diff options
author | Kostya Serebryany <kcc@google.com> | 2016-10-28 16:55:29 +0000 |
---|---|---|
committer | Kostya Serebryany <kcc@google.com> | 2016-10-28 16:55:29 +0000 |
commit | a3dd1fe4c0648065c64ebfbe7414f9900a829362 (patch) | |
tree | bcf11f1a55148fc27f2c06c76ce406a1e17d4da7 /docs/LibFuzzer.rst | |
parent | db3dd81011d36c5082c59eb049537db4d33b8bec (diff) |
[libFuzzer] a bit more docs
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@285415 91177308-0d34-0410-b5e6-96231b3b80d8
Diffstat (limited to 'docs/LibFuzzer.rst')
-rw-r--r-- | docs/LibFuzzer.rst | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/docs/LibFuzzer.rst b/docs/LibFuzzer.rst index a467e010d3db..ddabee476bc4 100644 --- a/docs/LibFuzzer.rst +++ b/docs/LibFuzzer.rst @@ -80,7 +80,9 @@ Some important things to remember about fuzz targets: * The fuzzing engine will execute the fuzz target many times with different inputs in the same process. * It must tolerate any kind of input (empty, huge, malformed, etc). * It must not `exit()` on any input. -* It may use multiple threads but ideally all threads should be joined at the end of the function. +* It may use threads but ideally all threads should be joined at the end of the function. +* It must be as deterministic as possible. Non-determinism (e.g. random decisions not based on the input byte) will make fuzzing inefficient. +* It must be fast. Try avoiding cubic or greater complexity. * Ideally, it should not modify any global state (although that's not strict). |