From 95a98fb3e805d94a3db82d5da21e9a00a79dbdf2 Mon Sep 17 00:00:00 2001
From: Andrea Fioraldi <andreafioraldi@gmail.com>
Date: Thu, 30 Jan 2020 22:40:09 +0100
Subject: cmplog runtime for LLVM

---
 llvm_mode/README.cmplog.md | 42 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)
 create mode 100644 llvm_mode/README.cmplog.md

(limited to 'llvm_mode/README.cmplog.md')

diff --git a/llvm_mode/README.cmplog.md b/llvm_mode/README.cmplog.md
new file mode 100644
index 00000000..a0e838ad
--- /dev/null
+++ b/llvm_mode/README.cmplog.md
@@ -0,0 +1,42 @@
+# CmpLog instrumentation
+
+The CmpLog instrumentation enables the logging of the comparisons operands in a
+shared memory.
+
+These values can be used by variuous mutator built on top of it.
+At the moment we support the RedQueen mutator (input-2-state instructions only).
+
+## Build
+
+Tou use CmpLog, you have to build two versions of the instrumented target
+program.
+
+The first, using the regular AFL++ instrumentation.
+
+The second, the CmpLog binary, setting AFL_LLVM_CMPLOG during the compilation.
+
+For example:
+
+```
+./configure --cc=~/path/to/afl-clang-fast
+make
+cp ./program ./program.afl
+make clean
+export AFL_LLVM_CMPLOG=1
+./configure --cc=~/path/to/afl-clang-fast
+make
+cp ./program ./program.cmplog
+```
+
+## Use
+
+AFL++ have the -c option that can be used to specify a CmpLog binary (the second
+built).
+
+For example:
+
+```
+afl-fuzz -i input -o output -c ./program.cmplog -m none -- ./program.afl @@
+```
+
+Be careful to use -m none because CmpLog maps a lot of pages.
-- 
cgit 1.4.1