Merge branch 'dev' of github.com:AFLplusplus/AFLplusplus into dev

README.md

@@ -1170,12 +1170,12 @@ Thank you!
 
 ## Cite
 
-If you use AFLplusplus in scientific work, consider citing [our paper](https://www.usenix.org/conference/woot20/presentation/fioraldi) presented at WOOT'20:
-
 If you use AFLpluplus to compare to your work, please use either `afl-clang-lto`
 or `afl-clang-fast` with `AFL_LLVM_CMPLOG=1` for building targets and
 `afl-fuzz` with the command line option `-l 2` for fuzzing.
-The most effective setup is the `aflplusplus` default fuzzer on Google's fuzzbench.
+The most effective setup is the `aflplusplus` default configuration on Google's [fuzzbench](https://github.com/google/fuzzbench/tree/master/fuzzers/aflplusplus).
+
+If you use AFLplusplus in scientific work, consider citing [our paper](https://www.usenix.org/conference/woot20/presentation/fioraldi) presented at WOOT'20:
 
 + Andrea Fioraldi, Dominik Maier, Heiko Eißfeldt, and Marc Heuse. “AFL++: Combining incremental steps of fuzzing research”. In 14th USENIX Workshop on Offensive Technologies (WOOT 20). USENIX Association, Aug. 2020.
 

include/config.h

@@ -49,15 +49,15 @@
 /* If a redqueen pass finds more than one solution, try to combine them? */
 #define CMPLOG_COMBINE
 
-/* Minimum % of the corpus to perform cmplog on. Default: 20% */
+/* Minimum % of the corpus to perform cmplog on. Default: 10% */
 #define CMPLOG_CORPUS_PERCENT 10U
 
 /* Number of potential positions from which we decide if cmplog becomes
    useless, default 16384 */
 #define CMPLOG_POSITIONS_MAX 16384U
 
-/* Maximum allowed fails per CMP value. Default: 32 * 3 */
-#define CMPLOG_FAIL_MAX 128
+/* Maximum allowed fails per CMP value. Default: 96 */
+#define CMPLOG_FAIL_MAX 96
 
 /* Now non-cmplog configuration options */
 

src/afl-fuzz.c

@@ -127,7 +127,7 @@ static void usage(u8 *argv0, int more_help) {
       "  -l cmplog_opts - CmpLog configuration values (e.g. \"2AT\"):\n"
       "                  1=small files (default), 2=larger files, 3=all "
       "files,\n"
-      "                  A=arithmetic solving, T=tranformational solving.\n\n"
+      "                  A=arithmetic solving, T=transformational solving.\n\n"
       "Fuzzing behavior settings:\n"
       "  -Z            - sequential queue selection instead of weighted "
       "random\n"
@@ -139,8 +139,8 @@ static void usage(u8 *argv0, int more_help) {
 
       "Testing settings:\n"
       "  -s seed       - use a fixed seed for the RNG\n"
-      "  -V seconds    - fuzz for a specific time then terminate\n"
-      "  -E execs      - fuzz for a approx. no of total executions then "
+      "  -V seconds    - fuzz for a specified time then terminate\n"
+      "  -E execs      - fuzz for an approx. no. of total executions then "
       "terminate\n"
       "                  Note: not precise and can have several more "
       "executions.\n\n"