2 files changed, 15 insertions, 3 deletions

diff --git a/pkg/fuzzer/fuzzer.go b/pkg/fuzzer/fuzzer.go
index ba6d93651..3dac022ad 100644
--- a/pkg/fuzzer/fuzzer.go
+++ b/pkg/fuzzer/fuzzer.go
@@ -87,13 +87,20 @@ func newExecQueues(fuzzer *Fuzzer) execQueues {
 		triageQueue:          queue.DynamicOrder(),
 		smashQueue:           queue.Plain(),
 	}
+	// Alternate smash jobs with exec/fuzz to spread attention to the wider area.
+	skipQueue := 3
+	if fuzzer.Config.PatchTest {
+		// When we do patch fuzzing, we do not focus on finding and persisting
+		// new coverage that much, so it's reasonable to spend more time just
+		// mutating various corpus programs.
+		skipQueue = 2
+	}
 	// Sources are listed in the order, in which they will be polled.
 	ret.source = queue.Order(
 		ret.triageCandidateQueue,
 		ret.candidateQueue,
 		ret.triageQueue,
-		// Alternate smash jobs with exec/fuzz once in 3 times.
-		queue.Alternate(ret.smashQueue, 3),
+		queue.Alternate(ret.smashQueue, skipQueue),
 		queue.Callback(fuzzer.genFuzz),
 	)
 	return ret
@@ -198,6 +205,7 @@ type Config struct {
 	NoMutateCalls  map[int]bool
 	FetchRawCover  bool
 	NewInputFilter func(call string) bool
+	PatchTest      bool
 }
 
 func (fuzzer *Fuzzer) triageProgCall(p *prog.Prog, info *flatrpc.CallInfo, call int, triage *map[int]*triageCall) {
diff --git a/pkg/fuzzer/job.go b/pkg/fuzzer/job.go
index d1bac5054..8786d046d 100644
--- a/pkg/fuzzer/job.go
+++ b/pkg/fuzzer/job.go
@@ -348,7 +348,11 @@ func (job *triageJob) minimize(call int, info *triageCall) (*prog.Prog, int) {
 		minimizeAttempts = 2
 	}
 	stop := false
-	p, call := prog.Minimize(job.p, call, prog.MinimizeCorpus, func(p1 *prog.Prog, call1 int) bool {
+	mode := prog.MinimizeCorpus
+	if job.fuzzer.Config.PatchTest {
+		mode = prog.MinimizeCallsOnly
+	}
+	p, call := prog.Minimize(job.p, call, mode, func(p1 *prog.Prog, call1 int) bool {
 		if stop {
 			return false
 		}