From 8a15ef599ee153b335fa7916809fed5bb7c77fd8 Mon Sep 17 00:00:00 2001 From: Kostya Serebryany Date: Fri, 11 Sep 2015 00:20:58 +0000 Subject: [PATCH] [libFuzzer] perform fewer crossover operations compared to plain mutations git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@247364 91177308-0d34-0410-b5e6-96231b3b80d8 --- lib/Fuzzer/FuzzerLoop.cpp | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/lib/Fuzzer/FuzzerLoop.cpp b/lib/Fuzzer/FuzzerLoop.cpp index f1802f65c37..96783dac673 100644 --- a/lib/Fuzzer/FuzzerLoop.cpp +++ b/lib/Fuzzer/FuzzerLoop.cpp @@ -337,23 +337,24 @@ void Fuzzer::Loop() { RereadOutputCorpus(); if (TotalNumberOfRuns >= Options.MaxNumberOfRuns) return; - // First, simply mutate the unit w/o doing crosses. CurrentUnit = Corpus[J1]; - MutateAndTestOne(&CurrentUnit); - // Now, cross with others. - if (Options.DoCrossOver && !Corpus[J1].empty()) { - for (size_t J2 = 0; J2 < Corpus.size(); J2++) { + // Optionally, cross with another unit. + if (Options.DoCrossOver && USF.GetRand().RandBool()) { + size_t J2 = USF.GetRand()(Corpus.size()); + if (!Corpus[J1].empty() && !Corpus[J2].empty()) { + assert(!Corpus[J2].empty()); CurrentUnit.resize(Options.MaxLen); size_t NewSize = USF.CrossOver( Corpus[J1].data(), Corpus[J1].size(), Corpus[J2].data(), Corpus[J2].size(), CurrentUnit.data(), CurrentUnit.size()); assert(NewSize > 0 && "CrossOver returned empty unit"); assert(NewSize <= (size_t)Options.MaxLen && - "CrossOver return overisized unit"); + "CrossOver returned overisized unit"); CurrentUnit.resize(NewSize); - MutateAndTestOne(&CurrentUnit); } } + // Perform several mutations and runs. + MutateAndTestOne(&CurrentUnit); } } } -- 2.34.1