I am reading the paper(1) at: https://arxiv.org/abs/1905.07147 ( Targeted greybox fuzzing with lookahead analysis)
I am trying to understand lookahead analysis page 5 out of 12, in order to compare it with greybox fuzzing. They have provided the algorithm LookAhead i.e. algoithm2 on page 6 which returns twice: (1) once it returns with hash of Pi_pre along with SPs (split points) and (2) in other case it returns with hash of Pi along with SPs. I thing it is invoked using the invocation named as LookaheadAnalyze(..) in Algorithm1:
LID, SPs ←LookaheadAnalyze(prog, input′, T ).
The returned computer hash is stored in LID. It further says that lookahead analysis assigns more energy to the inputs whose LID is rare as shown below in the following text:
In the above definition, selected(I ) denotes the number of times that I was selected for fuzzing (line 3 in Alg. 1), and K is a constant (1024 in our implementation). Intuitively, our power schedule assigns little energy to inputs whose LID is not rare and whose no-targetahead prefix does not contain any rare split points. Otherwise, it assigns much more energy, the amount of which depends on how often the input has been selected for fuzzing before.
I can’t understand where it assigns more energy? It is incrementing the energy but it is done outside the if-block in Algorithm 1.
Somebody please guide how LookAhead Analysis is assignig more energy?
(1) Valentin Wustholz and M. Christakis, Targeted Greybox Fuzzing with Static Lookahead Analysis, 2020 IEEE/ACM 42nd International Conference on Software Engineering (ICSE)},2020.