Fuzz introspector: set_eval_fuzzer
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
80 162 4 :

['mu::ParserToken , std::__1::allocator > >::GetVar() const', '_ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEC2B8ne180100ILi0EEEPKc', 'mu::ParserByteCode::AddAssignOp(double*)', 'mu::ParserBase::Error(mu::EErrorCodes, int, std::__1::basic_string , std::__1::allocator > const&) const']

96 185 mu::ParserBase::ApplyBinOprt(std::__1::stack ,std::__1::allocator >>,std::__1::deque ,std::__1::allocator >>,std::__1::allocator ,std::__1::allocator >>>>>&,std::__1::stack ,std::__1::allocator >>,std::__1::deque ,std::__1::allocator >>,std::__1::allocator ,std::__1::allocator >>>>>&)const call site: 00000 /src/muparser/src/muParserBase.cpp:989
6 75 4 :

['__cxa_free_exception', '__cxa_throw', '__cxa_allocate_exception', 'mu::ParserError::ParserError(mu::EErrorCodes)']

6 75 mu::ParserByteCode::GetBase()const call site: 00000 /src/muparser/include/muParserBytecode.h:148
6 75 4 :

['__cxa_free_exception', '__cxa_throw', '__cxa_allocate_exception', 'mu::ParserError::ParserError(mu::EErrorCodes)']

6 75 mu::ParserToken ,std::__1::allocator >>::GetPri()const call site: 00000 /src/muparser/include/muParserToken.h:413
6 75 4 :

['__cxa_free_exception', '__cxa_throw', '__cxa_allocate_exception', 'mu::ParserError::ParserError(mu::EErrorCodes)']

6 75 mu::ParserToken ,std::__1::allocator >>::SetIdx(int) call site: 00000 /src/muparser/include/muParserToken.h:354
6 73 6 :

['mu::ParserError::ParserError(char const*, int, std::__1::basic_string , std::__1::allocator > const&)', '__cxa_free_exception', '__cxa_allocate_exception', 'std::__1::basic_string , std::__1::allocator >::~basic_string()', '__cxa_throw', 'std::__1::basic_string , std::__1::allocator >::basic_string[abi:ne180100]()']

6 73 mu::MathImpl ::Sum(doubleconst*,int) call site: 00000 /src/muparser/include/muParserTemplateMagic.h:154
6 73 6 :

['mu::ParserError::ParserError(char const*, int, std::__1::basic_string , std::__1::allocator > const&)', '__cxa_free_exception', '__cxa_allocate_exception', 'std::__1::basic_string , std::__1::allocator >::~basic_string()', '__cxa_throw', 'std::__1::basic_string , std::__1::allocator >::basic_string[abi:ne180100]()']

6 73 mu::MathImpl ::Avg(doubleconst*,int) call site: 00000 /src/muparser/include/muParserTemplateMagic.h:164
6 73 6 :

['std::__1::basic_string , std::__1::allocator >::basic_string[abi:ne180100]()', 'std::__1::basic_string , std::__1::allocator >::~basic_string()', '__cxa_throw', 'mu::ParserError::ParserError(char const*, int, std::__1::basic_string , std::__1::allocator > const&)', '__cxa_free_exception', '__cxa_allocate_exception']

6 73 mu::MathImpl ::Min(doubleconst*,int) call site: 00000 /src/muparser/include/muParserTemplateMagic.h:174
6 73 6 :

['std::__1::basic_string , std::__1::allocator >::basic_string[abi:ne180100]()', 'std::__1::basic_string , std::__1::allocator >::~basic_string()', '__cxa_throw', 'mu::ParserError::ParserError(char const*, int, std::__1::basic_string , std::__1::allocator > const&)', '__cxa_free_exception', '__cxa_allocate_exception']

6 73 mu::MathImpl ::Max(doubleconst*,int) call site: 00000 /src/muparser/include/muParserTemplateMagic.h:186
0 434 1 :

['mu::ParserBase::ApplyFunc(std::__1::stack , std::__1::allocator > >, std::__1::deque , std::__1::allocator > >, std::__1::allocator , std::__1::allocator > > > > >&, std::__1::stack , std::__1::allocator > >, std::__1::deque , std::__1::allocator > >, std::__1::allocator , std::__1::allocator > > > > >&, int) const']

0 434 mu::ParserBase::ApplyBinOprt(std::__1::stack ,std::__1::allocator >>,std::__1::deque ,std::__1::allocator >>,std::__1::allocator ,std::__1::allocator >>>>>&,std::__1::stack ,std::__1::allocator >>,std::__1::deque ,std::__1::allocator >>,std::__1::allocator ,std::__1::allocator >>>>>&)const call site: 00000 /src/muparser/src/muParserBase.cpp:965
0 173 12 :

['std::__1::__map_const_iterator , std::__1::allocator >, double*>, std::__1::__tree_node , std::__1::allocator >, double*>, void*>*, long> >::__map_const_iterator[abi:ne180100](std::__1::__map_iterator , std::__1::allocator >, double*>, std::__1::__tree_node , std::__1::allocator >, double*>, void*>*, long> >)', 'std::__1::map , std::__1::allocator >, double*, std::__1::less , std::__1::allocator > >, std::__1::allocator , std::__1::allocator > const, double*> > >::find[abi:ne180100](std::__1::basic_string , std::__1::allocator > const&)', 'std::__1::map , std::__1::allocator >, double*, std::__1::less , std::__1::allocator > >, std::__1::allocator , std::__1::allocator > const, double*> > >::end[abi:ne180100]()', 'std::__1::basic_string , std::__1::allocator >::~basic_string()', 'std::__1::basic_string , std::__1::allocator >::basic_string[abi:ne180100]()', 'std::__1::__map_const_iterator , std::__1::allocator >, double*>, std::__1::__tree_node , std::__1::allocator >, double*>, void*>*, long> >::operator->[abi:ne180100]() const', 'std::__1::map , std::__1::allocator >, double*, std::__1::less , std::__1::allocator > >, std::__1::allocator , std::__1::allocator > const, double*> > >::operator[](std::__1::basic_string , std::__1::allocator > const&)', 'mu::ParserBase::ValidNameChars() const', 'mu::ParserTokenReader::ExtractToken(char const*, std::__1::basic_string , std::__1::allocator >&, unsigned long) const', 'std::__1::operator==[abi:ne180100](std::__1::__map_const_iterator , std::__1::allocator >, double*>, std::__1::__tree_node , std::__1::allocator >, double*>, void*>*, long> > const&, std::__1::__map_const_iterator , std::__1::allocator >, double*>, std::__1::__tree_node , std::__1::allocator >, double*>, void*>*, long> > const&)', 'mu::ParserToken , std::__1::allocator > >::SetVar(double*, std::__1::basic_string , std::__1::allocator > const&)', 'mu::ParserTokenReader::Error(mu::EErrorCodes, int, std::__1::basic_string , std::__1::allocator > const&) const']

0 173 mu::ParserTokenReader::IsVarTok(mu::ParserToken ,std::__1::allocator >>&) call site: 00000 /src/muparser/src/muParserTokenReader.cpp:818
0 82 1 :

['mu::ParserBase::Error(mu::EErrorCodes, int, std::__1::basic_string , std::__1::allocator > const&) const']

0 82 mu::ParserBase::AddCallback(std::__1::basic_string ,std::__1::allocator >const&,mu::ParserCallbackconst&,std::__1::map ,std::__1::allocator >,mu::ParserCallback,std::__1::less ,std::__1::allocator >>,std::__1::allocator ,std::__1::allocator >const,mu::ParserCallback>>>&,charconst*) call site: 00000 /src/muparser/src/muParserBase.cpp:390
0 82 3 :

['std::__1::basic_string , std::__1::allocator >::~basic_string()', 'std::__1::basic_string , std::__1::allocator >::basic_string[abi:ne180100]()', 'mu::ParserBase::Error(mu::EErrorCodes, int, std::__1::basic_string , std::__1::allocator > const&) const']

0 82 mu::ParserBase::DefineInfixOprt(std::__1::basic_string ,std::__1::allocator >const&,double(*)(double),int,bool) call site: 00000 /src/muparser/src/muParserBase.cpp:557

Fuzzer calltree

0 LLVMFuzzerTestOneInput [function] [call site] 00000
1 mu::Parser::Parser() [function] [call site] 00001
2 mu::ParserBase::ParserBase() [function] [call site] 00002
3 mu::ParserByteCode::ParserByteCode() [function] [call site] 00003
3 mu::ParserBase::InitTokenReader() [function] [call site] 00004
4 mu::ParserTokenReader::ParserTokenReader(mu::ParserBase*) [function] [call site] 00005
5 mu::ParserToken<double, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > >::ParserToken() [function] [call site] 00006
5 __cxa_allocate_exception [call site] 00007
5 std::__1::basic_stringstream<char, std::__1::char_traits<char>, std::__1::allocator<char> >::str[abi:ne180100]() const & [function] [call site] 00008
6 std::__1::basic_stringbuf<char, std::__1::char_traits<char>, std::__1::allocator<char> >::str[abi:ne180100]() const & [function] [call site] 00009
5 mu::ParserError::ParserError(mu::EErrorCodes, int, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) [function] [call site] 00010
6 mu::ParserErrorMsg::Instance() [function] [call site] 00011
7 __cxa_guard_acquire [call site] 00012
7 mu::ParserErrorMsg::ParserErrorMsg() [function] [call site] 00013
8 __cxa_allocate_exception [call site] 00014
8 std::runtime_error::runtime_error(char const*) [call site] 00015
8 __cxa_throw [call site] 00016
8 __cxa_free_exception [call site] 00017
7 __cxa_atexit [call site] 00018
7 mu::ParserErrorMsg::~ParserErrorMsg() [function] [call site] 00019
7 __cxa_guard_release [call site] 00020
7 __cxa_guard_abort [call site] 00021
6 mu::ParserErrorMsg::operator[](unsigned int) const [function] [call site] 00022
6 std::__1::basic_stringstream<char, std::__1::char_traits<char>, std::__1::allocator<char> >::str[abi:ne180100]() const & [function] [call site] 00023
6 mu::ParserError::ReplaceSubString(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) [function] [call site] 00024
6 mu::ParserError::ReplaceSubString(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) [function] [call site] 00025
5 __cxa_throw [call site] 00026
5 __cxa_free_exception [call site] 00027
5 mu::ParserToken<double, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > >::~ParserToken() [function] [call site] 00028
5 mu::ParserTokenReader::SetParent(mu::ParserBase*) [function] [call site] 00029
3 mu::ParserByteCode::~ParserByteCode() [function] [call site] 00030
2 mu::ParserBase::AddValIdent(int (*)(char const*, int*, double*)) [function] [call site] 00031
3 mu::ParserTokenReader::AddValIdent(int (*)(char const*, int*, double*)) [function] [call site] 00032
2 mu::ParserBase::~ParserBase() [function] [call site] 00033
3 mu::ParserByteCode::~ParserByteCode() [function] [call site] 00034
1 mu::ParserBase::SetExpr(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) [function] [call site] 00035
2 mu::ParserTokenReader::GetArgSep() const [function] [call site] 00036
2 mu::ParserBase::Error(mu::EErrorCodes, int, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) const [function] [call site] 00037
3 __cxa_allocate_exception [call site] 00038
3 mu::ParserTokenReader::GetExpr() const [function] [call site] 00039
3 mu::ParserError::ParserError(mu::EErrorCodes, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, int) [function] [call site] 00040
4 mu::ParserErrorMsg::Instance() [function] [call site] 00041
4 mu::ParserErrorMsg::operator[](unsigned int) const [function] [call site] 00042
4 std::__1::basic_stringstream<char, std::__1::char_traits<char>, std::__1::allocator<char> >::str[abi:ne180100]() const & [function] [call site] 00043
4 mu::ParserError::ReplaceSubString(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) [function] [call site] 00044
4 mu::ParserError::ReplaceSubString(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) [function] [call site] 00045
3 __cxa_throw [call site] 00046
3 mu::ParserError::~ParserError() [function] [call site] 00047
3 __cxa_free_exception [call site] 00048
2 mu::ParserBase::Error(mu::EErrorCodes, int, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) const [function] [call site] 00049
2 mu::ParserTokenReader::SetFormula(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) [function] [call site] 00050
3 mu::ParserTokenReader::ReInit() [function] [call site] 00051
4 mu::ParserToken<double, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > >::ParserToken() [function] [call site] 00052
4 mu::ParserToken<double, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > >::operator=(mu::ParserToken<double, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > > const&) [function] [call site] 00053
5 mu::ParserToken<double, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > >::Assign(mu::ParserToken<double, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > > const&) [function] [call site] 00054
6 mu::ParserCallback::Clone() const [function] [call site] 00055
7 mu::ParserCallback::ParserCallback(mu::ParserCallback const&) [function] [call site] 00056
8 mu::ParserCallback::ParserCallback() [function] [call site] 00057
8 mu::ParserCallback::Assign(mu::ParserCallback const&) [function] [call site] 00058
8 mu::ParserCallback::~ParserCallback() [function] [call site] 00059
4 mu::ParserToken<double, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > >::~ParserToken() [function] [call site] 00060
2 mu::ParserBase::ReInit() const [function] [call site] 00061
3 mu::ParserByteCode::clear() [function] [call site] 00062
3 mu::ParserTokenReader::ReInit() [function] [call site] 00063
1 mu::ParserBase::Eval() const [function] [call site] 00064
1 mu::Parser::~Parser() [function] [call site] 00065
2 mu::ParserBase::~ParserBase() [function] [call site] 00066
1 __cxa_begin_catch [call site] 00067
1 __cxa_end_catch [call site] 00068
1 __cxa_begin_catch [call site] 00069
1 __cxa_end_catch [call site] 00070