Fuzz introspector: FuzzPacket
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
6 6 1 :

['gps_hexdump']

78 263 packet_parse call site: 00230 /src/gpsd/gpsd-3.25.1~dev/gpsd/packet.c:2495
0 658 2 :

['packet_discard', 'packet_parse']

108 766 packet_get1 call site: 00313 /src/gpsd/gpsd-3.25.1~dev/gpsd/packet.c:3417
0 0 None 312 970 packet_get1 call site: 00262 /src/gpsd/gpsd-3.25.1~dev/gpsd/packet.c:3378
0 0 None 256 914 packet_get1 call site: 00306 /src/gpsd/gpsd-3.25.1~dev/gpsd/packet.c:3389
0 0 None 72 72 isgps_decode call site: 00031 /src/gpsd/gpsd-3.25.1~dev/gpsd/isgps.c:262
0 0 None 36 207 packet_parse call site: 00210 /src/gpsd/gpsd-3.25.1~dev/gpsd/packet.c:2325
0 0 None 36 36 isgps_decode call site: 00033 /src/gpsd/gpsd-3.25.1~dev/gpsd/isgps.c:291
0 0 None 36 36 packet_accept call site: 00218 /src/gpsd/gpsd-3.25.1~dev/gpsd/packet.c:2051
0 0 None 36 36 packet_discard call site: 00222 /src/gpsd/gpsd-3.25.1~dev/gpsd/packet.c:2078
0 0 None 36 36 packet_unstash call site: 00255 /src/gpsd/gpsd-3.25.1~dev/gpsd/packet.c:2123
0 0 None 0 0 nextstate call site: 00090 /src/gpsd/gpsd-3.25.1~dev/gpsd/packet.c:985
0 0 None 0 0 nextstate call site: 00092 /src/gpsd/gpsd-3.25.1~dev/gpsd/packet.c:1001

Fuzzer calltree

0 LLVMFuzzerTestOneInput [function] [call site] 00000
1 lexer_init [function] [call site] 00001
2 clock_gettime [call site] 00002
2 packet_reset [function] [call site] 00003
3 isgps_init [function] [call site] 00004
1 packet_parse [function] [call site] 00005
2 nextstate [function] [call site] 00006
3 rtcm2_decode [function] [call site] 00007
4 isgps_decode [function] [call site] 00008
5 gpsd_log [function] [call site] 00009
6 gpsd_vlog [function] [call site] 00010
7 gpsd_acquire_reporting_lock [function] [call site] 00011
8 pthread_mutex_lock [call site] 00012
8 strerror [call site] 00013
8 fprintf [call site] 00014
8 exit [call site] 00015
7 snprintf [call site] 00016
7 vsnprintf [call site] 00017
7 getpid [call site] 00018
7 syslog [call site] 00019
7 fputs [call site] 00020
7 gpsd_release_reporting_lock [function] [call site] 00021
8 pthread_mutex_unlock [call site] 00022
8 strerror [call site] 00023
8 fprintf [call site] 00024
8 exit [call site] 00025
5 gpsd_log [function] [call site] 00026
5 isgps_parity [function] [call site] 00027
5 gpsd_log [function] [call site] 00028
5 gpsd_log [function] [call site] 00029
5 isgps_parity [function] [call site] 00030
5 gpsd_log [function] [call site] 00031
5 gpsd_log [function] [call site] 00032
5 gpsd_log [function] [call site] 00033
5 gpsd_log [function] [call site] 00034
5 gpsd_log [function] [call site] 00035
5 gpsd_log [function] [call site] 00036
4 preamble_match [function] [call site] 00037
3 rtcm2_decode [function] [call site] 00038
3 rtcm2_decode [function] [call site] 00039
3 character_pushback [function] [call site] 00040
4 __ctype_b_loc [call site] 00041
4 gpsd_log [function] [call site] 00042
3 rtcm2_decode [function] [call site] 00043
3 __ctype_b_loc [call site] 00044
3 character_pushback [function] [call site] 00045
3 character_pushback [function] [call site] 00046
3 character_pushback [function] [call site] 00047
3 __ctype_b_loc [call site] 00048
3 character_pushback [function] [call site] 00049
3 __ctype_b_loc [call site] 00050
3 character_pushback [function] [call site] 00051
3 __ctype_b_loc [call site] 00052
3 character_pushback [function] [call site] 00053
3 __ctype_b_loc [call site] 00054
3 character_pushback [function] [call site] 00055
3 character_pushback [function] [call site] 00056
3 character_pushback [function] [call site] 00057
3 memchr [call site] 00058
3 character_pushback [function] [call site] 00059
3 __ctype_b_loc [call site] 00060
3 character_pushback [function] [call site] 00061
3 character_pushback [function] [call site] 00062
3 __ctype_b_loc [call site] 00063
3 character_pushback [function] [call site] 00064
3 character_pushback [function] [call site] 00065
3 __ctype_b_loc [call site] 00066
3 character_pushback [function] [call site] 00067
3 __ctype_b_loc [call site] 00068
3 character_pushback [function] [call site] 00069
3 character_pushback [function] [call site] 00070
3 __ctype_b_loc [call site] 00071
3 character_pushback [function] [call site] 00072
3 character_pushback [function] [call site] 00073
3 __ctype_b_loc [call site] 00074
3 character_pushback [function] [call site] 00075
3 character_pushback [function] [call site] 00076
3 character_pushback [function] [call site] 00077
3 character_pushback [function] [call site] 00078
3 character_pushback [function] [call site] 00079
3 character_pushback [function] [call site] 00080
3 character_pushback [function] [call site] 00081
3 character_pushback [function] [call site] 00082
3 character_pushback [function] [call site] 00083
3 character_pushback [function] [call site] 00084
3 character_pushback [function] [call site] 00085
3 character_pushback [function] [call site] 00086
3 character_pushback [function] [call site] 00087
3 rtcm2_decode [function] [call site] 00088
3 character_pushback [function] [call site] 00089
3 rtcm2_decode [function] [call site] 00090
3 character_pushback [function] [call site] 00091
3 rtcm2_decode [function] [call site] 00092
3 character_pushback [function] [call site] 00093
3 rtcm2_decode [function] [call site] 00094
3 character_pushback [function] [call site] 00095
3 rtcm2_decode [function] [call site] 00096
3 character_pushback [function] [call site] 00097
3 rtcm2_decode [function] [call site] 00098
3 character_pushback [function] [call site] 00099
3 rtcm2_decode [function] [call site] 00100
3 character_pushback [function] [call site] 00101
3 rtcm2_decode [function] [call site] 00102
3 character_pushback [function] [call site] 00103
3 rtcm2_decode [function] [call site] 00104
3 character_pushback [function] [call site] 00105
3 rtcm2_decode [function] [call site] 00106
3 character_pushback [function] [call site] 00107
3 character_pushback [function] [call site] 00108
3 character_pushback [function] [call site] 00109
3 character_pushback [function] [call site] 00110
3 character_pushback [function] [call site] 00111
3 character_pushback [function] [call site] 00112
3 character_pushback [function] [call site] 00113
3 character_pushback [function] [call site] 00114
3 character_pushback [function] [call site] 00115
3 character_pushback [function] [call site] 00116
3 gpsd_packetdump [function] [call site] 00117
4 __ctype_b_loc [call site] 00118
4 gps_hexdump [function] [call site] 00119
3 gpsd_log [function] [call site] 00120
3 gpsd_log [function] [call site] 00121
3 character_pushback [function] [call site] 00122
3 character_pushback [function] [call site] 00123
3 character_pushback [function] [call site] 00124
3 character_pushback [function] [call site] 00125
3 character_pushback [function] [call site] 00126
3 __ctype_b_loc [call site] 00127
3 character_pushback [function] [call site] 00128
3 __ctype_b_loc [call site] 00129
3 character_pushback [function] [call site] 00130
3 oncore_payload_cksum_length [function] [call site] 00131
3 character_pushback [function] [call site] 00132
3 character_pushback [function] [call site] 00133
3 character_pushback [function] [call site] 00134
3 character_pushback [function] [call site] 00135
3 gpsd_log [function] [call site] 00136
3 character_pushback [function] [call site] 00137
3 character_pushback [function] [call site] 00138
3 gpsd_log [function] [call site] 00139
3 character_pushback [function] [call site] 00140
3 character_pushback [function] [call site] 00141
3 character_pushback [function] [call site] 00142
3 gpsd_log [function] [call site] 00143
3 gpsd_log [function] [call site] 00144
3 character_pushback [function] [call site] 00145
3 character_pushback [function] [call site] 00146
3 character_pushback [function] [call site] 00147
3 character_pushback [function] [call site] 00148
3 character_pushback [function] [call site] 00149
3 character_pushback [function] [call site] 00150
3 character_pushback [function] [call site] 00151
3 character_pushback [function] [call site] 00152
3 character_pushback [function] [call site] 00153
3 gpsd_log [function] [call site] 00154
3 character_pushback [function] [call site] 00155
3 character_pushback [function] [call site] 00156
3 character_pushback [function] [call site] 00157
3 character_pushback [function] [call site] 00158
3 character_pushback [function] [call site] 00159
3 character_pushback [function] [call site] 00160
3 character_pushback [function] [call site] 00161
3 character_pushback [function] [call site] 00162
3 character_discard [function] [call site] 00163
4 gpsd_packetdump [function] [call site] 00164
4 gpsd_log [function] [call site] 00165
3 character_pushback [function] [call site] 00166
3 character_pushback [function] [call site] 00167
3 __ctype_b_loc [call site] 00168
3 character_pushback [function] [call site] 00169
3 greis_hex2bin [function] [call site] 00170
3 __ctype_b_loc [call site] 00171
3 character_pushback [function] [call site] 00172
3 greis_hex2bin [function] [call site] 00173
3 __ctype_b_loc [call site] 00174
3 character_pushback [function] [call site] 00175
3 greis_hex2bin [function] [call site] 00176
3 character_pushback [function] [call site] 00177
3 character_pushback [function] [call site] 00178
3 rtcm2_decode [function] [call site] 00179
3 character_pushback [function] [call site] 00180
3 rtcm2_decode [function] [call site] 00181
3 __ctype_b_loc [call site] 00182
3 gpsd_log [function] [call site] 00183
3 __ctype_b_loc [call site] 00184
3 character_pushback [function] [call site] 00185
3 __ctype_b_loc [call site] 00186
3 character_pushback [function] [call site] 00187
3 character_pushback [function] [call site] 00188
3 memchr [call site] 00189
3 character_pushback [function] [call site] 00190
3 memchr [call site] 00191
3 character_pushback [function] [call site] 00192
3 __ctype_b_loc [call site] 00193
3 character_pushback [function] [call site] 00194
3 character_pushback [function] [call site] 00195
3 character_pushback [function] [call site] 00196
2 __ctype_b_loc [call site] 00197
2 gpsd_log [function] [call site] 00198
2 nmea_checksum [function] [call site] 00199
3 str_starts_with [function] [call site] 00200
4 strncmp [call site] 00201
3 __ctype_b_loc [call site] 00202
3 snprintf [call site] 00203
3 toupper [function] [call site] 00204
4 __ctype_toupper_loc [call site] 00205
3 toupper [function] [call site] 00206
3 gpsd_log [function] [call site] 00207
2 gpsd_log [function] [call site] 00208
2 gpsd_log [function] [call site] 00209
2 gpsd_log [function] [call site] 00210
2 gpsd_log [function] [call site] 00211
2 greis_checksum [function] [call site] 00212
3 greis_rotate_left [function] [call site] 00213
3 greis_rotate_left [function] [call site] 00214
2 gpsd_log [function] [call site] 00215
2 gpsd_log [function] [call site] 00216
2 character_discard [function] [call site] 00217
2 packet_accept [function] [call site] 00218
3 gpsd_packetdump [function] [call site] 00219
3 gpsd_log [function] [call site] 00220
3 gpsd_log [function] [call site] 00221
2 packet_discard [function] [call site] 00222
3 gpsd_log [function] [call site] 00223
3 gpsd_packetdump [function] [call site] 00224
3 gpsd_log [function] [call site] 00225
2 packet_accept [function] [call site] 00226
2 gpsd_log [function] [call site] 00227
2 nmea_checksum [function] [call site] 00228
2 gpsd_log [function] [call site] 00229
2 gpsd_log [function] [call site] 00230
2 gps_hexdump [function] [call site] 00231
2 gpsd_log [function] [call site] 00232
2 crc24q_check [function] [call site] 00233
3 crc24q_hash [function] [call site] 00234
2 crc24q_hash [function] [call site] 00235
2 gpsd_log [function] [call site] 00236
2 packet_stash [function] [call site] 00237
3 gpsd_packetdump [function] [call site] 00238
3 gpsd_log [function] [call site] 00239
2 packet_discard [function] [call site] 00240
2 gpsd_log [function] [call site] 00241
2 gpsd_log [function] [call site] 00242
2 gpsd_log [function] [call site] 00243
2 gpsd_log [function] [call site] 00244
2 gpsd_log [function] [call site] 00245
2 gpsd_log [function] [call site] 00246
2 gpsd_log [function] [call site] 00247
2 gpsd_log [function] [call site] 00248
2 gpsd_log [function] [call site] 00249
2 gpsd_log [function] [call site] 00250
2 gpsd_log [function] [call site] 00251
2 gpsd_log [function] [call site] 00252
2 packet_accept [function] [call site] 00253
2 packet_discard [function] [call site] 00254
2 packet_unstash [function] [call site] 00255
3 gpsd_packetdump [function] [call site] 00256
3 gpsd_log [function] [call site] 00257
3 gpsd_log [function] [call site] 00258
1 open [call site] 00259
1 lexer_init [function] [call site] 00260
1 packet_get [function] [call site] 00261
2 packet_get1 [function] [call site] 00262
3 packet_get1_chunked [function] [call site] 00263
4 gpsd_log [function] [call site] 00264
4 gpsd_log [function] [call site] 00265
4 __errno_location [call site] 00266
4 gpsd_log [function] [call site] 00267
4 read [call site] 00268
4 strerror [call site] 00269
4 gpsd_log [function] [call site] 00270
4 gpsd_log [function] [call site] 00271
4 gpsd_log [function] [call site] 00272
4 strerror [call site] 00273
4 gpsd_log [function] [call site] 00274
4 gps_hexdump [function] [call site] 00275
4 gpsd_log [function] [call site] 00276
4 gpsd_log [function] [call site] 00277
4 gpsd_log [function] [call site] 00278
4 strtol [call site] 00279
4 gpsd_log [function] [call site] 00280
4 gps_hexdump [function] [call site] 00281
4 gpsd_log [function] [call site] 00282
4 gpsd_log [function] [call site] 00283
4 gpsd_log [function] [call site] 00284
4 gps_hexdump [function] [call site] 00285
4 gpsd_log [function] [call site] 00286
4 gpsd_log [function] [call site] 00287
4 gps_hexdump [function] [call site] 00288
4 gpsd_log [function] [call site] 00289
4 gpsd_log [function] [call site] 00290
4 gpsd_log [function] [call site] 00291
4 gpsd_log [function] [call site] 00292
4 gps_hexdump [function] [call site] 00293
4 gpsd_log [function] [call site] 00294
4 gps_hexdump [function] [call site] 00295
4 gpsd_log [function] [call site] 00296
4 gpsd_log [function] [call site] 00297
4 gpsd_log [function] [call site] 00298
4 gps_hexdump [function] [call site] 00299
4 gpsd_log [function] [call site] 00300
4 packet_parse [function] [call site] 00301
4 gps_hexdump [function] [call site] 00302
4 gpsd_log [function] [call site] 00303
4 gpsd_log [function] [call site] 00304
3 __errno_location [call site] 00305
3 read [call site] 00306
3 gpsd_log [function] [call site] 00307
3 strerror [call site] 00308
3 gpsd_log [function] [call site] 00309
3 gpsd_packetdump [function] [call site] 00310
3 gpsd_log [function] [call site] 00311
3 strerror [call site] 00312
3 gpsd_log [function] [call site] 00313
3 gpsd_log [function] [call site] 00314
3 packet_parse [function] [call site] 00315
3 packet_discard [function] [call site] 00316
3 gpsd_log [function] [call site] 00317
3 gpsd_log [function] [call site] 00318
3 gpsd_log [function] [call site] 00319
1 close [call site] 00320