The followings are the branches where fuzzer fails to bypass.
| Unique non-covered Complexity | Unique Reachable Complexities | Unique Reachable Functions | All non-covered Complexity | All Reachable Complexity | Function Name | Function Callsite | Blocked Branch |
|---|---|---|---|---|---|---|---|
| 489 | 489 |
1 :
['entityValueInitProcessor'] |
489 | 489 | externalParEntInitProcessor | call site: 00000 | /src/expat/expat/lib/xmlparse.c:4493 |
| 272 | 286 |
2 :
['accountingReportStats', 'accountingReportDiff'] |
272 | 286 | accountingDiffTolerated | call site: 00000 | /src/expat/expat/lib/xmlparse.c:7913 |
| 162 | 4090 |
15 :
['memcmp', 'poolClear', 'reportDefault', 'lookup', 'freeBindings', 'doCdataSection', 'reportProcessingInstruction', 'XmlUtf8Encode', 'reportComment', 'poolStoreString', 'accountingOnAbort', 'getContext', 'processInternalEntity', 'storeAtts', 'accountingDiffTolerated'] |
162 | 4804 | doContent | call site: 00000 | /src/expat/expat/lib/xmlparse.c:3078 |
| 162 | 4090 |
15 :
['memcmp', 'poolClear', 'reportDefault', 'lookup', 'freeBindings', 'doCdataSection', 'reportProcessingInstruction', 'XmlUtf8Encode', 'reportComment', 'poolStoreString', 'accountingOnAbort', 'getContext', 'processInternalEntity', 'storeAtts', 'accountingDiffTolerated'] |
162 | 4804 | doContent | call site: 00000 | /src/expat/expat/lib/xmlparse.c:3139 |
| 50 | 50 |
1 :
['generate_hash_secret_salt'] |
50 | 310 | startParsing | call site: 00059 | /src/expat/expat/lib/xmlparse.c:1044 |
| 8 | 8 |
2 :
['__errno_location', 'strtoul'] |
8 | 8 | getDebugLevel | call site: 00021 | /src/expat/expat/lib/xmlparse.c:8526 |
| 6 | 6 |
1 :
['reportDefault'] |
6 | 6 | epilogProcessor | call site: 00000 | /src/expat/expat/lib/xmlparse.c:5764 |
| 6 | 6 |
1 :
['reportDefault'] |
6 | 6 | doIgnoreSection | call site: 00000 | /src/expat/expat/lib/xmlparse.c:4273 |
| 6 | 6 |
1 :
['reportDefault'] |
6 | 6 | reportProcessingInstruction | call site: 00000 | /src/expat/expat/lib/xmlparse.c:6423 |
| 6 | 6 |
1 :
['reportDefault'] |
6 | 6 | reportComment | call site: 00000 | /src/expat/expat/lib/xmlparse.c:6448 |
| 2 | 2 |
1 :
['XmlSizeOfUnknownEncoding'] |
2 | 2 | handleUnknownEncoding | call site: 00000 | /src/expat/expat/lib/xmlparse.c:4438 |
| 0 | 1493 |
1 :
['doProlog'] |
0 | 1506 | processInternalEntity | call site: 00000 | /src/expat/expat/lib/xmlparse.c:5850 |
LLVMFuzzerTestOneInput
[function]
[call site]
00000
XML_ParserCreate
[function]
[call site]
00001
XML_ParserCreate_MM
[function]
[call site]
00002
parserCreate
[function]
[call site]
00003
dtdCreate
[function]
[call site]
00004
poolInit
[function]
[call site]
00005
poolInit
[function]
[call site]
00006
hashTableInit
[function]
[call site]
00007
hashTableInit
[function]
[call site]
00008
hashTableInit
[function]
[call site]
00009
hashTableInit
[function]
[call site]
00010
hashTableInit
[function]
[call site]
00011
poolInit
[function]
[call site]
00012
poolInit
[function]
[call site]
00013
parserInit
[function]
[call site]
00014
XmlPrologStateInit
[function]
[call site]
00015
copyString
[function]
[call site]
00016
XmlInitEncoding
[function]
[call site]
00017
getEncodingIndex
[function]
[call site]
00018
streqci
[function]
[call site]
00019
getDebugLevel
[function]
[call site]
00020
getenv
[call site]
00021
__errno_location
[call site]
00022
strtoul
[call site]
00023
__errno_location
[call site]
00024
__errno_location
[call site]
00025
getDebugLevel
[function]
[call site]
00026
XML_ParserFree
[function]
[call site]
00027
destroyBindings
[function]
[call site]
00028
destroyBindings
[function]
[call site]
00029
destroyBindings
[function]
[call site]
00030
poolDestroy
[function]
[call site]
00031
poolDestroy
[function]
[call site]
00032
dtdDestroy
[function]
[call site]
00033
hashTableIterInit
[function]
[call site]
00034
hashTableIterNext
[function]
[call site]
00035
hashTableDestroy
[function]
[call site]
00036
hashTableDestroy
[function]
[call site]
00037
hashTableDestroy
[function]
[call site]
00038
hashTableDestroy
[function]
[call site]
00039
hashTableDestroy
[function]
[call site]
00040
poolDestroy
[function]
[call site]
00041
poolDestroy
[function]
[call site]
00042
XmlGetUtf8InternalEncodingNS
[function]
[call site]
00043
XmlGetUtf8InternalEncoding
[function]
[call site]
00044
__assert_fail
[call site]
00045
ParseOneInput
[function]
[call site]
00046
sip_tokey
[function]
[call site]
00047
siphash24
[function]
[call site]
00048
sip24_init
[function]
[call site]
00049
XML_SetHashSalt
[function]
[call site]
00050
XML_SetHashSalt
[function]
[call site]
00051
XML_SetUserData
[function]
[call site]
00052
XML_SetElementHandler
[function]
[call site]
00053
start
[function]
[call site]
00054
XML_SetCharacterDataHandler
[function]
[call site]
00055
may_stop_character_handler
[function]
[call site]
00056
XML_StopParser
[function]
[call site]
00057
XML_Parse
[function]
[call site]
00058
startParsing
[function]
[call site]
00059
generate_hash_secret_salt
[function]
[call site]
00060
writeRandomBytes_getrandom_nonblock
[function]
[call site]
00061
getrandom
[call site]
00062
__errno_location
[call site]
00063
ENTROPY_DEBUG
[function]
[call site]
00064
getDebugLevel
[function]
[call site]
00065
fprintf
[call site]
00066
writeRandomBytes_dev_urandom
[function]
[call site]
00067
open
[call site]
00068
read
[call site]
00069
__errno_location
[call site]
00070
close
[call site]
00071
ENTROPY_DEBUG
[function]
[call site]
00072
gather_time_entropy
[function]
[call site]
00073
gettimeofday
[call site]
00074
__assert_fail
[call site]
00075
getpid
[call site]
00076
ENTROPY_DEBUG
[function]
[call site]
00077
setContext
[function]
[call site]
00078
poolGrow
[function]
[call site]
00079
poolBytesToAllocateFor
[function]
[call site]
00080
poolBytesToAllocateFor
[function]
[call site]
00081
lookup
[function]
[call site]
00082
hash
[function]
[call site]
00083
copy_salt_to_sipkey
[function]
[call site]
00084
get_hash_secret_salt
[function]
[call site]
00085
get_hash_secret_salt
[function]
[call site]
00086
sip24_init
[function]
[call site]
00087
keylen
[function]
[call site]
00088
sip24_update
[function]
[call site]
00089
sip_round
[function]
[call site]
00090
sip24_final
[function]
[call site]
00091
sip_round
[function]
[call site]
00092
sip_round
[function]
[call site]
00093
hash
[function]
[call site]
00094
keyeq
[function]
[call site]
00095
hash
[function]
[call site]
00096
poolGrow
[function]
[call site]
00097
lookup
[function]
[call site]
00098
poolCopyString
[function]
[call site]
00099
poolGrow
[function]
[call site]
00100
poolGrow
[function]
[call site]
00101
poolGrow
[function]
[call site]
00102
addBinding
[function]
[call site]
00103
is_rfc3986_uri_char
[function]
[call site]
00104
poolGrow
[function]
[call site]
00105
XML_GetBuffer
[function]
[call site]
00106
__assert_fail
[call site]
00107
XML_ParseBuffer
[function]
[call site]
00108
startParsing
[function]
[call site]
00109
callProcessor
[function]
[call site]
00110
XML_Parse
[function]
[call site]
00111
XML_GetErrorCode
[function]
[call site]
00112
XML_GetCurrentLineNumber
[function]
[call site]
00113
XML_ParserReset
[function]
[call site]
00114
moveToFreeBindingList
[function]
[call site]
00115
moveToFreeBindingList
[function]
[call site]
00116
poolClear
[function]
[call site]
00117
poolClear
[function]
[call site]
00118
parserInit
[function]
[call site]
00119
dtdReset
[function]
[call site]
00120
hashTableIterInit
[function]
[call site]
00121
hashTableIterNext
[function]
[call site]
00122
hashTableClear
[function]
[call site]
00123
hashTableClear
[function]
[call site]
00124
hashTableClear
[function]
[call site]
00125
hashTableClear
[function]
[call site]
00126
hashTableClear
[function]
[call site]
00127
poolClear
[function]
[call site]
00128
poolClear
[function]
[call site]
00129
XML_ParserCreateNS
[function]
[call site]
00130
XML_ParserCreate_MM
[function]
[call site]
00131
__assert_fail
[call site]
00132
ParseOneInput
[function]
[call site]
00133
XML_ParserFree
[function]
[call site]
00134
XML_ExternalEntityParserCreate
[function]
[call site]
00135
parserCreate
[function]
[call site]
00136
parserCreate
[function]
[call site]
00137
dtdCopy
[function]
[call site]
00138
hashTableIterInit
[function]
[call site]
00139
hashTableIterNext
[function]
[call site]
00140
poolCopyString
[function]
[call site]
00141
lookup
[function]
[call site]
00142
hashTableIterInit
[function]
[call site]
00143
hashTableIterNext
[function]
[call site]
00144
poolGrow
[function]
[call site]
00145
poolCopyString
[function]
[call site]
00146
lookup
[function]
[call site]
00147
lookup
[function]
[call site]
00148
hashTableIterInit
[function]
[call site]
00149
hashTableIterNext
[function]
[call site]
00150
poolCopyString
[function]
[call site]
00151
lookup
[function]
[call site]
00152
lookup
[function]
[call site]
00153
lookup
[function]
[call site]
00154
lookup
[function]
[call site]
00155
poolCopyString
[function]
[call site]
00156
copyEntityTable
[function]
[call site]
00157
hashTableIterInit
[function]
[call site]
00158
hashTableIterNext
[function]
[call site]
00159
poolCopyString
[function]
[call site]
00160
lookup
[function]
[call site]
00161
poolCopyString
[function]
[call site]
00162
poolCopyString
[function]
[call site]
00163
poolCopyString
[function]
[call site]
00164
poolCopyStringN
[function]
[call site]
00165
poolGrow
[function]
[call site]
00166
poolGrow
[function]
[call site]
00167
poolCopyString
[function]
[call site]
00168
copyEntityTable
[function]
[call site]
00169
setContext
[function]
[call site]
00170
XML_ParserFree
[function]
[call site]
00171
XmlPrologStateInitExternalEntity
[function]
[call site]
00172
__assert_fail
[call site]
00173
ParseOneInput
[function]
[call site]
00174
XML_ParserFree
[function]
[call site]
00175
XML_ExternalEntityParserCreate
[function]
[call site]
00176
__assert_fail
[call site]
00177
ParseOneInput
[function]
[call site]
00178
XML_ParserFree
[function]
[call site]
00179
XML_ParserFree
[function]
[call site]
00180