The Linux kernel just got a patch to add AFL support! I don’t believe FreeBSD has such a feature, yet…. 😐
[PATCH] kcov: add AFL-style tracing
AFL uses a fixed-size buffer (typically 64 KiB) where each byte is a counter representing how many times an A -> B branch was taken. Of course, since the buffer is fixed size, it’s a little imprecise in that e.g. two different branches could map to the same counter, but in practice it works well.
See afl:docs/technical_details.txt for more information.