| OLD | NEW |
|---|
| 1 ======================= | 1 ======================= |
| 2 Environmental variables | 2 Environmental variables |
| 3 ======================= | 3 ======================= |
| 4 | 4 |
| 5 This document discusses the environment variables used by American Fuzzy Lop | 5 This document discusses the environment variables used by American Fuzzy Lop |
| 6 to expose various exotic functions that may be (rarely) useful for power | 6 to expose various exotic functions that may be (rarely) useful for power |
| 7 users or for some types of custom fuzzing setups. See README for the general | 7 users or for some types of custom fuzzing setups. See README for the general |
| 8 instruction manual. | 8 instruction manual. |
| 9 | 9 |
| 10 1) Settings for afl-gcc, afl-clang, and afl-as | 10 1) Settings for afl-gcc, afl-clang, and afl-as |
| (...skipping 127 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 138 - The CPU widget shown at the bottom of the screen is fairly simplistic and | 138 - The CPU widget shown at the bottom of the screen is fairly simplistic and |
| 139 may complain of high load prematurely, especially on systems with low core | 139 may complain of high load prematurely, especially on systems with low core |
| 140 counts. To avoid the alarming red color, you can set AFL_NO_CPU_RED. | 140 counts. To avoid the alarming red color, you can set AFL_NO_CPU_RED. |
| 141 | 141 |
| 142 - In QEMU mode (-Q), AFL_PATH will be searched for afl-qemu-trace. | 142 - In QEMU mode (-Q), AFL_PATH will be searched for afl-qemu-trace. |
| 143 | 143 |
| 144 - Setting AFL_PRELOAD causes AFL to set LD_PRELOAD for the target binary | 144 - Setting AFL_PRELOAD causes AFL to set LD_PRELOAD for the target binary |
| 145 without disrupting the afl-fuzz process itself. This is useful, among other | 145 without disrupting the afl-fuzz process itself. This is useful, among other |
| 146 things, for bootstrapping libdislocator.so. | 146 things, for bootstrapping libdislocator.so. |
| 147 | 147 |
| 148 - Setting AFL_NO_UI inhibits the UI altogether, and just periodically prints |
| 149 some basic stats. This behavior is also automatically triggered when the |
| 150 output from afl-fuzz is redirected to a file or to a pipe. |
| 151 |
| 148 - If you are Jakub, you may need AFL_I_DONT_CARE_ABOUT_MISSING_CRASHES. | 152 - If you are Jakub, you may need AFL_I_DONT_CARE_ABOUT_MISSING_CRASHES. |
| 149 Others need not apply. | 153 Others need not apply. |
| 150 | 154 |
| 151 - Benchmarking only: AFL_BENCH_JUST_ONE causes the fuzzer to exit after | 155 - Benchmarking only: AFL_BENCH_JUST_ONE causes the fuzzer to exit after |
| 152 processing the first queue entry; and AFL_BENCH_UNTIL_CRASH causes it to | 156 processing the first queue entry; and AFL_BENCH_UNTIL_CRASH causes it to |
| 153 exit soon after the first crash is found. | 157 exit soon after the first crash is found. |
| 154 | 158 |
| 155 4) Settings for afl-qemu-trace | 159 4) Settings for afl-qemu-trace |
| 156 ------------------------------ | 160 ------------------------------ |
| 157 | 161 |
| (...skipping 78 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 236 | 240 |
| 237 exit_code=86 (required for legacy reasons) | 241 exit_code=86 (required for legacy reasons) |
| 238 abort_on_error=1 | 242 abort_on_error=1 |
| 239 symbolize=0 | 243 symbolize=0 |
| 240 msan_track_origins=0 | 244 msan_track_origins=0 |
| 241 allocator_may_return_null=1 | 245 allocator_may_return_null=1 |
| 242 | 246 |
| 243 Be sure to include the first one when customizing anything, since some | 247 Be sure to include the first one when customizing anything, since some |
| 244 MSAN versions don't call abort() on error, and we need a way to detect | 248 MSAN versions don't call abort() on error, and we need a way to detect |
| 245 faults. | 249 faults. |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2662883002:
Roll AFL 2.31b:2.38b and switch coverage to use trace-pc-guard. (Closed)
