Build afl-tools with fuzzers.

third_party/afl/BUILD.gn

 # Copyright 2016 The Chromium Authors. All rights reserved.
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.
 
+group("afl") {
+  deps = [
+    ":afl-cmin",
+    ":afl-fuzz",
+    ":afl-showmap",
+    ":afl-tmin",
+    ":afl_docs",
+    ":afl_runtime",
+  ]
+}
+
 source_set("afl_runtime") {
   # AFL needs this flag to be built with -Werror. This is because it uses u8*
   # and char* types interchangeably in its source code. The AFL Makefiles use
   # this flag.
   cflags = [ "-Wno-pointer-sign" ]
 
   configs -= [
     # These functions should not be compiled with sanitizers since they
     # are used by the sanitizers.
     "//build/config/sanitizers:default_sanitizer_flags",
 
     # Every function in this library should have "default" visibility.
     # Thus we turn off flags which make visibility "hidden" for functions
     # that do not specify visibility.
     # The functions in this library will not conflict with others elsewhere
     # because they begin with a double underscore and/or are static.
     "//build/config/gcc:symbol_visibility_hidden",
   ]
 
   sources = [
     "src/llvm_mode/afl-llvm-rt.o.c",
   ]
 }
+
+afl_headers = [
+  "src/alloc-inl.h",
+  "src/config.h",
+  "src/debug.h",
+  "src/types.h",
+  "src/hash.h",
+]
+
+config("afl-tool") {
+  cflags = [
+    # Include flags from afl's Makefile.
+    "-O3",
+    "-funroll-loops",
+    "-D_FORTIFY_SOURCE=2",
+
+    # These flags are necessary to build with -Werror.
+    "-Wno-sign-compare",
+    "-Wno-pointer-sign",
+
+    # TODO: Patch afl so the version is defined in source code and not the
+    # Makefile.
+    "-DVERSION=\"2.14b\"",
+
+    # afl_docs copies docs/ to this location.
+    "-DDOC_PATH=\"$root_build_dir/afl/docs/\"",
+
+    # This flag is needed for compilation but is only used for QEMU mode which
+    # we do not use. Therefore its value is unimportant.
+    "-DBIN_PATH=\"$root_build_dir\"",
+  ]
+}
+
+copy("afl-cmin") {
+  # afl-cmin is a bash script used to minimize the corpus, therefore we can just
+  # copy it over.
+  sources = [
+    "src/afl-cmin",
+  ]
+  outputs = [
+    "$root_build_dir/{{source_file_part}}",
+  ]
+  deps = [
+    ":afl-showmap",
+  ]
+}
+
+copy("afl_docs") {
+  # Copy the docs folder. This is so that we can use a real value for for
+  # -DDOC_PATH when compiling.
+  sources = [
+    "src/docs",
+  ]
+  outputs = [
+    "$root_build_dir/afl/{{source_file_part}}",
+  ]
+}
+
+executable("afl-fuzz") {
+  # Used to fuzz programs.
+  configs -= [ "//build/config/sanitizers:default_sanitizer_flags" ]
+  configs += [ ":afl-tool" ]
+
+  sources = [
+    "src/afl-fuzz.c",
+  ]
+  sources += afl_headers
+}
+
+executable("afl-tmin") {
+  configs -= [ "//build/config/sanitizers:default_sanitizer_flags" ]
+  configs += [ ":afl-tool" ]
+
+  sources = [
+    "src/afl-tmin.c",
+  ]
+  sources += afl_headers
+}
+
+executable("afl-showmap") {
+  configs -= [ "//build/config/sanitizers:default_sanitizer_flags" ]
+  configs += [ ":afl-tool" ]
+
+  sources = [
+    "src/afl-showmap.c",
+  ]
+  sources += afl_headers
+}