ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-11 17:51:32 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
e18caef4f64d12980df41b19ba88ddcc4f76190b
AFLplusplus/llvm_mode/README.neverzero.md
Andrea Fioraldi 659037eef5 modernize llvm_mode readmes
2019-08-31 11:31:51 +02:00

829 B
Raw Blame History

NeverZero counters for LLVM instrumentation

Usage

In larger, complex or reiterative programs the map that collects the edge pairs can easily fill up and wrap. This is not that much of an issue - unless by chance it wraps just to a 0 when the program execution ends. In this case afl-fuzz is not able to see that the pair has been accessed and will ignore it.

NeverZero prevents this behaviour. If a counter wraps, it jumps over the 0 directly to a 1. This improves path discovery (by a very little amount) at a very little cost (one instruction per edge).

This is implemented in afl-gcc, however for llvm_mode this is optional if the llvm version is below 9 - as there is a perfomance bug that is only fixed in version 9 and onwards.

If you want to enable this for llvm < 9 then set

export AFL_LLVM_NOT_ZERO=1