1 files changed, 4 insertions, 13 deletions

diff --git a/TODO.md b/TODO.md
index d31178c8..12614f05 100644
--- a/TODO.md
+++ b/TODO.md
@@ -1,9 +1,9 @@
 # TODO list for AFL++
 
-## Roadmap 2.65
+## Roadmap 2.65+
 
+ - implement ngram and ctx in InsTrim
  - AFL_MAP_SIZE for afl-llvm-pass, qemu_mode and unicorn_mode
- - fix stability calculation bug
  - random crc32 HASH_CONST per run? because with 65536 paths we have collisions
  - namespace for targets? e.g. network
  - libradamsa as a custom module?
@@ -13,12 +13,10 @@
 afl-fuzz:
  - sync_fuzzers(): only masters sync from all, slaves only sync from master
    (@andrea: be careful, often people run all slaves)
- - ascii_only mode for mutation output
+ - ascii_only mode for mutation output - or use a custom mutator for this?
  - setting min_len/max_len/start_offset/end_offset limits for mutation output
 
 llvm_mode:
- - added context sensitive branch coverage
- - add CT cov and ngram cov to LTO and InsTrim
  - better whitelist solution for LTO
 
 gcc_plugin:
@@ -26,18 +24,11 @@ gcc_plugin:
  - better instrumentation (seems to be better with gcc-9+)
 
 qemu_mode:
- - update to 4.x (probably this will be skipped :( )
+ - update to 5.x (if the performance bug if gone)
  - non colliding instrumentation
- - instrim for QEMU mode via static analysis (with r2pipe? or angr?)
-   Idea: The static analyzer outputs a map in which each edge that must be
-   skipped is marked with 1. QEMU loads it at startup in the parent process.
  - rename qemu specific envs to AFL_QEMU (AFL_ENTRYPOINT, AFL_CODE_START/END,
    AFL_COMPCOV_LEVEL?)
  - add AFL_QEMU_EXITPOINT (maybe multiple?), maybe pointless as we have
    persistent mode
  - add/implement AFL_QEMU_INST_LIBLIST and AFL_QEMU_NOINST_PROGRAM
  - add/implement AFL_QEMU_INST_REGIONS as a list of _START/_END addresses
-
-custom_mutators:
- - rip what Superion is doing into custom mutators for js, php, etc.
-