Replies: 1 comment
-
way too much complexity and it does not make things better. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hi, Community.
I have a question and, maybe, an idea.
the talk is going to be about this loop:
AFLplusplus/src/afl-fuzz-run.c
Line 356 in 773baf9
If our test-case is unstable, why we believe first trace-map?
unlikely(afl->first_trace[i] != afl->fsrv.trace_bits[i]))
Should we rather make N attempts and look which bytes were seen less than N times?
And second question: why we kill all byte?
afl->virgin_bits[i] = 0;
As I understand unstable can be only few bits? or not? I'm not sure at this point.
Anyway I write something like this. What does you think about?
Something like this:
Maybe, this subject have some sense? What do you think?
Thanks for attention.
Beta Was this translation helpful? Give feedback.
All reactions