improved documentation

docs/QuickStartGuide.txt

@@ -42,6 +42,9 @@ how to hit the ground running:
 6) Investigate anything shown in red in the fuzzer UI by promptly consulting
    docs/status_screen.txt.
 
+7) compile and use llvm_mode (afl-clang-fast/afl-clang-fast++) as it is way
+   faster and has a few cool features
+
 That's it. Sit back, relax, and - time permitting - try to skim through the
 following files:
 

docs/README

@@ -110,6 +110,11 @@ superior to blind fuzzing or coverage-only tools.
 3) Instrumenting programs for use with AFL
 ------------------------------------------
 
+PLEASE NOTE: llvm_mode compilation with afl-clang-fast/afl-clang-fast++
+instead of afl-gcc/afl-g++ is much faster and has a few cool features.
+See llvm_mode/ - however few code does not compile with llvm.
+We support llvm versions 4.0 to 8.
+
 When source code is available, instrumentation can be injected by a companion
 tool that works as a drop-in replacement for gcc or clang in any standard build
 process for third-party code.
@@ -129,10 +134,11 @@ For C++ programs, you'd would also want to set CXX=/path/to/afl/afl-g++.
 The clang wrappers (afl-clang and afl-clang++) can be used in the same way;
 clang users may also opt to leverage a higher-performance instrumentation mode,
 as described in llvm_mode/README.llvm.
-Clang/LLVM has a much better performance, but only works with LLVM up to and
-including 6.0.1.
+Clang/LLVM has a much better performance and works from LLVM version 4.0 to 8.
 Using the LAF Intel performance enhancements are also recommended, see 
-docs/README.laf-intel
+llvm_mode/README.laf-intel
+Using partial instrumentation is also recommended, see
+llvm_mode/README.whitelist
 
 When testing libraries, you need to find or write a simple program that reads
 data from stdin or from a file and passes it to the tested library. In such a
@@ -148,8 +154,8 @@ automatically enable code hardening options that make it easier to detect
 simple memory bugs. Libdislocator, a helper library included with AFL (see
 libdislocator/README.dislocator) can help uncover heap corruption issues, too.
 
-PS. ASAN users are advised to review notes_for_asan.txt file for important
-caveats.
+PS. ASAN users are advised to docs/review notes_for_asan.txt file for
+important caveats.
 
 
 4) Instrumenting binary-only apps

docs/perf_tips.txt

@@ -64,6 +64,14 @@ that can offer huge benefits for programs with high startup overhead. Both
 modes require you to edit the source code of the fuzzed program, but the
 changes often amount to just strategically placing a single line or two.
 
+If there are important data comparisons performed (e.g. strcmp(ptr, MAGIC_HDR)
+then using laf-intel (see llvm_mode/README.laf-intel) will help afl-fuzz a lot
+to get to the important parts in the code.
+
+If you are only intested in specific parts of the code being fuzzed, you can
+whitelist the files that are actually relevant. This improves the speed and
+accuracy of afl. See llvm_mode/README.whitelist
+
 4) Profile and optimize the binary
 ----------------------------------