diff options
Diffstat (limited to 'instrumentation')
| -rw-r--r-- | instrumentation/README.instrument_list.md | 6 | ||||
| -rw-r--r-- | instrumentation/README.laf-intel.md | 2 | ||||
| -rw-r--r-- | instrumentation/README.lto.md | 2 | ||||
| -rw-r--r-- | instrumentation/README.out_of_line.md | 2 | ||||
| -rw-r--r-- | instrumentation/README.persistent_mode.md | 2 |
5 files changed, 7 insertions, 7 deletions
diff --git a/instrumentation/README.instrument_list.md b/instrumentation/README.instrument_list.md index 2116d24c..7db9c055 100644 --- a/instrumentation/README.instrument_list.md +++ b/instrumentation/README.instrument_list.md @@ -1,4 +1,4 @@ -# Using afl++ with partial instrumentation +# Using AFL++ with partial instrumentation This file describes two different mechanisms to selectively instrument only specific parts in the target. @@ -13,7 +13,7 @@ the program, leaving the rest uninstrumented. This helps to focus the fuzzer on the important parts of the program, avoiding undesired noise and disturbance by uninteresting code being exercised. -For this purpose, "partial instrumentation" support is provided by afl++ that +For this purpose, "partial instrumentation" support is provided by AFL++ that allows to specify what should be instrumented and what not. Both mechanisms can be used together. @@ -100,7 +100,7 @@ exists somewhere else in the project directories. You can also specify function names. Note that for C++ the function names must be mangled to match! `nm` can print these names. -afl++ is able to identify whether an entry is a filename or a function. +AFL++ is able to identify whether an entry is a filename or a function. However if you want to be sure (and compliant to the sancov allow/blocklist format), you can specify source file entries like this: ``` diff --git a/instrumentation/README.laf-intel.md b/instrumentation/README.laf-intel.md index c50a6979..229807e8 100644 --- a/instrumentation/README.laf-intel.md +++ b/instrumentation/README.laf-intel.md @@ -7,7 +7,7 @@ His blog [Circumventing Fuzzing Roadblocks with Compiler Transformations] (https://lafintel.wordpress.com/) and gitlab repo [laf-llvm-pass] (https://gitlab.com/laf-intel/laf-llvm-pass/) describe some code transformations that -help afl++ to enter conditional blocks, where conditions consist of +help AFL++ to enter conditional blocks, where conditions consist of comparisons of large values. ## Usage diff --git a/instrumentation/README.lto.md b/instrumentation/README.lto.md index 39f6465a..626bc9cb 100644 --- a/instrumentation/README.lto.md +++ b/instrumentation/README.lto.md @@ -19,7 +19,7 @@ This version requires a current llvm 11+ compiled from the github master. ## Introduction and problem description -A big issue with how afl/afl++ works is that the basic block IDs that are +A big issue with how AFL/AFL++ works is that the basic block IDs that are set during compilation are random - and hence naturally the larger the number of instrumented locations, the higher the number of edge collisions are in the map. This can result in not discovering new paths and therefore degrade the diff --git a/instrumentation/README.out_of_line.md b/instrumentation/README.out_of_line.md index 2264f91f..346fe98d 100644 --- a/instrumentation/README.out_of_line.md +++ b/instrumentation/README.out_of_line.md @@ -1,4 +1,4 @@ -## Using afl++ without inlined instrumentation +## Using AFL++ without inlined instrumentation This file describes how you can disable inlining of instrumentation. diff --git a/instrumentation/README.persistent_mode.md b/instrumentation/README.persistent_mode.md index 26c7aa8f..0517886b 100644 --- a/instrumentation/README.persistent_mode.md +++ b/instrumentation/README.persistent_mode.md @@ -2,7 +2,7 @@ ## 1) Introduction -In persistent mode, afl++ fuzzes a target multiple times +In persistent mode, AFL++ fuzzes a target multiple times in a single process, instead of forking a new process for each fuzz execution. This is the most effective way to fuzz, as the speed can easily be x10 or x20 times faster without any disadvanges. |