Fuzz introspector: fuzz_bfd_ext
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
29 29 1 :

['close_one']

31 147 bfd_open_file call site: 00158 /src/binutils-gdb/bfd/cache.c:597
29 29 1 :

['close_one']

29 31 bfd_cache_init call site: 00118 /src/binutils-gdb/bfd/cache.c:499
9 9 1 :

['_bfd_abort']

9 9 bfd_set_error call site: 00062 /src/binutils-gdb/bfd/bfd.c:802
2 24 2 :

['__errno_location', 'bfd_set_error']

2 24 bfd_seek call site: 00146 /src/binutils-gdb/bfd/bfdio.c:485
2 13 2 :

['close', 'bfd_set_error']

2 25 bfd_fopen call site: 00097 /src/binutils-gdb/bfd/opncls.c:288
2 2 1 :

['fdopen']

8 144 bfd_fopen call site: 00092 /src/binutils-gdb/bfd/opncls.c:283
2 2 1 :

['getenv']

4 26 bfd_find_target call site: 00084 /src/binutils-gdb/bfd/./targets.c:1620
2 2 1 :

['__errno_location']

4 4 bufferToFile call site: 00053 /src/binutils-gdb/fuzz/fuzz_bfd_ext.c:35
2 2 1 :

['sysconf']

2 2 bfd_cache_max_open call site: 00119 /src/binutils-gdb/bfd/cache.c:98
0 33 2 :

['_objalloc_alloc', 'bfd_set_error']

0 63 bfd_hash_lookup call site: 00000 /src/binutils-gdb/bfd/hash.c:571
0 33 1 :

['bfd_seek']

0 33 bfd_read call site: 00000 /src/binutils-gdb/bfd/bfdio.c:283
0 23 2 :

['_bfd_delete_bfd', 'bfd_set_error']

0 23 bfd_openw call site: 00157 /src/binutils-gdb/bfd/opncls.c:785

Fuzzer calltree

0 LLVMFuzzerTestOneInput [function] [call site] 00000
1 bfd_init [function] [call site] 00001
2 error_handler_fprintf [function] [call site] 00002
3 _bfd_doprnt_scan [function] [call site] 00003
4 strchr [call site] 00004
4 strchr [call site] 00005
4 _bfd_abort [function] [call site] 00006
5 dgettext [call site] 00007
5 _bfd_error_handler [function] [call site] 00008
5 dgettext [call site] 00009
5 _bfd_error_handler [function] [call site] 00010
5 dgettext [call site] 00011
5 _bfd_error_handler [function] [call site] 00012
5 _exit [call site] 00013
4 _bfd_abort [function] [call site] 00014
4 strchr [call site] 00015
4 _bfd_abort [function] [call site] 00016
4 _bfd_abort [function] [call site] 00017
4 _bfd_abort [function] [call site] 00018
4 _bfd_abort [function] [call site] 00019
3 fflush [call site] 00020
3 _bfd_get_error_program_name [function] [call site] 00021
3 fprintf [call site] 00022
3 _bfd_doprnt [function] [call site] 00023
4 strchr [call site] 00024
4 fputc [call site] 00025
4 strchr [call site] 00026
4 abs [call site] 00027
4 sprintf [call site] 00028
4 abs [call site] 00029
4 sprintf [call site] 00030
4 strchr [call site] 00031
4 _bfd_abort [function] [call site] 00032
4 _bfd_abort [function] [call site] 00033
4 bfd_get_flavour [function] [call site] 00034
4 bfd_get_flavour [function] [call site] 00035
4 bfd_get_flavour [function] [call site] 00036
4 _bfd_abort [function] [call site] 00037
4 bfd_is_thin_archive [function] [call site] 00038
4 bfd_get_filename [function] [call site] 00039
4 bfd_get_filename [function] [call site] 00040
4 bfd_get_filename [function] [call site] 00041
4 _bfd_abort [function] [call site] 00042
3 fprintf [call site] 00043
3 fputc [call site] 00044
3 fflush [call site] 00045
2 _bfd_default_assert_handler [function] [call site] 00046
3 _bfd_error_handler [function] [call site] 00047
1 _bfd_abort [function] [call site] 00048
1 strncpy [call site] 00049
1 bufferToFile [function] [call site] 00050
2 mkstemp [call site] 00051
2 __errno_location [call site] 00052
2 write [call site] 00053
2 __errno_location [call site] 00054
2 close [call site] 00055
2 close [call site] 00056
1 bfd_openr [function] [call site] 00057
2 bfd_fopen [function] [call site] 00058
3 _bfd_new_bfd [function] [call site] 00059
4 bfd_zmalloc [function] [call site] 00060
5 bfd_malloc [function] [call site] 00061
6 bfd_set_error [function] [call site] 00062
7 _bfd_abort [function] [call site] 00063
6 bfd_set_error [function] [call site] 00064
4 objalloc_create [function] [call site] 00065
4 bfd_set_error [function] [call site] 00066
4 bfd_hash_table_init_n [function] [call site] 00067
5 bfd_set_error [function] [call site] 00068
5 objalloc_create [function] [call site] 00069
5 bfd_set_error [function] [call site] 00070
5 _objalloc_alloc [function] [call site] 00071
6 _objalloc_alloc [function] [call site] 00072
5 bfd_hash_table_free [function] [call site] 00073
6 objalloc_free [function] [call site] 00074
5 bfd_set_error [function] [call site] 00075
4 bfd_section_hash_newfunc [function] [call site] 00076
5 bfd_hash_allocate [function] [call site] 00077
6 _objalloc_alloc [function] [call site] 00078
6 bfd_set_error [function] [call site] 00079
5 bfd_hash_newfunc [function] [call site] 00080
6 bfd_hash_allocate [function] [call site] 00081
4 objalloc_free [function] [call site] 00082
3 close [call site] 00083
3 bfd_find_target [function] [call site] 00084
4 getenv [call site] 00085
4 strcmp [call site] 00086
4 find_target [function] [call site] 00087
5 strcmp [call site] 00088
5 fnmatch [call site] 00089
5 bfd_set_error [function] [call site] 00090
3 close [call site] 00091
3 _bfd_delete_bfd [function] [call site] 00092
4 bfd_hash_table_free [function] [call site] 00093
4 objalloc_free [function] [call site] 00094
4 bfd_get_filename [function] [call site] 00095
3 fdopen [call site] 00096
3 _bfd_real_fopen [function] [call site] 00097
4 fopen64 [call site] 00098
4 close_on_exec [function] [call site] 00099
5 fileno [call site] 00100
5 fcntl [call site] 00101
5 fcntl [call site] 00102
3 bfd_set_error [function] [call site] 00103
3 close [call site] 00104
3 _bfd_delete_bfd [function] [call site] 00105
3 bfd_set_filename [function] [call site] 00106
4 strlen [call site] 00107
4 bfd_alloc [function] [call site] 00108
5 bfd_set_error [function] [call site] 00109
5 _objalloc_alloc [function] [call site] 00110
5 bfd_set_error [function] [call site] 00111
4 bfd_set_error [function] [call site] 00112
3 fclose [call site] 00113
3 _bfd_delete_bfd [function] [call site] 00114
3 bfd_cache_init [function] [call site] 00115
4 bfd_assert [function] [call site] 00116
5 dgettext [call site] 00117
4 bfd_cache_max_open [function] [call site] 00118
5 getrlimit [call site] 00119
5 sysconf [call site] 00120
4 close_one [function] [call site] 00121
5 _bfd_real_ftell [function] [call site] 00122
6 ftello64 [call site] 00123
5 bfd_cache_delete [function] [call site] 00124
6 fclose [call site] 00125
6 bfd_set_error [function] [call site] 00126
6 snip [function] [call site] 00127
4 insert [function] [call site] 00128
3 fclose [call site] 00129
3 _bfd_delete_bfd [function] [call site] 00130
3 bfd_set_cacheable [function] [call site] 00131
1 remove [call site] 00132
1 bfd_close [function] [call site] 00133
2 bfd_close_all_done [function] [call site] 00134
3 _maybe_make_executable [function] [call site] 00135
4 bfd_get_filename [function] [call site] 00136
4 stat [call site] 00137
4 umask [call site] 00138
4 umask [call site] 00139
4 bfd_get_filename [function] [call site] 00140
4 chmod [call site] 00141
3 _bfd_delete_bfd [function] [call site] 00142
1 bfd_seek [function] [call site] 00143
2 bfd_is_thin_archive [function] [call site] 00144
2 bfd_set_error [function] [call site] 00145
2 bfd_assert [function] [call site] 00146
2 __errno_location [call site] 00147
2 bfd_set_error [function] [call site] 00148
2 bfd_set_error [function] [call site] 00149
1 bfd_close [function] [call site] 00150
1 bfd_openw [function] [call site] 00151
2 _bfd_new_bfd [function] [call site] 00152
2 bfd_find_target [function] [call site] 00153
2 _bfd_delete_bfd [function] [call site] 00154
2 bfd_set_filename [function] [call site] 00155
2 _bfd_delete_bfd [function] [call site] 00156
2 bfd_open_file [function] [call site] 00157
3 bfd_cache_max_open [function] [call site] 00158
3 close_one [function] [call site] 00159
3 bfd_get_filename [function] [call site] 00160
3 _bfd_real_fopen [function] [call site] 00161
3 bfd_get_filename [function] [call site] 00162
3 _bfd_real_fopen [function] [call site] 00163
3 bfd_get_filename [function] [call site] 00164
3 _bfd_real_fopen [function] [call site] 00165
3 bfd_get_filename [function] [call site] 00166
3 stat [call site] 00167
3 bfd_get_filename [function] [call site] 00168
3 unlink_if_ordinary [function] [call site] 00169
4 unlink [call site] 00170
3 bfd_get_filename [function] [call site] 00171
3 _bfd_real_fopen [function] [call site] 00172
3 bfd_set_error [function] [call site] 00173
3 bfd_cache_init [function] [call site] 00174
2 bfd_set_error [function] [call site] 00175
2 _bfd_delete_bfd [function] [call site] 00176
1 bfd_close [function] [call site] 00177