diff options
| author | Alexander Shvedov <60114847+a-shvedov@users.noreply.github.com> | 2023-05-22 16:57:45 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-05-22 16:57:45 +0300 |
| commit | 629edb1e78d791894ce9ee6d53259f95fe1a29af (patch) | |
| tree | 3337fbdabebc223c5222b650127af7469a77f693 /docs/FAQ.md | |
| parent | 8012b555a8cbc49f1c78d4a33cad56ea59280780 (diff) | |
| parent | c4b1566ba35c697cda7822bd0cf30e2e3eeee0c7 (diff) | |
| download | afl++-629edb1e78d791894ce9ee6d53259f95fe1a29af.tar.gz | |
Merge pull request #2 from AFLplusplus/stable
push to stable (#1734)
Diffstat (limited to 'docs/FAQ.md')
| -rw-r--r-- | docs/FAQ.md | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/docs/FAQ.md b/docs/FAQ.md index 76350c79..8178db46 100644 --- a/docs/FAQ.md +++ b/docs/FAQ.md @@ -171,6 +171,14 @@ If you find an interesting or important question missing, submit it via The more "unstable" edges there are, the harder it is for AFL++ to identify valid new paths. + If you fuzz in persistent mode (`AFL_LOOP` or `LLVMFuzzerTestOneInput()` + harnesses, a large number of unstable edges can mean that the target keeps + internal state and therefore it is possible that crashes cannot be replayed. + In such a case do either **not** fuzz in persistent mode (remove `AFL_LOOP()` + from your harness or call `LLVMFuzzerTestOneInput()` harnesses with `@@`), + or set a low `AFL_LOOP` value, e.g. 100, and enable `AFL_PERSISTENT_RECORD` + in `config.h` with the same value. + A value above 90% is usually fine and a value above 80% is also still ok, and even a value above 20% can still result in successful finds of bugs. However, it is recommended that for values below 90% or 80% you should take |