From f85e28d8a74848f34bdfb105079245c3d38ff9ae Mon Sep 17 00:00:00 2001
From: Aleksandr Nogikh <nogikh@google.com>
Date: Wed, 20 Mar 2024 21:00:39 +0100
Subject: pkg/fuzzer: implement basic max signal rotation

Once in 15 minutes, drop 1000 elements of the pure max signal (that is,
max signal minus corpus signal).

It seems to have a positive effect on the total fuzzing performance.
---
 pkg/fuzzer/fuzzer.go | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'pkg/fuzzer/fuzzer.go')

diff --git a/pkg/fuzzer/fuzzer.go b/pkg/fuzzer/fuzzer.go
index 14c3f5902..8ce2ebe26 100644
--- a/pkg/fuzzer/fuzzer.go
+++ b/pkg/fuzzer/fuzzer.go
@@ -323,3 +323,15 @@ func (fuzzer *Fuzzer) logCurrentStats() {
 		fuzzer.Logf(0, "%s", str)
 	}
 }
+
+func (fuzzer *Fuzzer) RotateMaxSignal(items int) {
+	corpusSignal := fuzzer.Config.Corpus.Signal()
+	pureMaxSignal := fuzzer.Cover.pureMaxSignal(corpusSignal)
+	if pureMaxSignal.Len() < items {
+		items = pureMaxSignal.Len()
+	}
+	fuzzer.Logf(1, "rotate %d max signal elements", items)
+
+	delta := pureMaxSignal.RandomSubset(fuzzer.rand(), items)
+	fuzzer.Cover.subtract(delta)
+}
-- 
cgit mrf-deployment