diff --git a/core/config_sanitizers.mk b/core/config_sanitizers.mk
index d3adee5ae..ebce00bc3 100644
--- a/core/config_sanitizers.mk
+++ b/core/config_sanitizers.mk
@@ -235,12 +235,17 @@ ifneq ($(filter default-ub,$(my_sanitize)),)
   my_sanitize := $(CLANG_DEFAULT_UB_CHECKS)
 endif
 
-ifneq ($(filter coverage,$(my_sanitize)),)
-  ifeq ($(filter address,$(my_sanitize)),)
-    $(error $(LOCAL_PATH): $(LOCAL_MODULE): Use of 'coverage' also requires 'address')
-  endif
-  my_cflags += -fsanitize-coverage=trace-pc-guard,indirect-calls,trace-cmp
-  my_sanitize := $(filter-out coverage,$(my_sanitize))
+ifneq ($(filter fuzzer,$(my_sanitize)),)
+  # SANITIZE_TARGET='fuzzer' actually means to create the fuzzer coverage
+  # information, not to link against the fuzzer main().
+  my_sanitize := $(filter-out fuzzer,$(my_sanitize))
+  my_sanitize += fuzzer-no-link
+
+  # TODO(b/131771163): Disable LTO for fuzzer builds. Note that Cfi causes
+  # dependency on LTO.
+  my_sanitize := $(filter-out cfi,$(my_sanitize))
+  my_cflags += -fno-lto
+  my_ldflags += -fno-lto
 endif
 
 ifneq ($(filter integer_overflow,$(my_sanitize)),)
@@ -280,7 +285,12 @@ ifneq ($(my_sanitize),)
   my_cflags += -fsanitize=$(fsanitize_arg)
   my_asflags += -fsanitize=$(fsanitize_arg)
 
-  ifdef LOCAL_IS_HOST_MODULE
+  # When fuzzing, we wish to crash with diagnostics on any bug.
+  ifneq ($(filter fuzzer-no-link,$(my_sanitize)),)
+    my_cflags += -fno-sanitize-trap=all
+    my_cflags += -fno-sanitize-recover=all
+    my_ldflags += -fsanitize=fuzzer-no-link
+  else ifdef LOCAL_IS_HOST_MODULE
     my_cflags += -fno-sanitize-recover=all
     my_ldflags += -fsanitize=$(fsanitize_arg)
   else
@@ -378,7 +388,7 @@ ifeq ($(LOCAL_IS_HOST_MODULE)$(LOCAL_IS_AUX_MODULE),)
   ifneq ($(filter unsigned-integer-overflow signed-integer-overflow integer,$(my_sanitize)),)
     ifeq ($(filter unsigned-integer-overflow signed-integer-overflow integer,$(my_sanitize_diag)),)
       ifeq ($(filter cfi,$(my_sanitize_diag)),)
-        ifeq ($(filter address hwaddress,$(my_sanitize)),)
+        ifeq ($(filter address hwaddress fuzzer-no-link,$(my_sanitize)),)
           my_cflags += -fsanitize-minimal-runtime
           my_cflags += -fno-sanitize-trap=integer
           my_cflags += -fno-sanitize-recover=integer
diff --git a/core/fuzz_test.mk b/core/fuzz_test.mk
index 2cc2e2c6d..f5bdef014 100644
--- a/core/fuzz_test.mk
+++ b/core/fuzz_test.mk
@@ -15,8 +15,7 @@ else ifdef TARGET_FUZZ_ENGINE
     my_fuzzer:=$(TARGET_FUZZ_ENGINE)
 endif
 
-
-LOCAL_CFLAGS += -fsanitize-coverage=trace-pc-guard,indirect-calls,trace-cmp
+LOCAL_SANITIZE += fuzzer
 
 ifeq ($(my_fuzzer),libFuzzer)
 LOCAL_STATIC_LIBRARIES += libFuzzer
diff --git a/core/host_fuzz_test.mk b/core/host_fuzz_test.mk
index 556e02f20..54c6577fd 100644
--- a/core/host_fuzz_test.mk
+++ b/core/host_fuzz_test.mk
@@ -4,7 +4,7 @@
 ################################################
 $(call record-module-type,HOST_FUZZ_TEST)
 
-LOCAL_CFLAGS += -fsanitize-coverage=trace-pc-guard,indirect-calls,trace-cmp
+LOCAL_SANITIZE += fuzzer
 LOCAL_STATIC_LIBRARIES += libLLVMFuzzer
 
 include $(BUILD_HOST_EXECUTABLE)