Animated comparison of fuzzing strategies. FlowFusion continuously fuses pairs of PHP test seeds via dataflow interleaving. AFL++ applies sequential bit/byte mutations to a single seed guided by coverage feedback.
Picks two .phpt seeds → extracts dataflows → interleaves them via a bridge variable $fusion → produces a semantically new test case.
~20K seeds → 400M+ pairwise combinations.
Selects one seed → trims it → applies deterministic stages (bit/byte flip, arithmetic, known ints) then stochastic havoc → retains inputs that hit new edges.