diff options
| author | Andrea Fioraldi <andreafioraldi@gmail.com> | 2020-01-30 22:58:45 +0100 | 
|---|---|---|
| committer | Andrea Fioraldi <andreafioraldi@gmail.com> | 2020-01-30 22:58:45 +0100 | 
| commit | 1e8ea984d7b69140d1da79303bddd271557780b7 (patch) | |
| tree | bbf4c73afc67b8a4c71ec76dd9695692d9397120 /llvm_mode | |
| parent | 19ebdf31b999223e4965f701077f9af9d550e386 (diff) | |
| download | afl++-1e8ea984d7b69140d1da79303bddd271557780b7.tar.gz | |
moar llvm readme
Diffstat (limited to 'llvm_mode')
| -rw-r--r-- | llvm_mode/README.md | 16 | 
1 files changed, 10 insertions, 6 deletions
| diff --git a/llvm_mode/README.md b/llvm_mode/README.md index 54788aba..bfb2a670 100644 --- a/llvm_mode/README.md +++ b/llvm_mode/README.md @@ -1,7 +1,7 @@ # Fast LLVM-based instrumentation for afl-fuzz - (See ../docs/README for the general instruction manual.) - (See ../gcc_plugin/README.gcc for the GCC-based instrumentation.) + (See [../docs/README](../docs/README) for the general instruction manual.) + (See [../gcc_plugin/README.gcc](../gcc_plugin/README.gcc) for the GCC-based instrumentation.) ## 1) Introduction @@ -87,22 +87,26 @@ Several options are present to make llvm_mode faster or help it rearrange the code to make afl-fuzz path discovery easier. If you need just to instrument specific parts of the code, you can whitelist -which C/C++ files to actually instrument. See README.whitelist +which C/C++ files to actually instrument. See [README.whitelist](README.whitelist) -For splitting memcmp, strncmp, etc. please see README.laf-intel +For splitting memcmp, strncmp, etc. please see [README.laf-intel](README.laf-intel) Then there is an optimized instrumentation strategy that uses CFGs and markers to just instrument what is needed. This increases speed by 20-25% however has a lower path discovery. If you want to use this, set AFL_LLVM_INSTRIM=1 -See README.instrim +See [README.instrim](README.instrim) + +A new instrumentation called CmpLog is also available as an alternative to +laf-intel that allow AFL++ to apply mutations similar to Redqueen. +See [README.cmplog](README.cmplog) Finally if your llvm version is 8 or lower, you can activate a mode that prevents that a counter overflow result in a 0 value. This is good for path discovery, but the llvm implementation for x86 for this functionality is not optimal and was only fixed in llvm 9. You can set this with AFL_LLVM_NOT_ZERO=1 -See README.neverzero +See [README.neverzero](README.neverzero) ## 4) Gotchas, feedback, bugs | 
