Fuzz introspector: midx_fuzzer
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
229 229 2 :

['midx_parse_object_large_offsets', 'midx_parse_object_offsets']

229 229 git_midx_parse call site: 00147 /src/libgit2/src/libgit2/midx.c:280
222 332 2 :

['git_str_grow', 'git_error_set_oom']

222 332 git_str_vprintf call site: 00020 /src/libgit2/src/util/str.c:529
160 160 5 :

['compute_minrun', 'check_invariant', 'collapse', 'count_run', 'merge']

160 220 git__tsort_r call site: 00000 /src/libgit2/src/util/tsort.c:346
121 121 1 :

['get_passwd_home']

236 350 git_sysdir_guess_xdg_dirs call site: 00000 /src/libgit2/src/libgit2/sysdir.c:401
121 121 1 :

['get_passwd_home']

236 236 git_sysdir_guess_home_dirs call site: 00000 /src/libgit2/src/libgit2/sysdir.c:356
115 115 1 :

['git_futils_mmap_free']

115 118 git_midx_close call site: 00162 /src/libgit2/src/libgit2/midx.c:489
111 111 1 :

['git_error_set_oom']

111 111 git_str_try_grow call site: 00004 /src/libgit2/src/util/str.c:75
18 128 11 :

['getsid', 'getpgid', 'getgid', 'gettimeofday', 'getppid', '__errno_location', 'getpid', 'git_time_monotonic.4720', 'getloadavg', 'git_error_set', 'getuid']

18 128 getseed call site: 00000 /src/libgit2/src/util/rand.c:93
7 7 1 :

['git_vector_free_deep']

7 7 git_merge_driver_global_init call site: 00000 /src/libgit2/src/libgit2/merge_driver.c:220
4 115 3 :

['strerror', 'git_str_puts', '__errno_location']

4 226 git_error_vset call site: 00024 /src/libgit2/src/libgit2/errors.c:114
4 4 1 :

['git_oid_raw_cmp']

4 334 midx_parse_oid_lookup call site: 00148 /src/libgit2/src/libgit2/midx.c:121
4 4 1 :

['git_filter_free']

4 4 git_filter_global_init call site: 00000 /src/libgit2/src/libgit2/filter.c:215

Fuzzer calltree

0 LLVMFuzzerTestOneInput [function] [call site] 00000
1 git_str_init [function] [call site] 00001
2 git_str_grow [function] [call site] 00002
3 git_str_try_grow [function] [call site] 00003
4 git_error_set [function] [call site] 00004
5 git_error_vset [function] [call site] 00005
6 git_threadstate_get [function] [call site] 00006
7 git_tlsdata_get [function] [call site] 00007
8 pthread_getspecific [call site] 00008
7 git_str_init [function] [call site] 00009
7 git_tlsdata_set [function] [call site] 00010
8 pthread_setspecific [call site] 00011
6 __errno_location [call site] 00012
6 git_str_clear [function] [call site] 00013
6 git_str_vprintf [function] [call site] 00014
7 strlen [call site] 00015
7 git_error_set_oom [function] [call site] 00016
8 git_threadstate_get [function] [call site] 00017
7 git_error_set_oom [function] [call site] 00018
7 git_str_grow [function] [call site] 00019
7 vsnprintf [call site] 00020
7 git_error_set_oom [function] [call site] 00021
7 git_error_set_oom [function] [call site] 00022
7 git_str_grow [function] [call site] 00023
6 git_str_put [function] [call site] 00024
7 git_error_set [function] [call site] 00025
7 git_error_set_oom [function] [call site] 00026
7 git_error_set_oom [function] [call site] 00027
7 git_str_grow [function] [call site] 00028
6 strerror [call site] 00029
6 git_str_puts [function] [call site] 00030
7 git_error_set [function] [call site] 00031
7 strlen [call site] 00032
7 git_str_put [function] [call site] 00033
6 __errno_location [call site] 00034
6 git_str_oom [function] [call site] 00035
6 set_error_from_buffer [function] [call site] 00036
7 git_threadstate_get [function] [call site] 00037
4 git_error_set_oom [function] [call site] 00038
1 git_hash_buf [function] [call site] 00039
2 git_hash_ctx_init [function] [call site] 00040
3 git_hash_sha1_ctx_init [function] [call site] 00041
4 git_hash_sha1_init [function] [call site] 00042
5 git_error_set [function] [call site] 00043
5 SHA1DCInit [function] [call site] 00044
3 git_hash_sha256_ctx_init [function] [call site] 00045
4 git_hash_sha256_init [function] [call site] 00046
5 SHA256Reset [function] [call site] 00047
6 SHA224_256Reset [function] [call site] 00048
5 git_error_set [function] [call site] 00049
3 git_error_set [function] [call site] 00050
2 git_hash_update [function] [call site] 00051
3 git_hash_sha1_update [function] [call site] 00052
4 git_error_set [function] [call site] 00053
4 SHA1DCUpdate [function] [call site] 00054
5 sha1_process [function] [call site] 00055
6 sha1_compression_states [function] [call site] 00056
6 ubc_check [function] [call site] 00057
6 sha1_recompression_step [function] [call site] 00058
7 sha1recompress_fast_58 [function] [call site] 00059
7 sha1recompress_fast_65 [function] [call site] 00060
7 abort [call site] 00061
6 sha1_compression_W [function] [call site] 00062
6 sha1_compression_W [function] [call site] 00063
5 sha1_process [function] [call site] 00064
3 git_hash_sha256_update [function] [call site] 00065
4 git_error_set [function] [call site] 00066
4 SHA256Input [function] [call site] 00067
5 SHA224_256ProcessMessageBlock [function] [call site] 00068
4 git_error_set [function] [call site] 00069
3 git_error_set [function] [call site] 00070
2 git_hash_final [function] [call site] 00071
3 git_hash_sha1_final [function] [call site] 00072
4 git_error_set [function] [call site] 00073
4 SHA1DCFinal [function] [call site] 00074
5 SHA1DCUpdate [function] [call site] 00075
5 sha1_process [function] [call site] 00076
4 git_error_set [function] [call site] 00077
3 git_hash_sha256_final [function] [call site] 00078
4 git_error_set [function] [call site] 00079
4 SHA256Result [function] [call site] 00080
5 SHA224_256ResultN [function] [call site] 00081
6 SHA224_256Finalize [function] [call site] 00082
7 SHA224_256PadMessage [function] [call site] 00083
8 SHA224_256ProcessMessageBlock [function] [call site] 00084
8 SHA224_256ProcessMessageBlock [function] [call site] 00085
4 git_error_set [function] [call site] 00086
3 git_error_set [function] [call site] 00087
2 git_hash_ctx_cleanup [function] [call site] 00088
3 git_hash_sha1_ctx_cleanup [function] [call site] 00089
3 git_hash_sha256_ctx_cleanup [function] [call site] 00090
1 fprintf [call site] 00091
1 abort [call site] 00092
1 git_str_attach_notowned [function] [call site] 00093
2 git_str_is_allocated [function] [call site] 00094
2 git_str_dispose [function] [call site] 00095
3 git_str_init [function] [call site] 00096
2 git_str_init [function] [call site] 00097
1 git_str_cstr [function] [call site] 00098
1 git_midx_parse [function] [call site] 00099
2 git_error_set [function] [call site] 00100
2 git_oid_size [function] [call site] 00101
2 midx_error [function] [call site] 00102
3 git_error_set [function] [call site] 00103
2 htonl [call site] 00104
2 midx_error [function] [call site] 00105
2 midx_error [function] [call site] 00106
2 midx_error [function] [call site] 00107
2 ntohl [call site] 00108
2 ntohl [call site] 00109
2 ntohl [call site] 00110
2 midx_error [function] [call site] 00111
2 midx_error [function] [call site] 00112
2 midx_error [function] [call site] 00113
2 midx_error [function] [call site] 00114
2 ntohl [call site] 00115
2 midx_parse_packfile_names [function] [call site] 00116
3 midx_error [function] [call site] 00117
3 midx_error [function] [call site] 00118
3 git_vector_init [function] [call site] 00119
4 git_error_set [function] [call site] 00120
4 resize_vector [function] [call site] 00121
3 git__strcmp_cb [function] [call site] 00122
4 strcmp [call site] 00123
3 strnlen [call site] 00124
3 midx_error [function] [call site] 00125
3 midx_error [function] [call site] 00126
3 git_vector_insert [function] [call site] 00127
4 git_error_set [function] [call site] 00128
4 compute_new_size [function] [call site] 00129
3 git_vector_get [function] [call site] 00130
3 strcmp [call site] 00131
3 midx_error [function] [call site] 00132
3 strlen [call site] 00133
3 git__suffixcmp [function] [call site] 00134
4 strlen [call site] 00135
4 strlen [call site] 00136
4 strcmp [call site] 00137
3 midx_error [function] [call site] 00138
3 strchr [call site] 00139
3 midx_error [function] [call site] 00140
2 midx_parse_oid_fanout [function] [call site] 00141
3 midx_error [function] [call site] 00142
3 midx_error [function] [call site] 00143
3 midx_error [function] [call site] 00144
3 ntohl [call site] 00145
3 midx_error [function] [call site] 00146
2 midx_parse_oid_lookup [function] [call site] 00147
3 git_oid_size [function] [call site] 00148
3 midx_error [function] [call site] 00149
3 midx_error [function] [call site] 00150
3 midx_error [function] [call site] 00151
3 git_oid_raw_cmp [function] [call site] 00152
4 memcmp [call site] 00153
3 midx_error [function] [call site] 00154
2 midx_parse_object_offsets [function] [call site] 00155
3 midx_error [function] [call site] 00156
3 midx_error [function] [call site] 00157
3 midx_error [function] [call site] 00158
2 midx_parse_object_large_offsets [function] [call site] 00159
3 midx_error [function] [call site] 00160
1 git_midx_close [function] [call site] 00161
2 git_error_set [function] [call site] 00162
2 git_futils_mmap_free [function] [call site] 00163
3 p_munmap [function] [call site] 00164
4 git_error_set [function] [call site] 00165
4 munmap [call site] 00166
2 git_vector_free [function] [call site] 00167
1 git_str_dispose [function] [call site] 00168