #8 abort <null>:99627872 (libsystem_c.dylib:arm64+0x76ae4)
    #9 <null> <null> (0x4a0a8001037c2d74)
    #10 <null> <null>:104865024 (fuzz_target_1:arm64+0x1001fcb84)
    #11 <null> <null>:104865024 (fuzz_target_1:arm64+0x1001fcb78)
    #12 <null> <null>:104865024 (fuzz_target_1:arm64+0x100573984)
    #13 <null> <null>:104865024 (fuzz_target_1:arm64+0x100577e64)
    #14 <null> <null>:104865024 (fuzz_target_1:arm64+0x100577c0c)
    #15 <null> <null>:104865024 (fuzz_target_1:arm64+0x100577b80)
    #16 <null> <null>:104865024 (fuzz_target_1:arm64+0x100577b74)
    #17 <null> <null>:104865024 (fuzz_target_1:arm64+0x1009d1378)
    #18 <null> <null>:104865024 (fuzz_target_1:arm64+0x1003ee7a8)
    #19 <null> <null>:104865024 (fuzz_target_1:arm64+0x10045b610)
    #20 <null> <null>:104865024 (fuzz_target_1:arm64+0x10045b5d8)
    #21 <null> <null>:104865024 (fuzz_target_1:arm64+0x100460fe0)
    #22 <null> <null>:104865024 (fuzz_target_1:arm64+0x100460f68)
    #23 <null> <null>:104865024 (fuzz_target_1:arm64+0x100466908)
    #24 <null> <null>:104865024 (fuzz_target_1:arm64+0x1003f082c)
    #25 <null> <null>:104865024 (fuzz_target_1:arm64+0x1003f064c)
    #26 <null> <null>:104865024 (fuzz_target_1:arm64+0x1003f03e0)
    #27 <null> <null>:104865024 (fuzz_target_1:arm64+0x1003f02ec)
    #28 <null> <null>:104865024 (fuzz_target_1:arm64+0x1003f2140)
    #29 <null> <null>:104865024 (fuzz_target_1:arm64+0x1003f2084)
    #30 <null> <null>:104865024 (fuzz_target_1:arm64+0x1003f1f98)
    #31 <null> <null>:104865024 (fuzz_target_1:arm64+0x100004e64)
    #32 <null> <null>:104865024 (fuzz_target_1:arm64+0x1002eec80)
    #33 <null> <null>:104865024 (fuzz_target_1:arm64+0x1002eebdc)
    #34 <null> <null>:104865024 (fuzz_target_1:arm64+0x1002eeb90)
    #35 <null> <null>:104865024 (fuzz_target_1:arm64+0x1002eeb28)
    #36 <null> <null>:104865024 (fuzz_target_1:arm64+0x1002ee958)
    #37 <null> <null>:104865024 (fuzz_target_1:arm64+0x1002ee3b0)
    #38 <null> <null>:104865024 (fuzz_target_1:arm64+0x1002e8120)
    #39 <null> <null>:104865024 (fuzz_target_1:arm64+0x1002e75ec)
    #40 <null> <null>:104865024 (fuzz_target_1:arm64+0x1002e6720)
    #41 <null> <null>:104865024 (fuzz_target_1:arm64+0x100349c38)
    #42 <null> <null>:104865024 (fuzz_target_1:arm64+0x1004610c4)
    #43 <null> <null>:104865024 (fuzz_target_1:arm64+0x100460fdc)
    #44 <null> <null>:104865024 (fuzz_target_1:arm64+0x100460f68)
    #45 <null> <null>:104865024 (fuzz_target_1:arm64+0x1003f1f18)
    #46 <null> <null>:104865024 (fuzz_target_1:arm64+0x10000889c)
    #47 <null> <null>:104865024 (fuzz_target_1:arm64+0x1000063f0)
    #48 <null> <null>:104865024 (fuzz_target_1:arm64+0x100006358)
    #49 <null> <null>:104865024 (fuzz_target_1:arm64+0x1000053a0)
    #50 <null> <null>:104865024 (fuzz_target_1:arm64+0x1000086a4)
    #51 <null> <null>:104865024 (fuzz_target_1:arm64+0x100008500)
    #52 <null> <null>:104865024 (fuzz_target_1:arm64+0x10018fcb4)
    #53 <null> <null>:104865024 (fuzz_target_1:arm64+0x10018ff68)
    #54 <null> <null>:104865024 (fuzz_target_1:arm64+0x10018fda8)
    #55 <null> <null>:104865024 (fuzz_target_1:arm64+0x10018fd14)
    #56 <null> <null>:104865024 (fuzz_target_1:arm64+0x1009a9088)
    #57 <null> <null>:104865024 (fuzz_target_1:arm64+0x1009a88c4)
    #58 <null> <null>:104865024 (fuzz_target_1:arm64+0x1009a9eb4)
    #59 <null> <null>:104865024 (fuzz_target_1:arm64+0x1009aa794)
    #60 <null> <null>:104865024 (fuzz_target_1:arm64+0x1009c1168)
    #61 <null> <null>:104865024 (fuzz_target_1:arm64+0x1009cb81c)
    #62 <null> <null> (0x000194da7f28)
    #63 <null> <null> (0xe913000000000000)

NOTE: libFuzzer has rudimentary signal handlers.
      Combine libFuzzer with AddressSanitizer or similar for better crash reports.
SUMMARY: libFuzzer: deadly signal
MS: 1 ChangeBinInt-; base unit: 11c60798a6766f4acd545178867e15eaad87e30d
0x2c,0x2c,0x2c,0x2c,0x2c,0x2c,0x2c,0x2c,0x2c,0x2c,0x2c,0x2c,0x2c,0x2c,0xdd,0xd3,0xd3,0xd3,0xd3,0xd3,0xd3,0xd3,0x2c,0x2c,0x2c,0x2c,0x2c,0x2c,0x2c,0x2c,0x2c,0xa,
,,,,,,,,,,,,,,\335\323\323\323\323\323\323\323,,,,,,,,,\012
artifact_prefix='/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/artifacts/fuzz_target_1/'; Test unit written to /Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/artifacts/fuzz_target_1/crash-112e0e539cf5f8915fe9af5fc30e882669928608
Base64: LCwsLCwsLCwsLCwsLCzd09PT09PT0ywsLCwsLCwsLAo=

────────────────────────────────────────────────────────────────────────────────

Failing input:

	fuzz/artifacts/fuzz_target_1/crash-112e0e539cf5f8915fe9af5fc30e882669928608

Reproduce with:

	cargo fuzz run --sanitizer=thread fuzz_target_1 fuzz/artifacts/fuzz_target_1/crash-112e0e539cf5f8915fe9af5fc30e882669928608

Minimize test case with:

	cargo fuzz tmin --sanitizer=thread fuzz_target_1 fuzz/artifacts/fuzz_target_1/crash-112e0e539cf5f8915fe9af5fc30e882669928608

────────────────────────────────────────────────────────────────────────────────

Error: Fuzz target exited with exit status: 77

I get something similar but slightly longer for fuzz_target_2

fuzz_target_2(99581,0x1f00d9e00) malloc: nano zone abandoned due to inability to reserve vm space.
INFO: Running with entropic power schedule (0xFF, 100).
INFO: Seed: 3717215921
INFO: Loaded 1 modules   (158141 inline 8-bit counters): 158141 [0x10386ab08, 0x1038914c5), 
INFO: Loaded 1 PC tables (158141 PCs): 158141 [0x1038914c8,0x103afb098), 
INFO:        7 files found in /Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/corpus/fuzz_target_2
INFO: -max_len is not provided; libFuzzer will not generate inputs larger than 4096 bytes
INFO: seed corpus: files: 7 min: 80b max: 82b total: 563b rss: 66Mb
#8	INITED cov: 2844 ft: 2856 corp: 3/240b exec/s: 0 rss: 82Mb
#27	NEW    cov: 2845 ft: 2857 corp: 4/320b lim: 80 exec/s: 0 rss: 82Mb L: 80/80 MS: 4 ShuffleBytes-ChangeByte-ShuffleBytes-CopyPart-
	NEW_FUNC[1/3]: 0x102fde364  (fuzz_target_2:arm64+0x10021e364)
	NEW_FUNC[2/3]: 0x102fde2a8  (fuzz_target_2:arm64+0x10021e2a8)
#941	NEW    cov: 2854 ft: 2866 corp: 5/402b lim: 86 exec/s: 470 rss: 83Mb L: 82/82 MS: 3 CopyPart-ChangeBit-ChangeBit-
#2048	pulse  cov: 2854 ft: 2866 corp: 5/402b lim: 92 exec/s: 682 rss: 83Mb
#4096	pulse  cov: 2854 ft: 2866 corp: 5/402b lim: 116 exec/s: 819 rss: 83Mb
==99581== ERROR: libFuzzer: deadly signal
    #0 __sanitizer_print_stack_trace <null>:112206416 (librustc-nightly_rt.tsan.dylib:arm64+0x4df6c)
    #1 <null> <null>:113253632 (fuzz_target_2:arm64+0x1009bd598)
    #2 <null> <null>:113253632 (fuzz_target_2:arm64+0x1009b372c)
    #3 __tsan::CallUserSignalHandler(__tsan::ThreadState*, bool, bool, int, __sanitizer::__sanitizer_siginfo_pad*, void*) <null>:112206416 (librustc-nightly_rt.tsan.dylib:arm64+0xb384)
    #4 sighandler(int, __sanitizer::__sanitizer_siginfo_pad*, void*) <null>:112206416 (librustc-nightly_rt.tsan.dylib:arm64+0xb7f8)
    #5 _sigtramp <null>:108026800 (libsystem_platform.dylib:arm64+0x3a20)
    #6 <null> <null> (0x24758001950ffc28)
    #7 <null> <null> 
    #8 abort <null>:108016384 (libsystem_c.dylib:arm64+0x76ae4)
    #9 <null> <null> (0x229000103f72d74)
    #10 <null> <null>:113253632 (fuzz_target_2:arm64+0x100207ad8)
    #11 <null> <null>:113253632 (fuzz_target_2:arm64+0x100207acc)
    #12 <null> <null>:113253632 (fuzz_target_2:arm64+0x10057ec54)
    #13 <null> <null>:113253632 (fuzz_target_2:arm64+0x100583134)
    #14 <null> <null>:113253632 (fuzz_target_2:arm64+0x100582ebc)
    #15 <null> <null>:113253632 (fuzz_target_2:arm64+0x100582e50)
    #16 <null> <null>:113253632 (fuzz_target_2:arm64+0x100582e44)
    #17 <null> <null>:113253632 (fuzz_target_2:arm64+0x1009dcf1c)
    #18 <null> <null>:113253632 (fuzz_target_2:arm64+0x1009dd05c)
    #19 <null> <null>:113253632 (fuzz_target_2:arm64+0x1003fa2a8)
    #20 <null> <null>:113253632 (fuzz_target_2:arm64+0x1003f9e60)
    #21 <null> <null>:113253632 (fuzz_target_2:arm64+0x1003f9d54)
    #22 <null> <null>:113253632 (fuzz_target_2:arm64+0x1003f9c40)
    #23 <null> <null>:113253632 (fuzz_target_2:arm64+0x1003f9ba4)
    #24 <null> <null>:113253632 (fuzz_target_2:arm64+0x1003fd314)
    #25 <null> <null>:113253632 (fuzz_target_2:arm64+0x1003fd258)
    #26 <null> <null>:113253632 (fuzz_target_2:arm64+0x1003fd16c)
    #27 <null> <null>:113253632 (fuzz_target_2:arm64+0x100005e24)
    #28 <null> <null>:113253632 (fuzz_target_2:arm64+0x1002f9c5c)
    #29 <null> <null>:113253632 (fuzz_target_2:arm64+0x1002f9bb8)
    #30 <null> <null>:113253632 (fuzz_target_2:arm64+0x1002f9b6c)
    #31 <null> <null>:113253632 (fuzz_target_2:arm64+0x1002f9b04)
    #32 <null> <null>:113253632 (fuzz_target_2:arm64+0x1002f9934)
    #33 <null> <null>:113253632 (fuzz_target_2:arm64+0x1002f938c)
    #34 <null> <null>:113253632 (fuzz_target_2:arm64+0x1002f30f8)
    #35 <null> <null>:113253632 (fuzz_target_2:arm64+0x1002f25c4)
    #36 <null> <null>:113253632 (fuzz_target_2:arm64+0x1002f16f8)
    #37 <null> <null>:113253632 (fuzz_target_2:arm64+0x100354d3c)
    #38 <null> <null>:113253632 (fuzz_target_2:arm64+0x10046c2c4)
    #39 <null> <null>:113253632 (fuzz_target_2:arm64+0x10046c1dc)
    #40 <null> <null>:113253632 (fuzz_target_2:arm64+0x10046c168)
    #41 <null> <null>:113253632 (fuzz_target_2:arm64+0x1003fcbbc)
    #42 <null> <null>:113253632 (fuzz_target_2:arm64+0x10000fddc)
    #43 <null> <null>:113253632 (fuzz_target_2:arm64+0x1000089a4)
    #44 <null> <null>:113253632 (fuzz_target_2:arm64+0x100008840)
    #45 <null> <null>:113253632 (fuzz_target_2:arm64+0x100006980)
    #46 <null> <null>:113253632 (fuzz_target_2:arm64+0x10000fd18)
    #47 <null> <null>:113253632 (fuzz_target_2:arm64+0x10000f81c)
    #48 <null> <null>:113253632 (fuzz_target_2:arm64+0x10001371c)
    #49 <null> <null>:113253632 (fuzz_target_2:arm64+0x100013508)
    #50 <null> <null>:113253632 (fuzz_target_2:arm64+0x10019ac60)
    #51 <null> <null>:113253632 (fuzz_target_2:arm64+0x10019af14)
    #52 <null> <null>:113253632 (fuzz_target_2:arm64+0x10019ad54)
    #53 <null> <null>:113253632 (fuzz_target_2:arm64+0x10019acc0)
    #54 <null> <null>:113253632 (fuzz_target_2:arm64+0x1009b4b94)
    #55 <null> <null>:113253632 (fuzz_target_2:arm64+0x1009b43d0)
    #56 <null> <null>:113253632 (fuzz_target_2:arm64+0x1009b59c0)
    #57 <null> <null>:113253632 (fuzz_target_2:arm64+0x1009b62a0)
    #58 <null> <null>:113253632 (fuzz_target_2:arm64+0x1009ccc74)
    #59 <null> <null>:113253632 (fuzz_target_2:arm64+0x1009d7328)
    #60 <null> <null> (0x000194da7f28)
    #61 <null> <null> (0x8672000000000000)

NOTE: libFuzzer has rudimentary signal handlers.
      Combine libFuzzer with AddressSanitizer or similar for better crash reports.
SUMMARY: libFuzzer: deadly signal
MS: 3 ChangeBit-CrossOver-InsertRepeatedBytes-; base unit: 0fc16150022a500b675745ecd9f5b7b89e18df10
0x78,0x38,0x38,0x10,0x0,0x0,0x0,0x20,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x38,0x38,0x38,0x38,0x38,0x38,0x38,0x38,0x38,0x38,0x38,0x38,0x38,0x38,0x38,0x38,0x38,0x38,0x38,0x38,0x38,0x38,0x38,0x38,0x38,0x0,0x0,0x3d,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x38,0x38,0x38,0x38,0x0,
x88\020\000\000\000 \000\000\000\000\000\000\0008888888888888888888888888\000\000=\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\000\000\000\000\000\000\000\0008888\000
artifact_prefix='/Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/artifacts/fuzz_target_2/'; Test unit written to /Users/tylervanderhoeven/Downloads/soroban-examples-0.9.2/fuzzing/fuzz/artifacts/fuzz_target_2/crash-83ac759c039c37f95eaa479c5a9c2fa30831d0ff
Base64: eDg4EAAAACAAAAAAAAAAODg4ODg4ODg4ODg4ODg4ODg4ODg4ODg4OAAAPQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA////////////////////////////////////////////////////////////////////////////////////////////////AAAAAAAAAAA4ODg4AA==

────────────────────────────────────────────────────────────────────────────────

Failing input:

	fuzz/artifacts/fuzz_target_2/crash-83ac759c039c37f95eaa479c5a9c2fa30831d0ff

Reproduce with:

	cargo fuzz run --sanitizer=thread fuzz_target_2 fuzz/artifacts/fuzz_target_2/crash-83ac759c039c37f95eaa479c5a9c2fa30831d0ff

Minimize test case with:

	cargo fuzz tmin --sanitizer=thread fuzz_target_2 fuzz/artifacts/fuzz_target_2/crash-83ac759c039c37f95eaa479c5a9c2fa30831d0ff

────────────────────────────────────────────────────────────────────────────────

Error: Fuzz target exited with exit status: 77

As I'm very new to fuzzing I don't know if this is the expected output but I'm doubtful.

[mootz12]

Confirming the error I shared with @brson earlier is now working:

error: unsupported relocation of variable 'L___unnamed_430'

error: could not compile `soroban-sdk` (lib) due to previous error

Using the following workaround:

cargo +nightly fuzz run fuzz_target_2 --sanitizer=thread

I'm running on an intel based mac, using the fuzz test here -> https://github.com/blend-capital/blend-contracts/blob/b-fuzz/test-suites/fuzz/fuzz_targets/fuzz_target_2.rs

I am also noticing a slowdown on my mac vs my linux machine without the sanitizer. This could be due to higher specs on the linux machine, but thought it was worth noting.

[graydon]

@tyvdh I think you're observing "a fuzzer finding a bug" (like it's trapping a signal and exiting -- probably an assert failure / panic). IOW I don't think it's the linking issue that @brson is pointing to here.

[brson]

As I'm very new to fuzzing I don't know if this is the expected output but I'm doubtful.

This does look correct to me, though ugly because the stack frame symbols haven't been resolved. The fuzzer requires the llvm-symbolizer program to be on the PATH environment variable in order to display the stack trace correctly. On my MacOS cloud image this was installed and on the path by default. It may be installed on your machine but just not available on the PATH.

[brson]

Also, both of the fuzzer examples are expected to find a bug - the example contains an intentional bug.

[brson]

I believe this is #1011 which is, coincidentally, the next thing on my list. We should coordinate :)

They are tantalizingly similar. I'll test the fuzzer on linux-aarch64 and see if I also get linker errors. It looks like all my development so far has been on linux-x86.

[graydon]

yeah this is .. hmm .. not certainly the same bug. I have an interesting datapoint from today re #1011 which is that it only happens when crossing from x64-linux host to aarch64-linux target. On a native aarch64-linux host (I rented a graviton machine for a bit) it does not occur. So that at least is something hinky with cross configs of the toolchain.

(Of course, I still do not know if this bug is actually #1011 or not. Feel free to investigate in parallel while I look into it! I will try to keep you appraised of anything I learn)