1afl-cc(8)                   System Manager's Manual                  afl-cc(8)
2
3
4

NAME

6       afl-cc  - afl-cc++4.08c by Michal Zalewski, Laszlo Szekeres, Marc Heuse
7       afl-cc
8
9

SYNOPSIS

11       afl-cc/afl-c++ [options]
12
13

OPTIONS

15       This is a helper application for afl-fuzz. It serves as a drop-in replacement
16       for gcc and clang, letting you recompile third-party code with the required
17       runtime instrumentation. A common use pattern would be one of the following:
18
19         CC=afl-cc CXX=afl-c++ ./configure --disable-shared
20         cmake -DCMAKE_C_COMPILERC=afl-cc -DCMAKE_CXX_COMPILER=afl-c++ .
21         CC=afl-cc CXX=afl-c++ meson
22
23                                              |------------- FEATURES -------------|
24       MODES:                                  NCC PERSIST DICT   LAF CMPLOG SELECT
25         [LLVM] LLVM:             unavailable!
26             PCGUARD              unavailable!      yes yes     module yes yes    yes
27             CLASSIC                    no  yes     module yes yes    yes
28               - NORMAL
29               - CALLER
30               - CTX
31               - NGRAM-{2-16}
32         [LTO] LLVM LTO:          DEFAULT
33             PCGUARD              DEFAULT      yes yes     yes    yes yes    yes
34             CLASSIC                           yes yes     yes    yes yes    yes
35         [GCC_PLUGIN] gcc plugin: unavailable!
36             CLASSIC              DEFAULT      no  yes     no     no  no     yes
37         [GCC/CLANG] simple gcc/clang: AVAILABLE [SELECTED]
38             CLASSIC              DEFAULT      no  no      no     no  no     no
39
40       Modes:
41         To select the compiler mode use a symlink version (e.g. afl-clang-fast), set
42         the environment variable AFL_CC_COMPILER to a mode (e.g. LLVM) or use the
43         command line parameter --afl-MODE (e.g. --afl-llvm). If none is selected,
44         afl-cc will select the best available (LLVM -> GCC_PLUGIN -> GCC).
45         The best is LTO but it often needs RANLIB and AR settings outside of afl-cc.
46
47       Sub-Modes: (set via env AFL_LLVM_INSTRUMENT, afl-cc selects the best available)
48         PCGUARD: Dominator tree instrumentation (best!) (README.llvm.md)
49         LLVM-NATIVE:  use llvm's native PCGUARD instrumentation (less performant)
50         CLASSIC: decision target instrumentation (README.llvm.md)
51         CALLER:  CLASSIC + single callee context (instrumentation/README.ctx.md)
52         CTX:     CLASSIC + full callee context (instrumentation/README.ctx.md)
53         NGRAM-x: CLASSIC + previous path ((instrumentation/README.ngram.md)
54
55       Features: (see documentation links)
56         NCC:    non-colliding coverage [automatic] (that is an amazing thing!)
57                 (instrumentation/README.lto.md)
58         PERSIST: persistent mode support [code] (huge speed increase!)
59                 (instrumentation/README.persistent_mode.md)
60         DICT:   dictionary in the target [yes=automatic or LLVM module pass]
61                 (instrumentation/README.lto.md + instrumentation/README.llvm.md)
62         LAF:    comparison splitting [env] (instrumentation/README.laf-intel.md)
63         CMPLOG: input2state exploration [env] (instrumentation/README.cmplog.md)
64         SELECT: selective instrumentation (allow/deny) on filename or function [env]
65                 (instrumentation/README.instrument_list.md)
66
67       To see all environment variables for the configuration of afl-cc use "-hh".
68
69       For any information on the available instrumentations and options please
70       consult the README.md, especially section 3.1 about instrumenting targets.
71
72       Compiled with shmat support.
73
74       Do not be overwhelmed :) afl-cc uses good defaults if no options are selected.
75       Read the documentation for FEATURES though, all are good but few are defaults.
76       Recommended is afl-clang-lto with AFL_LLVM_CMPLOG or afl-clang-fast with
77       AFL_LLVM_CMPLOG and AFL_LLVM_DICT2FILE+AFL_LLVM_DICT2FILE_NO_MAIN.
78
79
80

AUTHOR

82       AFL++ was written by Michal "lcamtuf" Zalewski  and  is  maintained  by
83       Marc    "van    Hauser"    Heuse    <mh@mh-sec.de>,    Dominik    Maier
84       <domenukk@gmail.com>, Andrea  Fioraldi  <andreafioraldi@gmail.com>  and
85       Heiko  "hexcoder-" Eissfeldt <heiko.eissfeldt@hexco.de> The homepage of
86       AFL++ is: https://github.com/AFLplusplus/AFLplusplus
87
88

LICENSE

90       Apache License Version 2.0, January 2004
91
92
93
94AFL++                             2023-08-29                         afl-cc(8)
Impressum