fuzzer (reference) in projects: external

Project(s)

Full Search
Definition
Symbol
File Path
History
Type

Searched refs:fuzzer (Results 1 – 25 of 174) sorted by relevance

12 3 4 5 6 7

/external/syzkaller/syz-fuzzer/
D	fuzzer.go	`209 fuzzer := &Fuzzer{ 223 for i := 0; fuzzer.poll(i == 0, nil); i++ { 229 prios := target.CalculatePriorities(fuzzer.corpus) 230 fuzzer.choiceTable = target.BuildChoiceTable(prios, calls) 233 proc, err := newProc(fuzzer, pid) 237 fuzzer.procs = append(fuzzer.procs, proc) 241 fuzzer.pollLoop() 244 func (fuzzer Fuzzer) pollLoop() { 253 case <-fuzzer.needPoll: 256 if fuzzer.outputType != OutputStdout && time.Since(lastPrint) > 10time.Second { [all …]`
D	proc.go	`31 fuzzer Fuzzer member 41 func newProc(fuzzer Fuzzer, pid int) (Proc, error) { 42 env, err := ipc.MakeEnv(fuzzer.config, pid) 47 execOptsNoCollide := fuzzer.execOpts 54 fuzzer: fuzzer, 58 execOpts: fuzzer.execOpts, 68 if proc.fuzzer.config.Flags&ipc.FlagSignal == 0 { 74 item := proc.fuzzer.workQueue.dequeue() 89 ct := proc.fuzzer.choiceTable 90 corpus := proc.fuzzer.corpusSnapshot() [all …]`
/external/swiftshader/third_party/llvm-7.0/llvm/docs/
D	FuzzingLLVM.rst	19 clang-fuzzer 22 A \|generic fuzzer\| that tries to compile textual input as C++ code. Some of the 23 bugs this fuzzer has reported are `on bugzilla`__ and `on OSS Fuzz's 27 __ https://bugs.chromium.org/p/oss-fuzz/issues/list?q=proj-llvm+clang-fuzzer 29 clang-proto-fuzzer 32 A \|protobuf fuzzer\| that compiles valid C++ programs generated from a protobuf 35 This fuzzer accepts clang command line options after `ignore_remaining_args=1`. 41 % bin/clang-proto-fuzzer <corpus-dir> -ignore_remaining_args=1 -O3 43 clang-format-fuzzer 46 A \|generic fuzzer\| that runs clang-format_ on C++ text fragments. Some of the [all …]
D	LibFuzzer.rst	14 library via a specific fuzzing entrypoint (aka "target function"); the fuzzer 76 In order to build your fuzzer binary, use the `-fsanitize=fuzzer` flag during the 81 …clang -g -O1 -fsanitize=fuzzer mytarget.c # Builds the fuzz target w/o san… 82 …clang -g -O1 -fsanitize=fuzzer,address mytarget.c # Builds the fuzz target with AS… 83 …clang -g -O1 -fsanitize=fuzzer,signed-integer-overflow mytarget.c # Builds the fuzz target with a … 84 …clang -g -O1 -fsanitize=fuzzer,memory mytarget.c # Builds the fuzz target with MS… 87 Note that ``-fsanitize=fuzzer`` links in the libFuzzer's ``main()`` symbol. 93 clang -fsanitize=fuzzer-no-link mytarget.c 96 ``-fsanitize=fuzzer`` during the linking stage. 107 files. The fuzzer generates random mutations based around the sample inputs in [all …]
/external/harfbuzz_ng/test/fuzzing/
D	CMakeLists.txt	8 #add_executable (hb-shape-fuzzer # it should be run only after ragel execution 12 add_executable (hb-shape-fuzzer ${hb_shape_fuzzer_SOURCES}) 13 target_link_libraries (hb-shape-fuzzer harfbuzz) 15 add_executable (hb-subset-fuzzer ${hb_subset_fuzzer_SOURCES}) 16 target_link_libraries (hb-subset-fuzzer harfbuzz-subset) 18 target_compile_definitions(hb-shape-fuzzer PUBLIC ${FUZZING_CPPFLAGS}) 19 target_compile_definitions(hb-subset-fuzzer PUBLIC ${FUZZING_CPPFLAGS}) 21 add_test (NAME hb-shape-fuzzer 22 COMMAND "${PYTHON_EXECUTABLE}" run-shape-fuzzer-tests.py $<TARGET_FILE:hb-shape-fuzzer> 24 add_test (NAME hb-subset-fuzzer [all …]
D	Makefile.am	`20 run-shape-fuzzer-tests.py \ 21 run-subset-fuzzer-tests.py \ 27 hb-shape-fuzzer \ 28 hb-subset-fuzzer \ 38 hb-fuzzer.hh \ 39 hb-shape-fuzzer.cc \ 47 hb-fuzzer.hh \ 48 hb-subset-fuzzer.cc \ 58 EXEEXT="$(EXEEXT)" srcdir="$(srcdir)" builddir="$(builddir)" $(srcdir)/run-shape-fuzzer-tests.py 59 EXEEXT="$(EXEEXT)" srcdir="$(srcdir)" builddir="$(builddir)" $(srcdir)/run-subset-fuzzer-tests.py`
D	README	`1 In order to build the fuzzer one needs to build HarfBuzz and 2 harfbuzz/test/fuzzing/hb-fuzzer.cc with: 10 To run the fuzzer one needs to first obtain a test corpus as a directory 13 Then, run the fuzzer like this: 14 ./hb-fuzzer -max_len=2048 CORPUS_DIR`
/external/perfetto/tools/
D	run_all_fuzzers	`27 FUZZERS=$(cd $OUTDIR && ls fuzzer) 29 for fuzzer in $FUZZERS; do 30 mkdir -p "fuzz_out/$fuzzer/corpus" 31 mkdir -p "fuzz_out/$fuzzer/artifacts" 32 for crash in $(ls fuzz_out/$fuzzer/artifacts/crash- 2> /dev/null); do 33 if "$OUTDIR/$fuzzer" "$crash"; then 40 "$OUTDIR/$fuzzer" -artifact_prefix="fuzz_out/$fuzzer/artifacts/" \ 41 "fuzz_out/$fuzzer/corpus" 2> "fuzz_out/$fuzzer/log.err" &`
/external/libprotobuf-mutator/examples/libfuzzer/
D	CMakeLists.txt	`27 add_library(fuzzer-example-proto 29 set_property(TARGET fuzzer-example-proto 32 foreach(fuzzer libfuzzer_example libfuzzer_bin_example) 33 add_executable(${fuzzer} ${fuzzer}.cc) 34 target_link_libraries(${fuzzer} 35 fuzzer-example-proto 38 set_property(TARGET ${fuzzer} 40 set_property(TARGET ${fuzzer} 42 add_dependencies(libfuzzer_example_test ${fuzzer}) 43 endforeach(fuzzer)`
/external/syzkaller/pkg/report/testdata/fuchsia/report/
D	6	9 [00131.346] 01102.01116> <== fatal exception: process /tmp/syz-fuzzer[31717] thread pthread_t:0x118… 38 …01116> dso: id=1496e1863bc310a7322542c41969d8ca90d92878 base=0xd8af0615000 name=app:/tmp/syz-fuzzer 39 [00131.375] 01102.01116> bt#01: pc 0xd8af19736ef sp 0x6ef13e3cf6b8 (app:/tmp/syz-fuzzer,0x135e6ef) 40 [00131.375] 01102.01116> bt#02: pc 0xd8af1974ae5 sp 0x6ef13e3cf6c8 (app:/tmp/syz-fuzzer,0x135fae5) 41 [00131.375] 01102.01116> bt#03: pc 0xd8af1a30ba2 sp 0x6ef13e3cf6d8 (app:/tmp/syz-fuzzer,0x141bba2) 42 [00131.375] 01102.01116> bt#04: pc 0xd8af1a311c2 sp 0x6ef13e3cf6e8 (app:/tmp/syz-fuzzer,0x141c1c2) 43 [00131.375] 01102.01116> bt#05: pc 0xd8af1a36209 sp 0x6ef13e3cf6f8 (app:/tmp/syz-fuzzer,0x1421209) 44 [00131.375] 01102.01116> bt#06: pc 0xd8af1a2d8cc sp 0x6ef13e3cf708 (app:/tmp/syz-fuzzer,0x14188cc) 45 [00131.375] 01102.01116> bt#07: pc 0xd8af1a2d9ac sp 0x6ef13e3cf718 (app:/tmp/syz-fuzzer,0x14189ac) 46 [00131.375] 01102.01116> bt#08: pc 0xd8af1ccc289 sp 0x6ef13e3cf728 (app:/tmp/syz-fuzzer,0x16b7289) [all …]
/external/ImageMagick/Magick++/fuzz/
D	build_fuzzers.sh	`9 fuzzer=$(basename "$f" _fuzzer.cc) 11 if [ "$fuzzer" == "encoder" ] \|\| [ "$fuzzer" == "ping" ]; then 15 "$f" -o "$MAGICK_OUTPUT/${fuzzer}_fuzzer" $MAGICK_LIBS 16 echo -e "[libfuzzer]\nclose_fd_mask=3" > "$MAGICK_OUTPUT/${fuzzer}_fuzzer.options"`
/external/llvm/docs/
D	LibFuzzer.rst	19 The fuzzer is linked with the library under test, and feeds fuzzed inputs to the 20 library via a specific fuzzing entrypoint (aka "target function"); the fuzzer 51 However the fuzzer itself does not (and should not) depend on any part of LLVM 90 the SanitizerCoverage_ option, which instruments the code so that the fuzzer 92 the libFuzzer code then gives an fuzzer executable. 117 files. The fuzzer generates random mutations based around the sample inputs in 150 To run the fuzzer, first create a Corpus_ directory that holds the 158 Then run the fuzzer on the corpus directory: 164 As the fuzzer discovers new interesting test cases (i.e. test cases that 181 inputs found by one fuzzer process will be available to the other fuzzer [all …]
/external/v8/tools/wasm/
D	update-wasm-fuzzers.sh	`12 rm -rf test/fuzzer/wasm_corpus 16 mkdir -p test/fuzzer/wasm_corpus 35 for x in $(find ./test/fuzzer/wasm_corpus/ -type f -size +20k) 41 cd test/fuzzer 42 upload_to_google_storage.py -a -b v8-wasm-fuzzer wasm_corpus`
/external/libprotobuf-mutator/
D	CMakeLists.txt	`57 set(CMAKE_REQUIRED_FLAGS "-fsanitize=fuzzer-no-link") 58 check_cxx_compiler_flag(-fsanitize=fuzzer-no-link LIB_PROTO_MUTATOR_HAS_SANITIZE_FUZZER) 61 set(CMAKE_REQUIRED_FLAGS "-fno-sanitize=fuzzer") 62 check_cxx_compiler_flag(-fno-sanitize=fuzzer LIB_PROTO_MUTATOR_HAS_NO_SANITIZE_FUZZER) 84 set(FUZZING_FLAGS "-fsanitize=fuzzer-no-link") 85 set(FUZZING_FLAGS_BINARY "-fsanitize=fuzzer") 88 set(NO_FUZZING_FLAGS "-fno-sanitize=fuzzer")`
/external/llvm/lib/Fuzzer/test/
D	FuzzerUnittest.cpp	13 using namespace fuzzer; 23 fuzzer::EF = t.get(); in TEST() 82 fuzzer::Unit U(A, A + sizeof(A)); in TEST() 83 EXPECT_EQ("a9993e364706816aba3e25717850c26c9cd0d89d", fuzzer::Hash(U)); in TEST() 85 EXPECT_EQ("81fe8bfe87576c3ecb22426f8e57847382917acf", fuzzer::Hash(U)); in TEST() 93 fuzzer::EF = t.get(); in TestEraseByte() 129 fuzzer::EF = t.get(); in TestInsertByte() 165 fuzzer::EF = t.get(); in TestChangeByte() 201 fuzzer::EF = t.get(); in TestChangeBit() 237 fuzzer::EF = t.get(); in TestShuffleBytes() [all …]
/external/flatbuffers/tests/fuzzer/
D	readme.md	2 Test suite of Flatbuffers library has fuzzer section with tests are based on libFuzzer library. 6 the fuzzer then tracks which areas of the code are reached, and generates mutations on the corpus o… 13 The fuzzer section include three tests: 21 Set environment variable `FLATBUFFERS_TEST_LOCALE` to run a fuzzer with a specific C-locale: 27 ## Run fuzzer 28 These are examples of running a fuzzer. 30 For details, run a fuzzer with `-help` flag: `./parser_fuzzer -help=1`
/external/swiftshader/third_party/llvm-7.0/llvm/test/tools/llvm-opt-fuzzer/
D	command-line.ll	`7 ; RUN: not llvm-opt-fuzzer %t 2>&1 \| FileCheck -check-prefix=TRIPLE %s 11 ; RUN: not llvm-opt-fuzzer %t -ignore_remaining_args=1 -mtriple x86_64 2>&1 \| FileCheck -check-pref… 15 ; RUN: not llvm-opt-fuzzer %t -ignore_remaining_args=1 -mtriple x86_64 -passes no-pass 2>&1 \| FileC… 19 ; RUN: llvm-opt-fuzzer %t -ignore_remaining_args=1 -mtriple x86_64 -passes instcombine 2>&1 \| FileC…`
D	exec-options.ll	`15 ; RUN: cp llvm-opt-fuzzer %t.bin-- 19 ; RUN: cp llvm-opt-fuzzer %t.bin--x86_64 23 ; RUN: cp llvm-opt-fuzzer %t.bin--x86_64-unknown 27 ; RUN: cp llvm-opt-fuzzer %t.bin--x86_64-instcombine`
/external/llvm/tools/llvm-dwarfdump/fuzzer/
D	CMakeLists.txt	`7 add_llvm_executable(llvm-dwarfdump-fuzzer 9 llvm-dwarfdump-fuzzer.cpp 12 target_link_libraries(llvm-dwarfdump-fuzzer`
/external/llvm/tools/llvm-pdbdump/fuzzer/
D	CMakeLists.txt	`8 add_llvm_executable(llvm-pdbdump-fuzzer 10 llvm-pdbdump-fuzzer.cpp 13 target_link_libraries(llvm-pdbdump-fuzzer`
/external/llvm/tools/llvm-as-fuzzer/
D	CMakeLists.txt	`8 add_llvm_tool(llvm-as-fuzzer 9 llvm-as-fuzzer.cpp) 10 target_link_libraries(llvm-as-fuzzer`
/external/llvm/tools/llvm-mc-fuzzer/
D	CMakeLists.txt	`13 add_llvm_tool(llvm-mc-fuzzer 14 llvm-mc-fuzzer.cpp) 15 target_link_libraries(llvm-mc-fuzzer`
/external/syzkaller/docs/
D	internals.md	13 …ss starts, monitors and restarts several VM instances, and starts a `syz-fuzzer` process inside of… 15 As opposed to `syz-fuzzer` processes, it runs on a host with stable kernel which does not experienc… 17 The `syz-fuzzer` process runs inside of presumably unstable VMs. 18 The `syz-fuzzer` guides fuzzing process itself (input generation, mutation, minimization, etc) and … 22 It accepts the program to execute from the `syz-fuzzer` process and sends results back. 27 The `syz-fuzzer` process generates programs to be executed by `syz-executor` based on syscall descr…
/external/boringssl/src/crypto/fipsmodule/bn/
D	bn_test_to_fuzzer.go	`203 var fuzzer string 209 fuzzer = "bn_div" 215 fuzzer = "bn_mod_exp" 222 if len(fuzzer) != 0 { 224 path := filepath.Join(fuzzerDir, fuzzer + "_corpus", hex.EncodeToString(hash[:]))`
/external/boringssl/src/
D	FUZZING.md	68 This is to prevent the fuzzer from getting stuck at a cryptographic invariant in the protocol. 72 …ra are seeded from the test suite. The test suite has a `-fuzzer` flag which mirrors the fuzzer mo… 74 …E=1` into CMake. This configuration is run in the same way but without `-fuzzer` and `-shim-config… 76 If both sets of tests pass, refresh the fuzzer corpora with `refresh_ssl_corpora.sh`: 80 ./refresh_ssl_corpora.sh /path/to/fuzzer/mode/build /path/to/non/fuzzer/mode/build

12 3 4 5 6 7

art
bionic
bootable
build
cts
dalvik
developers
development
device
external
frameworks
hardware
kernel
libcore
libnativehelper
packages
pdk
platform_testing
sdk
system
test
toolchain
tools