diff options
| author | vanhauser-thc <vh@thc.org> | 2024-02-03 15:53:54 +0100 |
|---|---|---|
| committer | vanhauser-thc <vh@thc.org> | 2024-02-03 15:53:54 +0100 |
| commit | dc151caa1839162e470e003837e630db6d5d543e (patch) | |
| tree | b387a7e0958aedc2fa88404556740c5693f0083d /docs | |
| parent | e1d7f4af35b6ac1f654aa42744a9c2e1b7b6dbb7 (diff) | |
| download | afl++-dc151caa1839162e470e003837e630db6d5d543e.tar.gz | |
add lto caller instrumentation
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/Changelog.md | 5 | ||||
| -rw-r--r-- | docs/env_variables.md | 3 |
2 files changed, 8 insertions, 0 deletions
diff --git a/docs/Changelog.md b/docs/Changelog.md index 2f0fba33..e5169daf 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -7,6 +7,11 @@ - afl-fuzz: - the new deterministic fuzzing feature is now activated by default, deactivate with -z. Parameters -d and -D are ignored. + - afl-cc: + - added collision free caller instrumentation to LTO mode. activate with + `AFL_LLVM_LTO_CALLER=1`. You can set a max depth to go through single + block functions with `AFL_LLVM_LTO_CALLER_DEPTH` (default 0) + ### Version ++4.10c (release) - afl-fuzz: diff --git a/docs/env_variables.md b/docs/env_variables.md index a972b6da..1e4fc7ba 100644 --- a/docs/env_variables.md +++ b/docs/env_variables.md @@ -248,6 +248,9 @@ use (which only ever the author of this LTO implementation will use). These are used if several separated instrumentations are performed which are then later combined. + - `AFL_LLVM_LTO_CALLER` activates collision free CALLER instrumentation + - `AFL_LLVM_LTO_CALLER` sets the maximum mumber of single block functions + to dig deeper into a real function. Default 0. - `AFL_LLVM_DOCUMENT_IDS=file` will document to a file which edge ID was given to which function. This helps to identify functions with variable bytes or which functions were touched by an input. |