/external/libcxx/fuzzing/ |
D | fuzz_test.cpp | 109 {"sort", fuzzing::sort}, 110 {"stable_sort", fuzzing::stable_sort}, 111 {"partition", fuzzing::partition}, 112 {"partition_copy", fuzzing::partition_copy}, 113 {"stable_partition", fuzzing::stable_partition}, 114 {"unique", fuzzing::unique}, 115 {"unique_copy", fuzzing::unique_copy}, 116 {"nth_element", fuzzing::nth_element}, 117 {"partial_sort", fuzzing::partial_sort}, 118 {"partial_sort_copy", fuzzing::partial_sort_copy}, [all …]
|
D | fuzzing.cpp | 37 namespace fuzzing { namespace 170 if (!fuzzing::is_permutation(data, data + size, working.cbegin())) return 99; in sort() 192 if (!fuzzing::is_permutation(input.cbegin(), input.cend(), working.cbegin())) return 99; in stable_sort() 204 if (!fuzzing::is_permutation(data, data + size, working.cbegin())) return 99; in partition() 260 if (!fuzzing::is_permutation(input.cbegin(), input.cend(), working.cbegin())) return 99; in stable_partition() 286 if (!fuzzing::is_permutation(data + 1, data + size, working.cbegin())) return 99; in nth_element() 311 if (!fuzzing::is_permutation(data + 1, data + size, working.cbegin())) return 99; in partial_sort() 510 if (!fuzzing::is_permutation(data, data + size, working.cbegin())) return 99; in make_heap() 531 if (!fuzzing::is_permutation(data, data + size, working.cbegin())) return 99; in push_heap()
|
/external/honggfuzz/docs/ |
D | PersistentFuzzing.md | 1 # Persistent fuzzing # 3 …ggfuzz is capable of fuzzing APIs, which is to say; to test new data within the same process. This… 5 # Requirements for hardware-based counter-based fuzzing # 74 The persistent fuzzing can be easily used together with feedback-driven fuzzing. In order to achiev…
|
D | USAGE.md | 13 …* It's blazingly fast (specifically in the [persistent fuzzing mode](https://github.com/google/hon… 18 …unting, __Intel BTS__, __Intel PT__) and software-based [feedback-driven fuzzing](https://github.c… 20 …* Supports __persistent fuzzing mode__ (long-lived process calling a fuzzed API repeatedly) with l… 26 * GNU/Linux with modern kernel (>= v4.2) for hardware-based code coverage guided fuzzing 27 …ects a set of files to use and modify as input to the application you're fuzzing. How you get or c… 31 _**Note**: With the feedback-driven coverage-based modes, you can start your fuzzing with even a si… 59 Enable persistent fuzzing (use hfuzz_cc/hfuzz-clang to compile code) 69 Number of concurrent fuzzing threads (default: number of CPUs / 2) 71 Provide fuzzing input on STDIN, instead of ___FILE___ 97 Number of seconds this fuzzing session will last (default: '0' [no limit]) [all …]
|
D | FeedbackDrivenFuzzing.md | 1 # Feedback-driven fuzzing # 3 Honggfuzz is capable of performing feedback-guided (code coverage driven) fuzzing. It can utilize t… 13 # Requirements for software-based coverage-guided fuzzing # 26 # Requirements for hardware-based counter-based fuzzing # 32 # Requirements for hardware-based coverage-feedback fuzzing (Intel) # 41 … inputs are added (dynamically stored in memory) corpus, and reused during following fuzzing rounds 43 There are 2 phases of feedback-driven the fuzzing: 45 … from the dynamic input corpus (in-memory), mutates them, and runs a new fuzzing round (round in p… 198 … behalf of the fuzzed process (here: djpeg.static) while performing each fuzzing iteration. Intel,…
|
D | ExternalFuzzerUsage.md | 5 Alternatively to this _"dumb"_ fuzzing mode, you can specify a custom fuzzer (`-c`) to modify input… 12 …1. the fuzzing target is executed with the input file (either via STDIN (`-s`) or via a command li… 16 …1. honggfuzz executes the external fuzzing binary or script specified by the `-c` parameter and ap… 19 …1. the fuzzing target is executed with the modified input file (either via STDIN (`-s`) or via a c…
|
/external/honggfuzz/ |
D | CHANGELOG | 4 …- Removed the support for -p (pid fuzzing), honggfuzz net driver, or persistent fuzzing mode shoul… 11 - ASCII only fuzzing 16 - Updated fuzzing examples for OpenSSL 25 - Persistent fuzzing now works with MacOS-X 55 - Updated fuzzing corpora for ssl packages 57 - Updated ISC Bind config and fuzzing corpora 87 - Persistent fuzzing mode (-P) for Linux and POSIX 96 …- Improvements to feedback-driven fuzzing. Using bloom-style filter to record branches (much faste… 101 …- Feedback-driven fuzzing on Linux (using Intel's BTS with Linux perf infrastructure for branch co…
|
D | README.md | 7 …rocess. The file corpus is automatically shared and improved between the fuzzing threads and fuzze… 8 …* It's blazingly fast when in the [persistent fuzzing mode](https://github.com/google/honggfuzz/bl… 12 …unting, __Intel BTS__, __Intel PT__) and software-based [feedback-driven fuzzing](https://github.c… 14 …* Supports the __persistent fuzzing mode__ (long-lived process calling a fuzzed API repeatedly) wi… 102 * [__h2fuzz__: fuzzing Apache's HTTP/2 implementation](https://github.com/icing/h2fuzz) 107 * [__honggfuzz-rs__: fuzzing Rust with Honggfuzz](https://github.com/rust-fuzz/honggfuzz-rs) 112 * [__FuzzM__: a gray box model-based fuzzing framework](https://github.com/collins-research/FuzzM)
|
/external/tensorflow/tensorflow/core/kernels/fuzzing/ |
D | BUILD | 17 load("//tensorflow/core/kernels/fuzzing:tf_ops_fuzz_target_lib.bzl", "tf_ops_fuzz_target_lib") 18 load("//tensorflow/core/kernels/fuzzing:tf_ops_fuzz_target_lib.bzl", "tf_oss_fuzz_corpus") 19 load("//tensorflow/core/kernels/fuzzing:tf_ops_fuzz_target_lib.bzl", "tf_oss_fuzz_dict")
|
D | string_to_number_fuzz.cc | 20 namespace fuzzing { namespace
|
D | decode_base64_fuzz.cc | 20 namespace fuzzing { namespace
|
D | decode_json_example_fuzz.cc | 20 namespace fuzzing { namespace
|
D | decode_wav_fuzz.cc | 21 namespace fuzzing { namespace
|
/external/boringssl/src/ |
D | FUZZING.md | 5 … require that the rest of BoringSSL be built with some changes that make fuzzing much more effecti… 23 …and `workers` should be the number of cores that you wish to dedicate to fuzzing. By default, libF… 42 …fuzzing tests which contain seed files for fuzzing. Some of the seed files were generated manually… 48 In order to minimise all the corpuses, build for fuzzing and run `./fuzz/minimise_corpuses.sh`. Not…
|
/external/syzkaller/docs/ |
D | ci.md | 1 # Continuous integration fuzzing 3 (syz-ci)[syz-ci/] command provides support for continuous fuzzing with syzkaller.
|
D | setup.md | 3 Generic setup instructions for fuzzing Linux kernel are outlined [here](linux/setup.md). 24 …ied `"cover": false` in the config or coverage is not yet supported for the kernel you're fuzzing).
|
D | usage.md | 10 The `syz-manager` process will wind up VMs and start fuzzing in them. 18 This may stop the fuzzing, since all of the VMs might be busy reproducing detected crashes.
|
/external/llvm/docs/ |
D | LibFuzzer.rst | 11 LibFuzzer is a library for in-process, coverage-guided, evolutionary fuzzing 15 all of its fuzzing inside a single process. This in-process fuzzing can be more 20 library via a specific fuzzing entrypoint (aka "target function"); the fuzzer 67 The first step for using libFuzzer on a library is to implement a fuzzing 89 Then build the fuzzing target function and the library under test using 91 can retrieve code coverage information (to guide the fuzzing). Linking with 127 fuzzing entrypoint still works and that all of the sample inputs run through 130 If you have a large corpus (either generated by fuzzing or acquired by other means) 168 By default, the fuzzing process will continue indefinitely – at least until 170 stopping the fuzzing process, and the particular input that triggered the bug [all …]
|
/external/syzkaller/ |
D | README.md | 5 `syzkaller` is an unsupervised coverage-guided kernel fuzzer. `Linux` kernel fuzzing has the most s… 14 Initially, syzkaller was developed with Linux kernel fuzzing in mind, but now it's being extended t… 31 …- [A example of fuzzing the ceph filesystem](https://github.com/hardenedlinux/Debian-GNU-Linux-Pro… 32 …- [Coverage-guided kernel fuzzing with syzkaller](https://lwn.net/Articles/677764/) (by David Drys…
|
/external/swiftshader/third_party/llvm-7.0/llvm/docs/ |
D | LibFuzzer.rst | 11 LibFuzzer is in-process, coverage-guided, evolutionary fuzzing engine. 14 library via a specific fuzzing entrypoint (aka "target function"); the fuzzer 56 and so it is possible and even desirable to use it with other fuzzing engines 61 * The fuzzing engine will execute the fuzz target many times with different inputs in the same proc… 65 …Non-determinism (e.g. random decisions not based on the input bytes) will make fuzzing inefficient. 117 fuzzing entrypoint still works and that all of the sample inputs run through 120 If you have a large corpus (either generated by fuzzing or acquired by other means) 157 By default, the fuzzing process will continue indefinitely – at least until 159 stopping the fuzzing process, and the particular input that triggered the bug 174 that `N` fuzzing jobs should be run to completion (i.e. until a bug is found or [all …]
|
/external/syzkaller/docs/linux/ |
D | setup_linux-host_isolated.md | 12 Given only ssh may work, a reverse ssh proxy will be used to allow the fuzzing 53 Before fuzzing, connect to the machine and keep the connection open so all scp 105 …- `vm.target_reboot` Reboot the machine if remote process hang (useful for wide fuzzing, false by …
|
D | external_fuzzing_network.md | 1 External network fuzzing for Linux kernel 4 syzkaller has support for external fuzzing of the network stack. 9 You need to enable the `CONFIG_TUN` kernel config to enable external network fuzzing. 18 Since fuzzing may be done in mutiple executor proccesses within the same VM instance, we need a way…
|
/external/libchrome/mojo/public/tools/bindings/generators/js_templates/ |
D | union_definition.tmpl | 43 {%- from "fuzzing.tmpl" import generate_or_mutate %} 77 {%- from "fuzzing.tmpl" import get_handle_deps %} 89 {%- from "fuzzing.tmpl" import set_handles %}
|
D | struct_definition.tmpl | 35 {%- from "fuzzing.tmpl" import generate_or_mutate %} 53 {%- from "fuzzing.tmpl" import get_handle_deps %} 70 {%- from "fuzzing.tmpl" import set_handles %}
|
/external/harfbuzz_ng/test/ |
D | CMakeLists.txt | 4 add_subdirectory(fuzzing)
|