Affordances for "local maxima" in coverage #108
Assignees
Comments
|
Interesting idea! I'll have to think about this. |
|
Would you like to see this feature in batch fuzzing mode? It seems like putting this feature in CI mode would break CI mode's attempt to be deterministic (ie it's bad if we don't find a bug when it's introduced but find it in a later PR, it would be best if we found it the first time, second best if we don't find it at all and worst if we find it on another PR) |
|
My interest here is for the batch fuzzing. |
|
Makes sense! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
clusterfuzz has various strategies to try to handle the problem of getting stuck in a local maxima for coverage.
clusterfuzzlite doesn't appear to have these, as a result some fuzzers may find themselves stuck, unable to make progress.
I believe https://github.com/alex/rust-asn1 is experiencing this. The fuzzer is not making much progress, however if I blow away all coverage and run it from the start I can often get it to advance further.
The text was updated successfully, but these errors were encountered: