I find that most numbers are 0, I think this is wired. Is this correct? Or is there anything wrong with instrument or coverage collection?
The command line is so long and I can't figure out the function of lib.js, v8.js ... Can I just remove them like:
./fuzz/afl/afl-fuzz -C -m none -o output-17 /home/fuzz/v8fuzz/v8/out/fuzzbuild_DIE_2/d8 @@
And I can't figure out where to set the flags of v8 such as --allow-natives-syntax, --expose-gc ... Should I add them manually like:
./fuzz/afl/afl-fuzz -C -m none -o output-17 /home/fuzz/v8fuzz/v8/out/fuzzbuild_DIE_2/d8 --allow-natives-syntax --expose-gc @@
Hello @thdusdl1219 @tarafans .I actually get everything working. But I have some questions to help me understand more about DIE.
Here is my _fuzzerstats file:
I have two questions.
I find that most numbers are 0, I think this is wired. Is this correct? Or is there anything wrong with instrument or coverage collection?
The command line is so long and I can't figure out the function of lib.js, v8.js ... Can I just remove them like:
./fuzz/afl/afl-fuzz -C -m none -o output-17 /home/fuzz/v8fuzz/v8/out/fuzzbuild_DIE_2/d8 @@
And I can't figure out where to set the flags of v8 such as --allow-natives-syntax, --expose-gc ... Should I add them manually like:./fuzz/afl/afl-fuzz -C -m none -o output-17 /home/fuzz/v8fuzz/v8/out/fuzzbuild_DIE_2/d8 --allow-natives-syntax --expose-gc @@
Thanks veryyy much.