forked from OSchip/llvm-project
[libFuzzer] perform fewer crossover operations compared to plain mutations
llvm-svn: 247364
This commit is contained in:
parent
24d07fdd27
commit
dd02f1f8ab
|
@ -337,26 +337,27 @@ void Fuzzer::Loop() {
|
|||
RereadOutputCorpus();
|
||||
if (TotalNumberOfRuns >= Options.MaxNumberOfRuns)
|
||||
return;
|
||||
// First, simply mutate the unit w/o doing crosses.
|
||||
CurrentUnit = Corpus[J1];
|
||||
MutateAndTestOne(&CurrentUnit);
|
||||
// Now, cross with others.
|
||||
if (Options.DoCrossOver && !Corpus[J1].empty()) {
|
||||
for (size_t J2 = 0; J2 < Corpus.size(); J2++) {
|
||||
// Optionally, cross with another unit.
|
||||
if (Options.DoCrossOver && USF.GetRand().RandBool()) {
|
||||
size_t J2 = USF.GetRand()(Corpus.size());
|
||||
if (!Corpus[J1].empty() && !Corpus[J2].empty()) {
|
||||
assert(!Corpus[J2].empty());
|
||||
CurrentUnit.resize(Options.MaxLen);
|
||||
size_t NewSize = USF.CrossOver(
|
||||
Corpus[J1].data(), Corpus[J1].size(), Corpus[J2].data(),
|
||||
Corpus[J2].size(), CurrentUnit.data(), CurrentUnit.size());
|
||||
assert(NewSize > 0 && "CrossOver returned empty unit");
|
||||
assert(NewSize <= (size_t)Options.MaxLen &&
|
||||
"CrossOver return overisized unit");
|
||||
"CrossOver returned overisized unit");
|
||||
CurrentUnit.resize(NewSize);
|
||||
}
|
||||
}
|
||||
// Perform several mutations and runs.
|
||||
MutateAndTestOne(&CurrentUnit);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
void Fuzzer::SyncCorpus() {
|
||||
if (Options.SyncCommand.empty() || Options.OutputCorpus.empty()) return;
|
||||
|
|
Loading…
Reference in New Issue