[lib/Fuzzer] explain compatibility with AFL

llvm-svn: 234570
author: Kostya Serebryany <kcc@google.com> 2015-04-10 05:44:43 +0000
committer: Kostya Serebryany <kcc@google.com> 2015-04-10 05:44:43 +0000
commit: 6bd016be8e301751f5495b1e6755aa8017cb95c0 (patch)
tree: 2150dc83a3d0a980ca97fdbd1e4f298f318f6799 /llvm/docs/LibFuzzer.rst
parent: d3ae853c3d08b4a6ad98ea83b5bc672d7288d3e4 (diff)
download: bcm5719-llvm-6bd016be8e301751f5495b1e6755aa8017cb95c0.tar.gz
bcm5719-llvm-6bd016be8e301751f5495b1e6755aa8017cb95c0.zip
1 files changed, 10 insertions, 0 deletions
diff --git a/llvm/docs/LibFuzzer.rst b/llvm/docs/LibFuzzer.rst
index 0d3040329d0..842599cad88 100644
--- a/llvm/docs/LibFuzzer.rst
+++ b/llvm/docs/LibFuzzer.rst
@@ -245,6 +245,16 @@ The fuzzer itself will still be mutating a string of bytes
 but before passing this input to the target library it will replace every byte ``b`` with the ``b``-th token.
 If there are less than ``b`` tokens, a space will be added instead.
 
+AFL compatibility
+-----------------
+LibFuzzer can be used in parallel with AFL_ on the same test corpus.
+Both fuzzers expect the test corpus to reside in a directory, one file per input.
+You can run both fuzzers on the same corpus in parallel::
+
+  ./afl-fuzz -i testcase_dir -o findings_dir /path/to/program -r @@
+  ./llvm-fuzz testcase_dir findings_dir  # Will write new tests to testcase_dir
+
+Periodically restart both fuzzers so that they can use each other's findings.
 
 Fuzzing components of LLVM
 ==========================
author	Kostya Serebryany <kcc@google.com>	2015-04-10 05:44:43 +0000
committer	Kostya Serebryany <kcc@google.com>	2015-04-10 05:44:43 +0000
commit	6bd016be8e301751f5495b1e6755aa8017cb95c0 (patch)
tree	2150dc83a3d0a980ca97fdbd1e4f298f318f6799 /llvm/docs/LibFuzzer.rst
parent	d3ae853c3d08b4a6ad98ea83b5bc672d7288d3e4 (diff)
download	bcm5719-llvm-6bd016be8e301751f5495b1e6755aa8017cb95c0.tar.gz bcm5719-llvm-6bd016be8e301751f5495b1e6755aa8017cb95c0.zip