• Home
  • Raw
  • Download

Lines Matching +full:qemu +full:- +full:system +full:- +full:arm

4 QEMU 5.1 with laf-intel and Redqueen, FRIDA mode, unicorn mode, gcc plugin, full
9 | Feature/Instrumentation       | afl-gcc  | llvm      | gcc_plugin | FRIDA mode(9)  | QEMU mode(10…
10------------------------------|:--------:|:---------:|:----------:|:--------------:|:-------------…
13 | Persistent Mode     [C]       |          |     x     |      x     | x86[_64]/arm64 | x86[_64]/arm
14 | LAF-Intel / CompCov [D]       |          |     x     |            |                | x86[_64]/arm
15 | CmpLog              [E]       |          |     x     |      x     | x86[_64]/arm64 | x86[_64]/arm
17 | Non-Colliding Coverage    [G] |          |    x(4)   |            |                |       (x)(5)…
26 A. Default is not thread-safe coverage counter updates for better performance,
38 D. Split any non-8-bit comparison to 8-bit comparison; see
39    [instrumentation/README.laf-intel.md](../instrumentation/README.laf-intel.md)
42 …[Redqueen](https://www.ndss-symposium.org/ndss-paper/redqueen-fuzzing-with-input-to-state-correspo…
46 F. Similar and compatible to clang 13+ sancov sanitize-coverage-allow/deny but
53    afl-clang-fast (PCGUARD) uses non-colliding coverage that also makes it
59 …[https://www.usenix.org/system/files/raid2019-wang-jinghan.pdf](https://www.usenix.org/system/file…
70 L. Faster fuzzing and less kernel syscall overhead by in-memory fuzz testcase
78 2. GCC creates non-performant code, hence it is disabled in gcc_plugin
84    versions that write to a file to use with afl-fuzz' `-x`
86    coming too fast :-(
87 9. FRIDA mode is supported on Linux and MacOS for Intel and ARM
88 10. QEMU/Unicorn is only supported on Linux
97 * NeverZero patch for afl-gcc, instrumentation, QEMU mode and unicorn_mode which
99 * Persistent mode, deferred forkserver and in-memory fuzzing for QEMU mode
102 * The new CmpLog instrumentation for LLVM and QEMU inspired by
103   [Redqueen](https://github.com/RUB-SysSec/redqueen)
104 * Win32 PE binary-only fuzzing with QEMU and Wine
108   [https://github.com/puppet-meteor/MOpt-AFL](https://github.com/puppet-meteor/MOpt-AFL)
110   [https://github.com/adrianherrera/afl-ngram-pass](https://github.com/adrianherrera/afl-ngram-pass)
111 * LAF-Intel/CompCov support for instrumentation, QEMU mode and unicorn_mode
116 * Frida and ptrace mode to fuzz binary-only libraries, etc.
118 So all in all this is the best-of AFL that is out there :-)