From: Kostya Serebryany <kcc@google.com>
Date: Fri, 10 Apr 2015 05:44:43 +0000 (+0000)
Subject: [lib/Fuzzer] explain compatibility with AFL
X-Git-Url: http://plrg.eecs.uci.edu/git/?p=oota-llvm.git;a=commitdiff_plain;h=3e35db6c50e7db4102146b33e274a95ef141efce

[lib/Fuzzer] explain compatibility with AFL

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@234570 91177308-0d34-0410-b5e6-96231b3b80d8
---

diff --git a/docs/LibFuzzer.rst b/docs/LibFuzzer.rst
index 0d3040329d0..842599cad88 100644
--- a/docs/LibFuzzer.rst
+++ b/docs/LibFuzzer.rst
@@ -245,6 +245,16 @@ The fuzzer itself will still be mutating a string of bytes
 but before passing this input to the target library it will replace every byte ``b`` with the ``b``-th token.
 If there are less than ``b`` tokens, a space will be added instead.
 
+AFL compatibility
+-----------------
+LibFuzzer can be used in parallel with AFL_ on the same test corpus.
+Both fuzzers expect the test corpus to reside in a directory, one file per input.
+You can run both fuzzers on the same corpus in parallel::
+
+  ./afl-fuzz -i testcase_dir -o findings_dir /path/to/program -r @@
+  ./llvm-fuzz testcase_dir findings_dir  # Will write new tests to testcase_dir
+
+Periodically restart both fuzzers so that they can use each other's findings.
 
 Fuzzing components of LLVM
 ==========================