improve fuzzer docs

1 files changed, 12 insertions, 3 deletions

diff --git a/azalea-protocol/fuzz/README.md b/azalea-protocol/fuzz/README.md
index 42ae188c..26ff6dc4 100644
--- a/azalea-protocol/fuzz/README.md
+++ b/azalea-protocol/fuzz/README.md
@@ -1,10 +1,19 @@
 Fuzzing for `azalea-protocol`.
 
+Note that while Azalea doesn't try particularly hard to avoid crash exploits (because Azalea is generally used as a client), panics/crashes in the protocol library are still considered to be bugs that should be fixed.
+
+Feel free to run this fuzzer for however long as you'd like to find crashes in `azalea-protocol`! It may take a very long time to find complex ones. Also, the input length is limited to 4 KiB by default.
+
+Additionally, you should be aware that this fuzzer only targets `azalea-protocol`'s packet deserialization logic. There may be other crash bugs lurking outside of that.
+
 ## Usage
 
 ```sh
-cargo fuzz run clientbound_game # {clientbound,serverbound}_{config,game,handshake,login,status}
-# optionally, add `-s none` for a speedup at the cost of catching less memory safety issues
-# see https://appsec.guide/docs/fuzzing/rust/cargo-fuzz/#addresssanitizer
+cargo fuzz run clientbound_game -s none -- -rss_limit_mb=16384
+# other valid targets: {clientbound,serverbound}_{config,game,handshake,login,status}
+# note: the rss_limit_mb is increased (from the default of 2048) so libfuzzer
+# doesn't oom due to the branchiness of the code :(
+
+# also see https://appsec.guide/docs/fuzzing/rust/cargo-fuzz/#addresssanitizer
 ```