Ivan Fratric

Does it work by any chance if you replace `-generate_unwind` with `-patch_return_addresses`?

Also, `-target_method main` should work if you create a RelWithDebInfo build (of test_gdiplus) instead of Release.

Under the hood `-target_method ` computes the offset and then uses that. So in a sense offset is always used. However note that the offset could change when the target...

@Deepak-Biswakarma-2310 The DynamoRIO version you are using appears to be quite old. Please grab a more recent build from https://github.com/DynamoRIO/dynamorio/releases. Additionally, the `-target_offset 0xffdff000` appears incorrect. The value is too...

If you wanted to avoid counters, you could change the instrumentation used by WinAFL to use an `or` instruction instead the `inc` instruction. However, this is likely not the reason...

> I have tried using Jackalope, and occasionally the fuzzer crashes on its own, even when I run it in "_dumb mode_". > When a fuzzer crashed, was there an...

In Jackalope, "Input sample has no new stable coverage" (if it's not the case that the coverage from this sample is already fully covered by some previous sample) could also...

Hi, this is a fairly large patch, so could you explain what issue(s) it resolves? My understanding was that TCP was supported already (but perhaps it wasn't working correctly for...

Sure, we can remove the FATAL when reproducing crashes, I just pushed https://github.com/googleprojectzero/Jackalope/commit/36d79fbb9deb2e68c1b523df2460110d5accd6fd However, after saving the crash, the fuzzer will likely still error out because it will be unable...

Assuming one fuzzer isn't finding bugs other isn't (which can happen due to very different approaches used in both), it could be just the way these fuzzers are deduplicating crashes,...