在 afl-cc.c 1807 行,可以看到如下代码
" You can also use the old environment variables instead:\n"
" AFL_LLVM_USE_TRACE_PC: use LLVM trace-pc-guard instrumentation\n"
" AFL_LLVM_CALLER: use single context sensitive coverage (for "
“CLASSIC)\n”
" AFL_LLVM_CTX: use full context sensitive coverage (for "
“CLASSIC)\n”
" AFL_LLVM_NGRAM_SIZE: use ngram prev_loc count coverage (for "
“CLASSIC)\n”);
使用如下命令
AFL_DEBUG=1 AFL_LLVM_CALLER=1 afl-clang-fast simple_bug.c -o simple_bug
可以让 clang 使用 afl-llvm-pass.so,同时启动里面的 DEBUG 日志
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
