[libFuzzer] experimental flag to tweak the corpus distribution. Seems to improve the situation dramatically on the png benchmark and make things worse on a number of micro-puzzles. Needs more A/B testing

git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@315407 91177308-0d34-0410-b5e6-96231b3b80d8
author: Kostya Serebryany <kcc@google.com> 2017-10-11 01:44:26 +0000
committer: Kostya Serebryany <kcc@google.com> 2017-10-11 01:44:26 +0000
commit: 452879a466facf705d4f5b12617c2396b5689f35 (patch)
tree: 563cfc80d3877f105b937da03d4d0ba8d07f36bd /lib/fuzzer/FuzzerLoop.cpp
parent: 3fc89a412dd3c51188a9709fb8896434230312e9 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/lib/fuzzer/FuzzerLoop.cpp b/lib/fuzzer/FuzzerLoop.cpp
index 4ccfe3f2a..c095fed12 100644
--- a/lib/fuzzer/FuzzerLoop.cpp
+++ b/lib/fuzzer/FuzzerLoop.cpp
@@ -396,6 +396,7 @@ bool Fuzzer::RunOne(const uint8_t *Data, size_t Size, bool MayDeleteFile,
   size_t FoundUniqFeaturesOfII = 0;
   size_t NumUpdatesBefore = Corpus.NumFeatureUpdates();
   TPC.CollectFeatures([&](size_t Feature) {
+    Corpus.UpdateFeatureFrequency(Feature);
     if (Corpus.AddFeature(Feature, Size, Options.Shrink))
       UniqFeatureSetTmp.push_back(Feature);
     if (Options.ReduceInputs && II)
@@ -565,6 +566,8 @@ void Fuzzer::MutateAndTestOne() {
   MD.StartMutationSequence();
 
   auto &II = Corpus.ChooseUnitToMutate(MD.GetRand());
+  if (Options.UseFeatureFrequency)
+    Corpus.UpdateFeatureFrequencyScore(&II);
   const auto &U = II.U;
   memcpy(BaseSha1, II.Sha1, sizeof(BaseSha1));
   assert(CurrentUnitData);
author	Kostya Serebryany <kcc@google.com>	2017-10-11 01:44:26 +0000
committer	Kostya Serebryany <kcc@google.com>	2017-10-11 01:44:26 +0000
commit	452879a466facf705d4f5b12617c2396b5689f35 (patch)
tree	563cfc80d3877f105b937da03d4d0ba8d07f36bd /lib/fuzzer/FuzzerLoop.cpp
parent	3fc89a412dd3c51188a9709fb8896434230312e9 (diff)