diff options
| author | llzmb <46303940+llzmb@users.noreply.github.com> | 2021-11-25 16:47:49 +0100 |
|---|---|---|
| committer | llzmb <46303940+llzmb@users.noreply.github.com> | 2021-11-25 16:47:49 +0100 |
| commit | e0c8a5c0c6ae67af3280c0ead8124a2ffe920241 (patch) | |
| tree | d102ffa53f6dbf8341165a34155b818cf00c8c72 /instrumentation/README.llvm.md | |
| parent | 4f1310db5171ed52660d664551005f305f22a29d (diff) | |
| download | afl++-e0c8a5c0c6ae67af3280c0ead8124a2ffe920241.tar.gz | |
Change "AFL" to "AFL++" in "README.llvm.md", fix references
Diffstat (limited to 'instrumentation/README.llvm.md')
| -rw-r--r-- | instrumentation/README.llvm.md | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/instrumentation/README.llvm.md b/instrumentation/README.llvm.md index 1671f385..88ea0127 100644 --- a/instrumentation/README.llvm.md +++ b/instrumentation/README.llvm.md @@ -9,8 +9,8 @@ For the GCC-based instrumentation, see ! llvm_mode works with llvm versions 3.8 up to 13 ! -The code in this directory allows you to instrument programs for AFL using true -compiler-level instrumentation, instead of the more crude assembly-level +The code in this directory allows you to instrument programs for AFL++ using +true compiler-level instrumentation, instead of the more crude assembly-level rewriting approach taken by afl-gcc and afl-clang. This has several interesting properties: @@ -134,11 +134,11 @@ Then there are different ways of instrumenting the target: 2a. N-GRAM coverage - which combines the previous visited edges with the current one. This explodes the map but on the other hand has proven to be effective for fuzzing. See - [7) AFL N-Gram Branch Coverage](#7-afl-n-gram-branch-coverage). + [7) AFL++ N-Gram Branch Coverage](#7-afl-n-gram-branch-coverage). 2b. Context sensitive coverage - which combines the visited edges with an individual caller ID (the function that called the current one). See - [6) AFL Context Sensitive Branch Coverage](#6-afl-context-sensitive-branch-coverage). + [6) AFL++ Context Sensitive Branch Coverage](#6-afl-context-sensitive-branch-coverage). Then - additionally to one of the instrumentation options above - there is a very effective new instrumentation option called CmpLog as an alternative to @@ -166,7 +166,7 @@ Just specify `AFL_LLVM_DICT2FILE=/absolute/path/file.txt` and during compilation all constant string compare parameters will be written to this file to be used with afl-fuzz' `-x` option. -## 6) AFL Context Sensitive Branch Coverage +## 6) AFL++ Context Sensitive Branch Coverage ### What is this? @@ -206,7 +206,7 @@ previous_location_ID >> 1 ^ previous_callee_ID] += 1` Set the `AFL_LLVM_INSTRUMENT=CALLER` or `AFL_LLVM_CALLER=1` environment variable. -## 7) AFL N-Gram Branch Coverage +## 7) AFL++ N-Gram Branch Coverage ### Source |