Fuzz introspector: fuzzers/fuzz_tokenizer.cpp
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues

Fuzz blockers

The following nodes represent call sites where fuzz blockers occur.

Amount of callsites blocked Calltree index Parent function Callsite Largest blocked function
27 0 EP call site: 00000 init

Fuzzer calltree

0 LLVMFuzzerTestOneInput [function] [call site] 00000
1 init [function] [call site] 00001
2 ggml_time_us [function] [call site] 00002
3 QueryPerformanceCounter [function] [call site] 00003
1 common_tokenize [function] [call site] 00004
2 llama_get_model [function] [call site] 00005
3 llama_get_model [function] [call site] 00006
4 llama_get_model [function] [call site] 00007
2 llama_model_get_vocab [function] [call site] 00008
2 common_tokenize [function] [call site] 00009
1 std::string::c_str [function] [call site] 00010
1 common_detokenize [function] [call site] 00011
2 llama_get_model [function] [call site] 00012
2 llama_model_get_vocab [function] [call site] 00013
2 common_detokenize [function] [call site] 00014
1 llama_batch_get_one [function] [call site] 00016
1 std::vector::size [function] [call site] 00018
1 llama_decode [function] [call site] 00019
2 decode [function] [call site] 00020
3 JSON_ASSERT [function] [call site] 00021
3 std::array::size [function] [call site] 00022
3 static_cast<size_t> [function] [call site] 00023
3 static_cast<size_t> [function] [call site] 00024
3 JSON_ASSERT [function] [call site] 00025
3 std::array::size [function] [call site] 00026
2 LLAMA_LOG_ERROR [function] [call site] 00027