Merge pull request #336 from AFLplusplus/dev

pull again ...

2 files changed, 13 insertions, 0 deletions

diff --git a/docs/Changelog.md b/docs/Changelog.md
index 8f584393..71de0984 100644
--- a/docs/Changelog.md
+++ b/docs/Changelog.md
@@ -10,6 +10,14 @@ sending a mail to <afl-users+subscribe@googlegroups.com>.
 
 
 ### Version ++2.64d (develop):
+  - afl-fuzz:
+     - AFL_MAP_SIZE was not working correctly
+     - better python detection
+  - llvm_mode:
+     - if LLVM 11 is installed the posix shm_open+mmap is used and a fixed
+       address for the shared memory map is used as this increases the
+       fuzzing speed
+     - fixes to LTO mode if instrumented edges > MAP_SIZE
   - qemu_mode:
     - add information on PIE/PIC load addresses for 32 bit
     - better dependency checks
@@ -18,6 +26,7 @@ sending a mail to <afl-users+subscribe@googlegroups.com>.
   - unicorn_mode:
     - better submodule handling
   - all:
+    - forkserver communication now also used for error reporting
     - fix 32 bit build options
     - make clean now leaves qemu-3.1.1.tar.xz and the unicornafl directory
       intact if in a git/svn checkout - unless "deepclean" is used
diff --git a/docs/env_variables.md b/docs/env_variables.md
index 21bf9fad..41c8f12a 100644
--- a/docs/env_variables.md
+++ b/docs/env_variables.md
@@ -123,6 +123,10 @@ Then there are a few specific features that are only available in llvm_mode:
     These are used if several seperated instrumentation are performed which
     are then later combined.
 
+   - AFL_LLVM_MAP_ADDR sets the fixed map address to a different address than
+     the default 0x10000. A value of 0 or empty sets the map address to be
+     dynamic (the original afl way, which is slower)
+   - AFL_LLVM_MAP_DYNAMIC sets the shared memory address to be dynamic
    - AFL_LLVM_LTO_STARTID sets the starting location ID for the instrumentation.
      This defaults to 1
    - AFL_LLVM_LTO_DONTWRITEID prevents that the highest location ID written