Change the word "env var" to "environment variable"

docs/env_variables.md

@@ -564,7 +564,7 @@ The QEMU wrapper used to instrument binary-only code supports several settings:
     general purpose registers and restore them in each persistent cycle.
 
   - Another modality to execute the persistent loop is to specify also the
-    `AFL_QEMU_PERSISTENT_RET=end addr` env variable. With this variable
+    `AFL_QEMU_PERSISTENT_RET=end addr` environment variable. With this variable
     assigned, instead of patching the return address, the specified instruction
     is transformed to a jump towards `start addr`.
 

docs/features.md

@@ -19,8 +19,8 @@ QEMU 5.1 with laf-intel and redqueen, frida mode, unicorn mode, gcc plugin, full
 | Snapshot LKM Support     |         |    (x)(8) |    (x)(8)  |                  |        (x)(5)    |                  |                  |
 | Shared Memory Test cases |         |     x     |     x      | x86[_64]/arm64   |         x        |         x        |                  |
 
-1. default for LLVM >= 9.0, env var for older version due an efficiency bug in
+1. default for LLVM >= 9.0, environment variable for older version due an
-   previous llvm versions
+   efficiency bug in previous llvm versions
 2. GCC creates non-performant code, hence it is disabled in gcc_plugin
 3. with `AFL_LLVM_THREADSAFE_INST`, disables NeverZero
 4. with pcguard mode and LTO mode for LLVM 11 and newer

docs/important_changes.md

@@ -48,8 +48,9 @@ behaviors and defaults:
     * deterministic fuzzing is now disabled by default (unless using -M) and
       can be enabled with -D
     * a caching of test cases can now be performed and can be modified by
-      editing config.h for TESTCASE_CACHE or by specifying the env variable
+      editing config.h for TESTCASE_CACHE or by specifying the environment
-      `AFL_TESTCACHE_SIZE` (in MB). Good values are between 50-500 (default: 50).
+      variable `AFL_TESTCACHE_SIZE` (in MB). Good values are between 50-500
+      (default: 50).
     * -M mains do not perform trimming
   * examples/ got renamed to utils/
   * libtokencap/ libdislocator/ and qdbi_mode/ were moved to utils/

qemu_mode/README.md

@@ -83,8 +83,9 @@ For more information, see [README.persistent.md](README.persistent.md).
 As an extension to persistent mode, qemuafl can snapshot and restore the memory
 state and brk(). For details, see [README.persistent.md](README.persistent.md).
 
-The env var that enables the ready to use snapshot mode is `AFL_QEMU_SNAPSHOT`
+The environment variable that enables the ready to use snapshot mode is
-and takes a hex address as a value that is the snapshot entry point.
+`AFL_QEMU_SNAPSHOT` and takes a hex address as a value that is the snapshot
+entry point.
 
 Snapshot mode can work restoring all the writeable pages, that is typically
 slower than fork() mode but, on the other hand, it can scale better with

utils/qbdi_mode/README.md

@@ -34,7 +34,9 @@ For x86 standalone-toolchain
 ./build/tools/make_standalone_toolchain.py --arch x86 --api 21 --install-dir ../android-standalone-toolchain-x86
 ```
 
-In alternative you can also use the prebuilt toolchain, in that case make sure to set the proper CC and CXX env variables because there are many different compilers for each API version in the prebuilt toolchain.
+In alternative you can also use the prebuilt toolchain, in that case make sure
+to set the proper CC and CXX environment variables because there are many
+different compilers for each API version in the prebuilt toolchain.
 
 For example:
 
@@ -64,7 +66,7 @@ cd android-qbdi-sdk-x86_64/
 tar xvf QBDI-0.7.0-android-X86_64.tar.gz
 ```
 
-Now set the `STANDALONE_TOOLCHAIN_PATH` to the path of standalone-toolchain 
+Now set the `STANDALONE_TOOLCHAIN_PATH` to the path of standalone-toolchain
 
 ```
 export STANDALONE_TOOLCHAIN_PATH=/home/hac425/workspace/android-standalone-toolchain-x86_64