Bug 2297764 - american-fuzzy-lop-clang needs to call the version of Clang it got compiled with. Also rebuild for GCC 14.1.1.
Summary: american-fuzzy-lop-clang needs to call the version of Clang it got compiled w...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: american-fuzzy-lop
Version: 40
Hardware: x86_64
OS: Linux
unspecified
high
Target Milestone: ---
Assignee: Richard W.M. Jones
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2024-07-14 21:29 UTC by Török Edwin
Modified: 2024-08-21 22:24 UTC (History)
4 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2024-08-21 09:24:42 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)

Description Török Edwin 2024-07-14 21:29:24 UTC 
Description of problem:

This all works fine on Fedora 39, and is completely broken on Fedora 40.
The only tool that works in 'american-fuzzy-lop-clang' is afl-clang (which prints a warning that outdated instrumentation is used.

strace shows that afl-clang-fast loads Clang 18 / LLVM 18 libs. AFAICT from koji it got built with LLVM 17 though.
The package already has a dependency on 'clang(major)=17', but that is not enough, it must also call the versioned 'clang-17', not the unversioned 'clang' (which in this case is 18 already).

Putting a symlink for `clang -> clang-17` in $PATH doesn't work, apparently it has the binary path hardcoded.

The GCC plugin also needs a rebuild because a new minor version of GCC got released, and it is incompatible with it.

Version-Release number of selected component (if applicable):
Name        : american-fuzzy-lop-clang
Version     : 4.10c
Release     : 1.fc40
Architecture: x86_64

How reproducible:
100%

Steps to Reproduce:
1.echo -e 'int main(void) { return 0; }' >x.c
2.afl-clang-fast x.c
3.afl-gcc-fast x.c

Actual results:
$ echo -e 'int main(void) { return 0; }' >x.c
$ afl-clang-fast x.c
afl-cc++4.10c by Michal Zalewski, Laszlo Szekeres, Marc Heuse - mode: LLVM-PCGUARD
error: unable to load plugin '/usr/lib64/afl/SanitizerCoveragePCGUARD.so': 'Could not load library '/usr/lib64/afl/SanitizerCoveragePCGUARD.so': /usr/lib64/afl/SanitizerCoveragePCGUARD.so: undefined symbol: _ZN4llvm24PrepareToSplitEntryBlockERNS_10BasicBlockENS_14ilist_iteratorINS_12ilist_detail12node_optionsINS_11InstructionELb0ELb0EvEELb0ELb0EEE'
1 error generated.
$  afl-gcc-fast x.c
afl-cc++4.10c by Michal Zalewski, Laszlo Szekeres, Marc Heuse - mode: GCC_PLUGIN-DEFAULT

[-] PROGRAM ABORT : GCC and plugin have incompatible versions, expected GCC 14.0.1, is 14.1.1
         Location : plugin_init(), instrumentation/afl-gcc-pass.so.cc:482

Expected results:
$ afl-clang-fast x.c
afl-cc++4.08c by Michal Zalewski, Laszlo Szekeres, Marc Heuse - mode: LLVM-PCGUARD
SanitizerCoveragePCGUARD++4.08c
[+] Instrumented 1 locations with no collisions (non-hardened mode) of which are 0 handled and 0 unhandled selects.

Additional info:

$ clang --version      
clang version 18.1.6 (Fedora 18.1.6-3.fc40)
Target: x86_64-redhat-linux-gnu
Thread model: posix
InstalledDir: /usr/bin
Configuration file: /etc/clang/x86_64-redhat-linux-gnu-clang.cfg

$ clang-17 --version
clang version 17.0.6 (Fedora 17.0.6-7.fc40)
Target: x86_64-redhat-linux-gnu
Thread model: posix
InstalledDir: /usr/bin

$ gcc --version
gcc (GCC) 14.1.1 20240701 (Red Hat 14.1.1-7)
Copyright (C) 2024 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

$ strace -e openat afl-clang-fast -c x.c 2>&1|grep -i llvm
openat(AT_FDCWD, "/lib64/libLLVM.so.18.1", O_RDONLY|O_CLOEXEC) = 3
error: unable to load plugin '/usr/lib64/afl/SanitizerCoveragePCGUARD.so': 'Could not load library '/usr/lib64/afl/SanitizerCoveragePCGUARD.so': /usr/lib64/afl/SanitizerCoveragePCGUARD.so: undefined symbol: _ZN4llvm24PrepareToSplitEntryBlockERNS_10BasicBlockENS_14ilist_iteratorINS_12ilist_detail12node_optionsINS_11InstructionELb0ELb0EvEELb0ELb0EEE'

$ strace -e openat afl-clang-fast -c x.c 2>&1|grep -i clang
openat(AT_FDCWD, "/lib64/libclang-cpp.so.18.1", O_RDONLY|O_CLOEXEC) = 3
Comment 1 Richard W.M. Jones 2024-07-15 09:19:54 UTC 
I think it'd be better to suggest changes to the spec file to make this happen.
Comment 2 Richard W.M. Jones 2024-08-20 15:18:36 UTC 
Please try these versions to see if they fix the issue:

Rawhide: https://koji.fedoraproject.org/koji/taskinfo?taskID=122216763
F41:     https://koji.fedoraproject.org/koji/taskinfo?taskID=122216807
F40:     https://koji.fedoraproject.org/koji/taskinfo?taskID=122217013
Comment 3 Alyssa Coghlan 2024-08-21 08:20:48 UTC 
Not the OP, but found this issue after encountering the same problem.

I have downloaded the F40 RPMs from the linked Koji build and confirmed that they solve the plugin compatibility issue.

(No access to Rawhide or F41 to test those, but I think F40 is the key concern for this report)
Comment 4 Richard W.M. Jones 2024-08-21 09:24:42 UTC 
Thanks for testing!  I'll close this, if the problem reoccurs then you can reopen it.
Comment 5 Török Edwin 2024-08-21 22:24:18 UTC 
Thanks, I've tested these too now on Fedora40, and appears to work.
Note You need to log in before you can comment on or make changes to this bug.