diff options
author | Vitaly Buka <vitalybuka@google.com> | 2020-02-04 12:00:21 -0800 |
---|---|---|
committer | Vitaly Buka <vitalybuka@gmail.com> | 2020-02-04 16:35:14 -0800 |
commit | dfd73df67126e2e501a36a86cb6a2e613644585a (patch) | |
tree | 837ab51288c98b7c5df04e1d32d36633d28c766a | |
parent | e635fead79e692d21bcbcffeea2bf09235286aaf (diff) | |
download | libprotobuf-mutator-dfd73df67126e2e501a36a86cb6a2e613644585a.tar.gz |
Improve efficiency of mutator by allowing Copy/Clone only in CrossOver
That's very libFuzzer specific tweek
libFuzzer calls LLVMFuzzerCustomMutator and LLVMFuzzerCustomCrossOver
with same probability. However LLVMFuzzerCustomCrossOver is
just a variation of Copy/Clone. So before the patch all mutator activity
was more skewed toward Copy/Clone.
This results in 2x increases in new feature discovery per iteration.
-rw-r--r-- | src/mutator.cc | 2 | ||||
-rw-r--r-- | src/mutator_test.cc | 2 |
2 files changed, 3 insertions, 1 deletions
diff --git a/src/mutator.cc b/src/mutator.cc index 6866b50..0459ab3 100644 --- a/src/mutator.cc +++ b/src/mutator.cc @@ -684,6 +684,8 @@ bool Mutator::MutateImpl(const ConstMessages& sources, const Messages& messages, mutations[static_cast<size_t>(Mutation::Delete)] = true; } else { mutations.set(); + mutations[static_cast<size_t>(Mutation::Copy)] = false; + mutations[static_cast<size_t>(Mutation::Clone)] = false; } while (mutations.any()) { MutationSampler mutation(keep_initialized_, mutations, &random_); diff --git a/src/mutator_test.cc b/src/mutator_test.cc index 83e08a6..63367e8 100644 --- a/src/mutator_test.cc +++ b/src/mutator_test.cc @@ -555,7 +555,7 @@ void MutatorFieldTest::TestCopyField() { to.add_repeated_msg()->CopyFrom(*m1_); to.add_repeated_msg()->CopyFrom(*m1_); to.mutable_repeated_msg(1)->add_repeated_string("repeated_string"); - EXPECT_TRUE(Mutate(from, to)); + EXPECT_TRUE(CrossOver(from, from, to)); } } |