README.lto.md - OpenGrok cross reference for /aosp_15_r20/external/AFLplusplus/instrumentation/README.lto.md

Lines Matching +full:clang +full:- +full:12
1 # afl-clang-lto - collision free instrumentation at link time
5 This version requires a LLVM 12 or newer.
7 1. Use afl-clang-lto/afl-clang-lto++ because the resulting binaries run
13 3. It only works with LLVM 12 or newer.
17 5. If any problems arise, be sure to set `AR=llvm-ar RANLIB=llvm-ranlib AS=llvm-as`.
18    Some targets might need `LD=afl-clang-lto` and others `LD=afl-ld-lto`.
23 set during compilation are random - and hence naturally the larger the number
31 the real collisions are between 750-18.000!
37 * We instrument at link time when we have all files pre-compiled.
39 * Our compiler (afl-clang-lto/afl-clang-lto++) takes care of setting the correct
40   LTO options and runs our own afl-ld linker instead of the system linker.
42   have non-colliding edge coverage.
43 * We use a new (for afl) edge coverage - which is the same as in llvm
44   -fsanitize=coverage edge coverage mode. :)
48 * 10-25% speed gain compared to llvm_mode
49 * guaranteed non-colliding edge coverage 
56 …: link: afl-clang-lto -g -O2 -Wall -W -o thumbnail thumbnail.o  ../libtiff/.libs/libtiff.a ../port…
57 afl-clang-lto++2.63d by Marc "vanHauser" Heuse <mh@mh-sec.de> in mode LTO
58 afl-llvm-lto++2.63d by Marc "vanHauser" Heuse <mh@mh-sec.de>
60 … with no collisions (on average 1046 collisions would be in afl-gcc/afl-clang-fast) (non-hardened …
63 ## Getting LLVM 12+
76 LLVM 12 to 18 should be available in all current Linux repositories.
78 ## How to build afl-clang-lto
81 Just set `LLVM_CONFIG` to the llvm-config-VERSION and build AFL++, e.g. for
86 export LLVM_CONFIG=llvm-config-15
91 ## How to use afl-clang-lto
93 Just use afl-clang-lto like you did with afl-clang-fast or afl-gcc.
95 Also, the instrument file listing (AFL_LLVM_ALLOWLIST/AFL_LLVM_DENYLIST ->
96 [README.instrument_list.md](README.instrument_list.md)) and laf-intel/compcov
97 (AFL_LLVM_LAF_* -> [README.laf-intel.md](README.laf-intel.md)) work.
99 Example (note that you might need to add the version, e.g. `llvm-ar-15`:
102 CC=afl-clang-lto CXX=afl-clang-lto++ RANLIB=llvm-ranlib AR=llvm-ar AS=llvm-as ./configure
106 NOTE: some targets also need to set the linker, try both `afl-clang-lto` and
107 `afl-ld-lto` for `LD=` before `configure`.
112 afl-clang-lto instead of shared libraries!
114 To make instrumented shared libraries work with afl-clang-lto, you have to do
122 be `AFL_LLVM_LTO_STARTID=0` and afl-clang-lto will then report how many edges
132 This is quite some hands-on work, so better stay away from instrumenting shared
133 libraries. :-)
139 afl-fuzz on start. This improves coverage statistically by 5-10%. :)
142 then just set the environment variable `AFL_NO_AUTODICT` when starting afl-fuzz.
176 2. Running configure with --cc=clang fails and various other items will fail
180     ./configure --enable-lto --disable-shared --disable-inline-asm
183 3. Now the configuration is done - and we edit the settings in
184    `./ffbuild/config.mak` (-: the original line, +: what to change it into):
187     -CC=gcc
188     +CC=afl-clang-lto
189     -CXX=g++
190     +CXX=afl-clang-lto++
191     -AS=gcc
192     +AS=llvm-as
193     -LD=gcc
194     +LD=afl-clang-lto++
195     -DEPCC=gcc
196     +DEPCC=afl-clang-lto
197     -DEPAS=gcc
198     +DEPAS=afl-clang-lto++
199     -AR=ar
200     +AR=llvm-ar
201     -AR_CMD=ar
202     +AR_CMD=llvm-ar
203     -NM_CMD=nm -g
204     +NM_CMD=llvm-nm -g
205     -RANLIB=ranlib -D
206     +RANLIB=llvm-ranlib -D
225     mkdir -p WebKitBuild/Release
227     ln -s ../../../../../usr/bin/llvm-ar-12 llvm-ar-12
228     ln -s ../../../../../usr/bin/llvm-ranlib-12 llvm-ranlib-12
235 …-jsc --jsc-only --cli --cmakeargs="-DCMAKE_AR='llvm-ar-12' -DCMAKE_RANLIB='llvm-ranlib-12' -DCMAKE…
249 clang LTO files. The solution is simple: when you `./configure`, you also have
250 to set `RANLIB=llvm-ranlib` and `AR=llvm-ar`.
255 AR=llvm-ar RANLIB=llvm-ranlib CC=afl-clang-lto CXX=afl-clang-lto++ ./configure --disable-shared
260 and need the parameters set via `./configure --cc=... --cxx= --ranlib= ...` etc.
269 Then try setting `llvm-as` for configure:
272 AS=llvm-as  ...
277 afl-clang-lto is still work in progress.
280 * Anything that LLVM 12+ cannot compile, afl-clang-lto cannot compile either -
282 * Anything that does not compile with LTO, afl-clang-lto cannot compile either -
285 Hence, if building a target with afl-clang-lto fails, try to build it with
286 LLVM 12 and LTO enabled (`CC=clang-12`, `CXX=clang++-12`, `CFLAGS=-flto=full`,
287 and `CXXFLAGS=-flto=full`).
289 If this succeeds, then there is an issue with afl-clang-lto. Please report at
292 Even some targets where clang-12 fails can be built if the fail is just in
297 This was originally envisioned by hexcoder- in Summer 2019. However, we saw no
298 way to create a pass that is run at link time - although there is a option for
299 this in the PassManager: EP_FullLinkTimeOptimizationLast. ("Fun" info - nobody
309 dependencies. A lot of strategies were implemented - and failed. And then sat
311 dead-end too.
315 some trials and errors to implement this vanhauser-thc found out that there is
316 actually an LLVM function for this: SplitEdge() :-)
322 This is all now fixed with LLVM 12+. The llvm's own linker is now able to load