Fuzz introspector: set_eval_fuzzer
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
72 146 4 :

['std::__1::basic_string , std::__1::allocator >::basic_string (char const*)', 'mu::ParserByteCode::AddAssignOp(double*)', 'mu::ParserToken , std::__1::allocator > >::GetVar() const', 'mu::ParserBase::Error(mu::EErrorCodes, int, std::__1::basic_string , std::__1::allocator > const&) const']

88 169 mu::ParserBase::ApplyBinOprt(std::__1::stack ,std::__1::allocator >>,std::__1::deque ,std::__1::allocator >>,std::__1::allocator ,std::__1::allocator >>>>>&,std::__1::stack ,std::__1::allocator >>,std::__1::deque ,std::__1::allocator >>,std::__1::allocator ,std::__1::allocator >>>>>&)const call site: 00000 /src/muparser/src/muParserBase.cpp:965
67 67 6 :

['std::__1::basic_string , std::__1::allocator >::basic_string()', 'std::__1::basic_string , std::__1::allocator >::~basic_string()', '__cxa_allocate_exception', '__cxa_free_exception', 'mu::ParserError::ParserError(char const*, int, std::__1::basic_string , std::__1::allocator > const&)', '__cxa_throw']

67 67 mu::MathImpl ::Sum(doubleconst*,int) call site: 00000 /src/muparser/include/muParserTemplateMagic.h:144
67 67 6 :

['std::__1::basic_string , std::__1::allocator >::basic_string()', 'std::__1::basic_string , std::__1::allocator >::~basic_string()', '__cxa_allocate_exception', '__cxa_free_exception', 'mu::ParserError::ParserError(char const*, int, std::__1::basic_string , std::__1::allocator > const&)', '__cxa_throw']

67 67 mu::MathImpl ::Avg(doubleconst*,int) call site: 00000 /src/muparser/include/muParserTemplateMagic.h:154
67 67 6 :

['std::__1::basic_string , std::__1::allocator >::~basic_string()', '__cxa_allocate_exception', 'mu::ParserError::ParserError(char const*, int, std::__1::basic_string , std::__1::allocator > const&)', '__cxa_throw', 'std::__1::basic_string , std::__1::allocator >::basic_string()', '__cxa_free_exception']

67 67 mu::MathImpl ::Min(doubleconst*,int) call site: 00000 /src/muparser/include/muParserTemplateMagic.h:164
67 67 6 :

['std::__1::basic_string , std::__1::allocator >::~basic_string()', '__cxa_allocate_exception', 'mu::ParserError::ParserError(char const*, int, std::__1::basic_string , std::__1::allocator > const&)', '__cxa_throw', 'std::__1::basic_string , std::__1::allocator >::basic_string()', '__cxa_free_exception']

67 67 mu::MathImpl ::Max(doubleconst*,int) call site: 00000 /src/muparser/include/muParserTemplateMagic.h:176
6 69 4 :

['mu::ParserError::ParserError(mu::EErrorCodes)', '__cxa_free_exception', '__cxa_throw', '__cxa_allocate_exception']

6 69 mu::ParserByteCode::GetBase()const call site: 00000 /src/muparser/include/muParserBytecode.h:139
6 69 4 :

['mu::ParserError::ParserError(mu::EErrorCodes)', '__cxa_free_exception', '__cxa_throw', '__cxa_allocate_exception']

6 69 mu::ParserToken ,std::__1::allocator >>::GetPri()const call site: 00000 /src/muparser/include/muParserToken.h:413
6 69 4 :

['mu::ParserError::ParserError(mu::EErrorCodes)', '__cxa_free_exception', '__cxa_throw', '__cxa_allocate_exception']

6 69 mu::ParserToken ,std::__1::allocator >>::SetIdx(int) call site: 00000 /src/muparser/include/muParserToken.h:354
2 159 12 :

['std::__1::basic_string , std::__1::allocator >::~basic_string()', 'std::__1::operator==(std::__1::__map_const_iterator , std::__1::allocator >, double*>, std::__1::__tree_node , std::__1::allocator >, double*>, void*>*, long> > const&, std::__1::__map_const_iterator , std::__1::allocator >, double*>, std::__1::__tree_node , std::__1::allocator >, double*>, void*>*, long> > const&)', 'std::__1::map , std::__1::allocator >, double*, std::__1::less , std::__1::allocator > >, std::__1::allocator , std::__1::allocator > const, double*> > >::find(std::__1::basic_string , std::__1::allocator > const&)', 'std::__1::__map_const_iterator , std::__1::allocator >, double*>, std::__1::__tree_node , std::__1::allocator >, double*>, void*>*, long> >::operator->() const', 'std::__1::basic_string , std::__1::allocator >::basic_string()', 'std::__1::map , std::__1::allocator >, double*, std::__1::less , std::__1::allocator > >, std::__1::allocator , std::__1::allocator > const, double*> > >::operator[](std::__1::basic_string , std::__1::allocator > const&)', 'mu::ParserTokenReader::Error(mu::EErrorCodes, int, std::__1::basic_string , std::__1::allocator > const&) const', 'mu::ParserToken , std::__1::allocator > >::SetVar(double*, std::__1::basic_string , std::__1::allocator > const&)', 'std::__1::map , std::__1::allocator >, double*, std::__1::less , std::__1::allocator > >, std::__1::allocator , std::__1::allocator > const, double*> > >::end()', 'std::__1::__map_const_iterator , std::__1::allocator >, double*>, std::__1::__tree_node , std::__1::allocator >, double*>, void*>*, long> >::__map_const_iterator(std::__1::__map_iterator , std::__1::allocator >, double*>, std::__1::__tree_node , std::__1::allocator >, double*>, void*>*, long> >)', 'mu::ParserBase::ValidNameChars() const', 'mu::ParserTokenReader::ExtractToken(char const*, std::__1::basic_string , std::__1::allocator >&, unsigned long) const']

2 159 mu::ParserTokenReader::IsVarTok(mu::ParserToken ,std::__1::allocator >>&) call site: 00000 /src/muparser/src/muParserTokenReader.cpp:818
0 406 1 :

['mu::ParserBase::ApplyFunc(std::__1::stack , std::__1::allocator > >, std::__1::deque , std::__1::allocator > >, std::__1::allocator , std::__1::allocator > > > > >&, std::__1::stack , std::__1::allocator > >, std::__1::deque , std::__1::allocator > >, std::__1::allocator , std::__1::allocator > > > > >&, int) const']

0 406 mu::ParserBase::ApplyBinOprt(std::__1::stack ,std::__1::allocator >>,std::__1::deque ,std::__1::allocator >>,std::__1::allocator ,std::__1::allocator >>>>>&,std::__1::stack ,std::__1::allocator >>,std::__1::deque ,std::__1::allocator >>,std::__1::allocator ,std::__1::allocator >>>>>&)const call site: 00000 /src/muparser/src/muParserBase.cpp:941
0 74 1 :

['mu::ParserBase::Error(mu::EErrorCodes, int, std::__1::basic_string , std::__1::allocator > const&) const']

0 74 mu::ParserBase::AddCallback(std::__1::basic_string ,std::__1::allocator >const&,mu::ParserCallbackconst&,std::__1::map ,std::__1::allocator >,mu::ParserCallback,std::__1::less ,std::__1::allocator >>,std::__1::allocator ,std::__1::allocator >const,mu::ParserCallback>>>&,charconst*) call site: 00000 /src/muparser/src/muParserBase.cpp:366
0 74 3 :

['std::__1::basic_string , std::__1::allocator >::~basic_string()', 'std::__1::basic_string , std::__1::allocator >::basic_string()', 'mu::ParserBase::Error(mu::EErrorCodes, int, std::__1::basic_string , std::__1::allocator > const&) const']

0 74 mu::ParserBase::DefineInfixOprt(std::__1::basic_string ,std::__1::allocator >const&,double(*)(double),int,bool) call site: 00000 /src/muparser/src/muParserBase.cpp:533

Fuzzer calltree

0 LLVMFuzzerTestOneInput [function] [call site] 00000
1 mu::Parser::Parser() [function] [call site] 00001
2 mu::ParserBase::ParserBase() [function] [call site] 00002
3 mu::ParserByteCode::ParserByteCode() [function] [call site] 00003
3 mu::ParserBase::InitTokenReader() [function] [call site] 00004
4 mu::ParserTokenReader::ParserTokenReader(mu::ParserBase*) [function] [call site] 00005
5 mu::ParserToken , std::__1::allocator > >::ParserToken() [function] [call site] 00006
5 __cxa_allocate_exception [call site] 00007
5 mu::ParserError::ParserError(mu::EErrorCodes, int, std::__1::basic_string , std::__1::allocator > const&) [function] [call site] 00008
6 mu::ParserErrorMsg::Instance() [function] [call site] 00009
7 __cxa_guard_acquire [call site] 00010
7 mu::ParserErrorMsg::ParserErrorMsg() [function] [call site] 00011
8 __cxa_allocate_exception [call site] 00012
7 mu::ParserErrorMsg::~ParserErrorMsg() [function] [call site] 00013
6 mu::ParserErrorMsg::operator[](unsigned int) const [function] [call site] 00014
6 mu::ParserError::ReplaceSubString(std::__1::basic_string , std::__1::allocator >&, std::__1::basic_string , std::__1::allocator > const&, std::__1::basic_string , std::__1::allocator > const&) [function] [call site] 00015
6 mu::ParserError::ReplaceSubString(std::__1::basic_string , std::__1::allocator >&, std::__1::basic_string , std::__1::allocator > const&, std::__1::basic_string , std::__1::allocator > const&) [function] [call site] 00016
5 mu::ParserToken , std::__1::allocator > >::~ParserToken() [function] [call site] 00017
5 mu::ParserTokenReader::SetParent(mu::ParserBase*) [function] [call site] 00018
3 mu::ParserByteCode::~ParserByteCode() [function] [call site] 00019
2 mu::ParserBase::AddValIdent(int (*)(char const*, int*, double*)) [function] [call site] 00020
3 mu::ParserTokenReader::AddValIdent(int (*)(char const*, int*, double*)) [function] [call site] 00021
2 mu::ParserBase::~ParserBase() [function] [call site] 00022
3 mu::ParserByteCode::~ParserByteCode() [function] [call site] 00023
1 mu::ParserBase::SetExpr(std::__1::basic_string , std::__1::allocator > const&) [function] [call site] 00024
2 mu::ParserTokenReader::GetArgSep() const [function] [call site] 00025
2 mu::ParserBase::Error(mu::EErrorCodes, int, std::__1::basic_string , std::__1::allocator > const&) const [function] [call site] 00026
3 __cxa_allocate_exception [call site] 00027
3 mu::ParserTokenReader::GetExpr() const [function] [call site] 00028
3 mu::ParserError::ParserError(mu::EErrorCodes, std::__1::basic_string , std::__1::allocator > const&, std::__1::basic_string , std::__1::allocator > const&, int) [function] [call site] 00029
4 mu::ParserErrorMsg::Instance() [function] [call site] 00030
4 mu::ParserErrorMsg::operator[](unsigned int) const [function] [call site] 00031
4 mu::ParserError::ReplaceSubString(std::__1::basic_string , std::__1::allocator >&, std::__1::basic_string , std::__1::allocator > const&, std::__1::basic_string , std::__1::allocator > const&) [function] [call site] 00032
4 mu::ParserError::ReplaceSubString(std::__1::basic_string , std::__1::allocator >&, std::__1::basic_string , std::__1::allocator > const&, std::__1::basic_string , std::__1::allocator > const&) [function] [call site] 00033
2 mu::ParserBase::Error(mu::EErrorCodes, int, std::__1::basic_string , std::__1::allocator > const&) const [function] [call site] 00034
2 mu::ParserTokenReader::SetFormula(std::__1::basic_string , std::__1::allocator > const&) [function] [call site] 00035
3 mu::ParserTokenReader::ReInit() [function] [call site] 00036
4 mu::ParserToken , std::__1::allocator > >::ParserToken() [function] [call site] 00037
2 mu::ParserBase::ReInit() const [function] [call site] 00038
3 mu::ParserByteCode::clear() [function] [call site] 00039
3 mu::ParserTokenReader::ReInit() [function] [call site] 00040
1 mu::ParserBase::Eval() const [function] [call site] 00041
1 mu::Parser::~Parser() [function] [call site] 00042
2 mu::ParserBase::~ParserBase() [function] [call site] 00043
1 __cxa_begin_catch [call site] 00044
1 __cxa_end_catch [call site] 00045
1 __cxa_begin_catch [call site] 00046