[llvm] r247364 - [libFuzzer] perform fewer crossover operations compared to plain mutations
Kostya Serebryany via llvm-commits
llvm-commits at lists.llvm.org
Thu Sep 10 17:20:58 PDT 2015
Author: kcc
Date: Thu Sep 10 19:20:58 2015
New Revision: 247364
URL: http://llvm.org/viewvc/llvm-project?rev=247364&view=rev
Log:
[libFuzzer] perform fewer crossover operations compared to plain mutations
Modified:
llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp
Modified: llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp?rev=247364&r1=247363&r2=247364&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp (original)
+++ llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp Thu Sep 10 19:20:58 2015
@@ -337,23 +337,24 @@ void Fuzzer::Loop() {
RereadOutputCorpus();
if (TotalNumberOfRuns >= Options.MaxNumberOfRuns)
return;
- // First, simply mutate the unit w/o doing crosses.
CurrentUnit = Corpus[J1];
- MutateAndTestOne(&CurrentUnit);
- // Now, cross with others.
- if (Options.DoCrossOver && !Corpus[J1].empty()) {
- for (size_t J2 = 0; J2 < Corpus.size(); J2++) {
+ // Optionally, cross with another unit.
+ if (Options.DoCrossOver && USF.GetRand().RandBool()) {
+ size_t J2 = USF.GetRand()(Corpus.size());
+ if (!Corpus[J1].empty() && !Corpus[J2].empty()) {
+ assert(!Corpus[J2].empty());
CurrentUnit.resize(Options.MaxLen);
size_t NewSize = USF.CrossOver(
Corpus[J1].data(), Corpus[J1].size(), Corpus[J2].data(),
Corpus[J2].size(), CurrentUnit.data(), CurrentUnit.size());
assert(NewSize > 0 && "CrossOver returned empty unit");
assert(NewSize <= (size_t)Options.MaxLen &&
- "CrossOver return overisized unit");
+ "CrossOver returned overisized unit");
CurrentUnit.resize(NewSize);
- MutateAndTestOne(&CurrentUnit);
}
}
+ // Perform several mutations and runs.
+ MutateAndTestOne(&CurrentUnit);
}
}
}
More information about the llvm-commits
mailing list