[libFuzzer] a bit more docs

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@285415 91177308-0d34-0410-b5e6-96231b3b80d8
author: Kostya Serebryany <kcc@google.com> 2016-10-28 16:55:29 +0000
committer: Kostya Serebryany <kcc@google.com> 2016-10-28 16:55:29 +0000
commit: a3dd1fe4c0648065c64ebfbe7414f9900a829362 (patch)
tree: bcf11f1a55148fc27f2c06c76ce406a1e17d4da7 /docs/LibFuzzer.rst
parent: db3dd81011d36c5082c59eb049537db4d33b8bec (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/docs/LibFuzzer.rst b/docs/LibFuzzer.rst
index a467e010d3db..ddabee476bc4 100644
--- a/docs/LibFuzzer.rst
+++ b/docs/LibFuzzer.rst
@@ -80,7 +80,9 @@ Some important things to remember about fuzz targets:
 * The fuzzing engine will execute the fuzz target many times with different inputs in the same process.
 * It must tolerate any kind of input (empty, huge, malformed, etc).
 * It must not `exit()` on any input.
-* It may use multiple threads but ideally all threads should be joined at the end of the function.
+* It may use threads but ideally all threads should be joined at the end of the function.
+* It must be as deterministic as possible. Non-determinism (e.g. random decisions not based on the input byte) will make fuzzing inefficient.
+* It must be fast. Try avoiding cubic or greater complexity.
 * Ideally, it should not modify any global state (although that's not strict).
author	Kostya Serebryany <kcc@google.com>	2016-10-28 16:55:29 +0000
committer	Kostya Serebryany <kcc@google.com>	2016-10-28 16:55:29 +0000
commit	a3dd1fe4c0648065c64ebfbe7414f9900a829362 (patch)
tree	bcf11f1a55148fc27f2c06c76ce406a1e17d4da7 /docs/LibFuzzer.rst
parent	db3dd81011d36c5082c59eb049537db4d33b8bec (diff)