From b120ca27f86c332854687bb67c4c18d2e6b74ac9 Mon Sep 17 00:00:00 2001
From: van Hauser <vh@thc.org>
Date: Thu, 23 Apr 2020 12:20:58 +0200
Subject: add documentation for LTO fixed map address feature

---
 docs/Changelog.md     | 4 ++++
 docs/env_variables.md | 5 +++++
 2 files changed, 9 insertions(+)

(limited to 'docs')

diff --git a/docs/Changelog.md b/docs/Changelog.md
index 8f584393..ea669eed 100644
--- a/docs/Changelog.md
+++ b/docs/Changelog.md
@@ -17,6 +17,10 @@ sending a mail to <afl-users+subscribe@googlegroups.com>.
     - better dependency checks
   - unicorn_mode:
     - better submodule handling
+  - llvm_mode:
+     - if LLVM 11 is installed the posix shm_open+mmap is used and a fixed
+       address for the shared memory map is used as this increases the
+       fuzzing speed
   - all:
     - fix 32 bit build options
     - make clean now leaves qemu-3.1.1.tar.xz and the unicornafl directory
diff --git a/docs/env_variables.md b/docs/env_variables.md
index 21bf9fad..f6f14dd2 100644
--- a/docs/env_variables.md
+++ b/docs/env_variables.md
@@ -123,6 +123,11 @@ Then there are a few specific features that are only available in llvm_mode:
     These are used if several seperated instrumentation are performed which
     are then later combined.
 
+
+   - AFL_LLVM_MAP_ADDR sets the fixed map address to a different address than
+     the default 0x10000. A value of 0 or empty sets the map address to be
+     dynamic (the original afl way, which is slower)
+   - AFL_LLVM_MAP_DYNAMIC sets the shared memory address to be dynamic
    - AFL_LLVM_LTO_STARTID sets the starting location ID for the instrumentation.
      This defaults to 1
    - AFL_LLVM_LTO_DONTWRITEID prevents that the highest location ID written
-- 
cgit 1.4.1