clang\-msan\-fuzz (full) in projects: external

Project(s)

Full Search
Definition
Symbol
File Path
History
Type

Searched +full:clang +full:- +full:msan +full:- +full:fuzz (Results 1 – 25 of 43) sorted by relevance

/external/zstd/.github/workflows/
D	dev-long-tests.yml	`1 name: dev-long-tests 5 group: long-${{ github.ref }} 6 cancel-in-progress: true 12 permissions: read-all 15 make-all: 16 runs-on: ubuntu-latest 18 - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # tag=v4.1.1 19 - name: make all 23 make-test: 24 runs-on: ubuntu-latest [all …]`
/external/zstd/tests/fuzz/
D	README.md	4 Zstd provides a fuzz corpus for each target that can be downloaded with 13 ## fuzz.py 15 `fuzz.py` is a helper script for building and running fuzzers. 16 Run `./fuzz.py -h` for the commands and run `./fuzz.py COMMAND -h` for 21 `fuzz.py` provides a utility to generate seed data for each fuzzer. 24 make -C ../tests decodecorpus 25 ./fuzz.py gen TARGET 28 By default it outputs 100 samples, each at most 8KB into `corpora/TARGET-seed`, 29 but that can be configured with the `--number`, `--max-size-log` and `--seed` 35 `--cc`, `--cflags`, etc. [all …]
D	fuzz.py	7 # This source code is licensed under both the BSD-style license (found in the 10 # You may select, at your option, one of the above-listed licenses. 79 CFLAGS = os.environ.get('CFLAGS', '-O3') 82 MFLAGS = os.environ.get('MFLAGS', '-j') 87 AFL_FUZZ = os.environ.get('AFL_FUZZ', 'afl-fuzz') 142 help='Fuzz target(s) to build {{{}}}'.format(', '.join(ALL_TARGETS))) 155 san_flags = ','.join(re.findall('-fsanitize=((?:[a-z]+,?)+)', flags)) 156 nosan_flags = ','.join(re.findall('-fno-sanitize=((?:[a-z]+,?)+)', flags)) 160 raise RuntimeError('-fno-sanitize={s} and -fsanitize={s} passed'. 172 args.msan = set_sanitizer('memory', args.msan, san, nosan) [all …]
/external/cronet/testing/libfuzzer/
D	reference.md	5 ### MSan subsection 7 Memory Sanitizer (MSan) in Chromium only supports Ubuntu Precise/Trusty and not 9 Thus, our [reproduce tool] cannot reproduce bugs found using MSan. 11 run MSan-instrumented code in docker. 33 \|---------\|-------------\| 34 \|Linux ASan \| `tools/mb/mb.py gen -m chromium.fuzz -b 'Libfuzzer Upload Linux ASan' out/libfuzzer` \| 35 \|Linux ASan (x86) \| `tools/mb/mb.py gen -m chromium.fuzz -b 'Libfuzzer Upload Linux32 ASan' out/lib… 36 \|Linux ASan Debug \| `tools/mb/mb.py gen -m chromium.fuzz -b 'Libfuzzer Upload Linux ASan Debug' out… 37 \|Linux MSan[](#MSan) \| `tools/mb/mb.py gen -m chromium.fuzz -b 'Libfuzzer Upload Linux MSan' out/l… 38 \|Linux UBSan[](#UBSan)\| `tools/mb/mb.py gen -m chromium.fuzz -b 'Libfuzzer Upload Linux UBSan' out… [all …]
D	getting_started_with_libfuzzer.md	7 Chrome, but it still works well - read on. 10 for improving your fuzz targets. If you're looking for more advanced fuzzing 23 a case-insensitive pattern that matches file names containing the 84 ### Creating your first fuzz target 89 1. In the same directory as the code you are going to fuzz (or next to the tests 94 directory was used for initial sample fuzz targets but is no longer 122 using the data provided by the fuzzing engine as an argument. However, fuzz 124 performed. [quic_stream_factory_fuzzer.cc] is a good example of a complex fuzz 128 Once you created your first fuzz target, in order to run it, you must set up 135 that you run the meta-builder tool using [GN config] that corresponds to the [all …]
/external/oss-fuzz/infra/base-images/base-clang/
D	checkout_build_install_llvm.sh	1 #!/bin/bash -eux 8 # http://www.apache.org/licenses/LICENSE-2.0 23 # zlib1g-dev is needed for llvm-profdata to handle coverage data from rust compiler 24 LLVM_DEP_PACKAGES="build-essential make cmake ninja-build git python3 python3-distutils g++-multili… 25 apt-get update && apt-get install -y $LLVM_DEP_PACKAGES --no-install-recommends 37 rm -rf $LOCAL_PATH 40 if [ $CHECKOUT_RETURN_CODE -eq 0 ]; then 45 # Re-enable exit on error. If checkout failed, script will exit. 46 set -e 52 cmake -G "Ninja" \ [all …]
/external/pigweed/pw_toolchain/host_clang/
D	toolchains.gni	7 # https://www.apache.org/licenses/LICENSE-2.0 21 # Sets the sanitizer to pass to clang. Valid values are "address", "memory", 28 # For example, the static analysis toolchains that run `clang-tidy` instead 41 # Indicates if this build is a part of OSS-Fuzz, which needs to be able to 43 # should only be used for OSS-Fuzz. 47 # Specifies the tools used by host Clang toolchains. 52 # Enable static analysis for host clang based toolchains. 57 # Common default scope shared by all host Clang toolchains. 59 # TODO: b/234888755 - amend toolchain declaration process to 69 # OSS-Fuzz uses -stdlib=libc++, which isn't included in the CIPD-provided [all …]
/external/skia/site/docs/dev/testing/
D	fuzz.md	1 --- 4 --- 6 ## Reproducing using `fuzz` 9 reproduce when building with ASAN or MSAN; see 13 less machine- and platform- dependent: 24 All that is needed to reproduce a fuzz downloaded from ClusterFuzz or oss-fuzz 27 out/ASAN/fuzz -b /path/to/downloaded/testcase 29 The fuzz binary will try its best to guess what the type/name should be based on 33 out/ASAN/fuzz -t filter_fuzz -b /path/to/downloaded/testcase 34 out/ASAN/fuzz -t api -n RasterN32Canvas -b /path/to/downloaded/testcase [all …]
/external/pigweed/
D	BUILD.gn	`7 # https://www.apache.org/licenses/LICENSE-2.0 73 pw_C_OPTIMIZATION_LEVELS + pw_toolchain_SUPPORTED_C_OPTIMIZATION_LEVELS - 86 [ pw_DEFAULT_C_OPTIMIZATION_LEVEL ] - 118 # micro-ecc 160 "Pigweed's top-level BUILD.gn may only be used when building upstream " + 162 "\$dir_pigweed/modules.gni and create a top-level pw_test_group " + 187 # Warns if PIGWEED_MODULES is not up-to-date and sorted. 192 "--mode=WARN", 193 "--stamp", 198 # Fails if PIGWEED_MODULES is not up-to-date and sorted. [all …]`
/external/cronet/build/config/sanitizers/
D	sanitizers.gni	2 # Use of this source code is governed by a BSD-style license that can be 16 # Compile for Hardware-Assisted Address Sanitizer to find memory bugs 18 # See http://clang.llvm.org/docs/HardwareAssistedAddressSanitizerDesign.html 38 # 0 - no tracking, 1 - track only the initial allocation site, 2 - track the 47 # See http://clang.llvm.org/docs/ControlFlowIntegrity.html 89 # Value for -fsanitize-coverage flag. Setting this causes 92 # -fsanitize=fuzzer-no-link 94 # trace-pc-guard 96 # trace-pc-guard,indirect-calls 130 # --fuzz= argument, which requires some sanitizer coverage. [all …]
/external/cronet/third_party/boringssl/src/
D	CMakeLists.txt	47 # Android-NDK CMake files reconfigure the path and so Perl won't be found. 59 pkg_check_modules(LIBUNWIND libunwind-generic>=1.3.0) 61 add_definitions(-DBORINGSSL_HAVE_LIBUNWIND) 75 add_definitions(-DBORINGSSL_ALLOW_CXX_RUNTIME) 82 add_definitions(-DBORINGSSL_DISPATCH_TEST) 84 # command-line, but not add_definitions. 85 set(CMAKE_ASM_NASM_FLAGS "${CMAKE_ASM_NASM_FLAGS} -DBORINGSSL_DISPATCH_TEST") 92 string(REGEX REPLACE "(^\| )[/-]DNDEBUG( \|$)" " " "${VAR}_RELWITHASSERTS" 97 add_definitions(-DBORINGSSL_PREFIX=${BORINGSSL_PREFIX}) 98 # CMake automatically connects include_directories to the NASM command-line, [all …]
/external/angle/build/config/sanitizers/
D	sanitizers.gni	2 # Use of this source code is governed by a BSD-style license that can be 16 # Compile for Hardware-Assisted Address Sanitizer to find memory bugs 18 # See http://clang.llvm.org/docs/HardwareAssistedAddressSanitizerDesign.html 38 # 0 - no tracking, 1 - track only the initial allocation site, 2 - track the 42 # Enables "param-retval" mode, which finds more uses of uninitialized data and 56 # See http://clang.llvm.org/docs/ControlFlowIntegrity.html 101 # Value for -fsanitize-coverage flag. Setting this causes 104 # -fsanitize=fuzzer-no-link 106 # trace-pc-guard 108 # trace-pc-guard,indirect-calls [all …]
/external/rust/crates/quiche/deps/boringssl/src/
D	CMakeLists.txt	17 # This is a dummy target which all other targets depend on (manually - see other 23 # Android-NDK CMake files reconfigure the path and so Go and Perl won't be 39 pkg_check_modules(LIBUNWIND libunwind-generic) 41 add_definitions(-DBORINGSSL_HAVE_LIBUNWIND) 59 add_definitions(-DBORINGSSL_ALLOW_CXX_RUNTIME) 66 add_definitions(-DBORINGSSL_DISPATCH_TEST) 68 # command-line, but not add_definitions. 69 set(CMAKE_ASM_NASM_FLAGS "${CMAKE_ASM_NASM_FLAGS} -DBORINGSSL_DISPATCH_TEST") 76 string(REGEX REPLACE "(^\| )[/-]DNDEBUG( \|$)" " " "${VAR}_RELWITHASSERTS" 81 add_definitions(-DBORINGSSL_PREFIX=${BORINGSSL_PREFIX}) [all …]
/external/libbpf/scripts/
D	build-fuzzers.sh	`2 set -eux 4 SANITIZER=${SANITIZER:-address} 5 flags="-O1 -fno-omit-frame-pointer -g -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -fsanitize=$SANITI… 7 export CC=${CC:-clang} 8 export CFLAGS=${CFLAGS:-$flags} 10 export CXX=${CXX:-clang++} 11 export CXXFLAGS=${CXXFLAGS:-$flags} 13 cd "$(dirname -- "$0")/.." 15 export OUT=${OUT:-"$(pwd)/out"} 16 mkdir -p "$OUT" [all …]`
/external/boringssl/src/
D	CMakeLists.txt	32 pkg_check_modules(LIBUNWIND libunwind-generic>=1.3.0) 34 add_definitions(-DBORINGSSL_HAVE_LIBUNWIND) 47 add_definitions(-DBORINGSSL_DISPATCH_TEST) 49 # command-line, but not add_definitions. 50 set(CMAKE_ASM_NASM_FLAGS "${CMAKE_ASM_NASM_FLAGS} -DBORINGSSL_DISPATCH_TEST") 57 string(REGEX REPLACE "(^\| )[/-]DNDEBUG( \|$)" " " "${VAR}_RELWITHASSERTS" 63 add_definitions(-DBORINGSSL_PREFIX=${BORINGSSL_PREFIX}) 64 # CMake automatically connects include_directories to the NASM command-line, 66 set(CMAKE_ASM_NASM_FLAGS "${CMAKE_ASM_NASM_FLAGS} -DBORINGSSL_PREFIX=${BORINGSSL_PREFIX}") 74 COMMAND ${CMAKE_COMMAND} -E make_directory ${CMAKE_CURRENT_BINARY_DIR}/symbol_prefix_include [all …]
/external/pigweed/docs/
D	automated_analysis.rst	`1 .. _docs-automated-analysis: 11 ------- 13 ------- 18 * clang-tidy 22 * OSS-Fuzz 27 -------------- 29 -------------- 35 ------ 45 your Pigweed-based project. 51 ---- [all …]`
/external/llvm/docs/
D	LibFuzzer.rst	2 libFuzzer – a library for coverage-guided fuzz testing. 11 LibFuzzer is a library for in-process, coverage-guided, evolutionary fuzzing 15 all of its fuzzing inside a single process. This in-process fuzzing can be more 17 for process start-up. 32 version of Clang is the only supported variant. 34 (If `building Clang from trunk`_ is too time-consuming or difficult, then 35 the Clang binaries that the Chromium developers build are likely to be 38 .. code-block:: console 42 git clone https://chromium.googlesource.com/chromium/src/tools/clang 44 TMP_CLANG/clang/scripts/update.py [all …]
/external/oss-fuzz/projects/bitcoin-core/
D	build.sh	1 #!/bin/bash -eu 8 # http://www.apache.org/licenses/LICENSE-2.0 20 cd $SRC/bitcoin-core/ 25 export BUILD_TRIPLET="i686-pc-linux-gnu" 27 export BUILD_TRIPLET="x86_64-pc-linux-gnu" 31 sed -i --regexp-extended '/.rm -rf .extract_dir.*/d' ./funcs.mk # Keep extracted source 32 …O_UPNP=1 NO_NATPMP=1 boost_cxxflags="-std=c++17 -fvisibility=hidden -fPIC ${CXXFLAGS}" libevent_cf… 35 # Build the fuzz targets 37 sed -i "s\|PROVIDE_FUZZ_MAIN_FUNCTION\|NEVER_PROVIDE_MAIN_FOR_OSS_FUZZ\|g" "./configure.ac" 40 # Temporarily compile with O2 to work around clang-13 (and later) UBSan [all …]
/external/AFLplusplus/docs/
D	env_variables.md	14 Starting with AFL++ 3.0, there is only one compiler: afl-cc. 18 - Pass the --afl-MODE command-line option to the compiler. Only this option 19 accepts further AFL-specific command-line options. 20 - Use a symlink to afl-cc: afl-clang, afl-clang++, afl-clang-fast, 21 afl-clang-fast++, afl-clang-lto, afl-clang-lto++, afl-g++, afl-g++-fast, 22 afl-gcc, afl-gcc-fast. This option does not accept AFL-specific command-line 24 - Use the `AFL_CC_COMPILER` environment variable with `MODE`. To select 27 - `GCC` (afl-gcc/afl-g++) 28 - `GCC_PLUGIN` (afl-g-fast) 29 - `LLVM` (afl-clang-fast) [all …]
D	fuzzing_in_depth.md	3 The following describes how to fuzz with a target if source code is available. 4 If you have a binary-only target, go to 5 [fuzzing_binary-only_targets.md](fuzzing_binary-only_targets.md). 7 Fuzzing source code is a three-step process: 18 Please keep in mind that, similarly to many other computationally-intensive 21 - Your CPU will run hot and will need adequate cooling. In most cases, if 27 - Targeted programs may end up erratically grabbing gigabytes of memory or 33 - Fuzzing involves billions of reads and writes to the filesystem. On modern 35 "physical" I/O - but there are many factors that may alter this equation. It 42 $ iostat -d 3 -x -k [...optional disk ID...] [all …]
D	Changelog.md	`7 - afl-fuzz: 8 - default power schedule is now EXPLORE, due a fix in fast schedules 10 - fixed minor issues in the mutation engine, thanks to @futhewo for 12 - better deterministic fuzzing is now available, benchmarks have shown 13 to improve fuzzing. Enable with -D. Thanks to @kdsjZh for the PR! 14 - afl-cc: 15 - large rewrite by @SonicStark which fixes a few corner cases, thanks! 16 - LTO mode now requires llvm 12+ 17 - workaround for ASAN with gcc_plugin mode 18 - instrumentation: [all …]`
/external/oss-fuzz/infra/base-images/base-runner/
D	run_fuzzer	`1 #!/bin/bash -eu 8 # http://www.apache.org/licenses/LICENSE-2.0 24 DEBUGGER=${DEBUGGER:-} 31 CORPUS_DIR=${CORPUS_DIR:-} 32 if [ -z "$CORPUS_DIR" ] 35 rm -rf $CORPUS_DIR && mkdir -p $CORPUS_DIR 38 SANITIZER=${SANITIZER:-} 39 if [ -z $SANITIZER ]; then 55 if [[ -f "$options_file" ]]; then 56 dict=$(sed -n 's/^\sdict\s=\s$.$/\1/p' "$options_file" \| tail -1) [all …]`
/external/AFLplusplus/utils/libdislocator/
D	README.md	5 This is a companion library that can be used as a drop-in replacement for the 7 heap-related security bugs in several ways: 9 - It allocates all buffers so that they are immediately adjacent to a 10 subsequent PROT_NONE page, causing most off-by-one reads and writes to 13 - It adds a canary immediately below the allocated buffer, to catch writes to 16 - It sets the memory returned by malloc() to garbage values, improving the 19 - It sets freed memory to PROT_NONE and does not actually reuse it, causing 20 most use-after-free bugs to segfault right away, 22 - It forces all realloc() calls to return a new address - and sets PROT_NONE 23 on the original block. This catches use-after-realloc bugs, [all …]
/external/webrtc/infra/config/
D	luci-milo.cfg	`1 # Auto-generated by lucicfg. 5 # https://luci-config.appspot.com/schemas/projects:luci-milo.cfg 140 name: "buildbucket/luci.webrtc.ci/Linux MSan" 142 short_name: "msan" 162 short_name: "fuzz" 195 name: "buildbucket/luci.webrtc.ci/Win32 Debug (Clang)" 196 category: "Win Clang\|x86" 200 name: "buildbucket/luci.webrtc.ci/Win32 Release (Clang)" 201 category: "Win Clang\|x86" 205 name: "buildbucket/luci.webrtc.ci/Win64 Debug (Clang)" [all …]`
/external/AFLplusplus/
D	Changelog.md	`7 - afl-fuzz: 8 - default power schedule is now EXPLORE, due a fix in fast schedules 10 - fixed minor issues in the mutation engine, thanks to @futhewo for 12 - better deterministic fuzzing is now available, benchmarks have shown 13 to improve fuzzing. Enable with -D. Thanks to @kdsjZh for the PR! 14 - afl-cc: 15 - large rewrite by @SonicStark which fixes a few corner cases, thanks! 16 - LTO mode now requires llvm 12+ 17 - workaround for ASAN with gcc_plugin mode 18 - instrumentation: [all …]`

art
bionic
bootable
build
cts
dalvik
developers
development
device
external
frameworks
hardware
kernel
libcore
libnativehelper
packages
pdk
platform_testing
sdk
system
test
toolchain
tools
trusty