-bool DFSanState::Mutate(fuzzer::Unit *U) {
- for (auto &PCToCmp : PcToCmpSiteInfoMap) {
- auto &CSI = PCToCmp.second;
- if (CSI.ResCounters[0] * CSI.ResCounters[1] != 0) continue;
- if (CSI.ResCounters[0] + CSI.ResCounters[1] < 1000) continue;
- if (CSI.CountedConstants.size() != 1) continue;
- uintptr_t C = CSI.CountedConstants.begin()->first;
- if (U->size() >= CSI.CmpSize) {
- size_t RangeSize = CSI.LR.End - CSI.LR.Beg;
- size_t Idx = CSI.LR.Beg + rand() % RangeSize;
- if (Idx + CSI.CmpSize > U->size()) continue;
- C += rand() % 5 - 2;
- memcpy(U->data() + Idx, &C, CSI.CmpSize);
- return true;
- }
- }
- return false;
-}
-