The followings are the branches where fuzzer fails to bypass.
| Unique non-covered Complexity | Unique Reachable Complexities | Unique Reachable Functions | All non-covered Complexity | All Reachable Complexity | Function Name | Function Callsite | Blocked Branch |
|---|---|---|---|---|---|---|---|
| 14 | 14 |
2 :
['byte_swap', 'crc_word_big'] |
14 | 14 | crc32_z | call site: 00024 | /src/zlib/crc32.c:788 |
| 2 | 2 |
1 :
['memcmp'] |
2 | 2 | trns_row | call site: 00421 | /src/libspng/spng/spng.c:1822 |
| 0 | 474 |
6 :
['adler32', 'inflate_fast', 'crc32', 'updatewindow', 'inflate_table', 'fixedtables'] |
0 | 474 | inflate | call site: 00170 | /src/zlib/inflate.c:855 |
| 0 | 36 |
2 :
['crc32', 'adler32'] |
0 | 36 | inflate | call site: 00179 | /src/zlib/inflate.c:1293 |
| 0 | 4 |
2 :
['spng__iter_init', 'get_sample'] |
0 | 4 | trns_row | call site: 00424 | /src/libspng/spng/spng.c:1843 |
| 0 | 2 |
1 :
['get_sample'] |
0 | 2 | unpack_scanline | call site: 00413 | /src/libspng/spng/spng.c:2011 |
| 0 | 0 | None | 0 | 474 | inflate | call site: 00158 | /src/zlib/inflate.c:661 |
| 0 | 0 | None | 0 | 474 | inflate | call site: 00158 | /src/zlib/inflate.c:667 |
| 0 | 0 | None | 0 | 474 | inflate | call site: 00160 | /src/zlib/inflate.c:676 |
| 0 | 0 | None | 0 | 474 | inflate | call site: 00160 | /src/zlib/inflate.c:694 |
| 0 | 0 | None | 0 | 474 | inflate | call site: 00176 | /src/zlib/inflate.c:1227 |
| 0 | 0 | None | 0 | 474 | inflate | call site: 00178 | /src/zlib/inflate.c:1231 |
LLVMFuzzerTestOneInput
[function]
[call site]
00000
spng_ctx_new
[function]
[call site]
00001
spng_ctx_new2
[function]
[call site]
00002
fmemopen
[call site]
00003
spng_set_png_file
[function]
[call site]
00004
spng_set_png_stream
[function]
[call site]
00005
spng__malloc
[function]
[call site]
00006
spng_set_png_stream
[function]
[call site]
00007
spng_set_png_stream
[function]
[call site]
00008
buffer_read_fn(spng_ctx*, void*, void*, unsigned long)
[function]
[call site]
00009
spng_set_png_buffer
[function]
[call site]
00010
buffer_read_fn
[function]
[call site]
00011
spng_set_image_limits
[function]
[call site]
00012
spng_set_chunk_limits
[function]
[call site]
00013
spng_set_crc_action
[function]
[call site]
00014
spng_set_option
[function]
[call site]
00015
spng_decoded_image_size
[function]
[call site]
00016
read_chunks
[function]
[call site]
00017
read_ihdr
[function]
[call site]
00018
read_data
[function]
[call site]
00019
memcmp
[call site]
00020
read_u32
[function]
[call site]
00021
memcmp
[call site]
00022
crc32
[function]
[call site]
00023
crc32_z
[function]
[call site]
00024
crc_word
[function]
[call site]
00025
crc_word
[function]
[call site]
00026
crc_word
[function]
[call site]
00027
crc_word
[function]
[call site]
00028
crc_word
[function]
[call site]
00029
byte_swap
[function]
[call site]
00030
crc_word_big
[function]
[call site]
00031
crc_word_big
[function]
[call site]
00032
crc_word_big
[function]
[call site]
00033
crc_word_big
[function]
[call site]
00034
crc_word_big
[function]
[call site]
00035
byte_swap
[function]
[call site]
00036
crc32
[function]
[call site]
00037
read_u32
[function]
[call site]
00038
read_u32
[function]
[call site]
00039
check_ihdr
[function]
[call site]
00040
num_channels
[function]
[call site]
00041
calculate_subimages
[function]
[call site]
00042
calculate_scanline_width
[function]
[call site]
00043
num_channels
[function]
[call site]
00044
decode_err
[function]
[call site]
00045
read_non_idat_chunks
[function]
[call site]
00046
read_header
[function]
[call site]
00047
read_and_check_crc
[function]
[call site]
00048
read_data
[function]
[call site]
00049
read_u32
[function]
[call site]
00050
is_critical_chunk
[function]
[call site]
00051
read_data
[function]
[call site]
00052
read_u32
[function]
[call site]
00053
is_critical_chunk
[function]
[call site]
00054
crc32
[function]
[call site]
00055
crc32
[function]
[call site]
00056
memcmp
[call site]
00057
discard_chunk_bytes
[function]
[call site]
00058
read_chunk_bytes
[function]
[call site]
00059
read_data
[function]
[call site]
00060
crc32
[function]
[call site]
00061
read_chunk_bytes
[function]
[call site]
00062
is_small_chunk
[function]
[call site]
00063
memcmp
[call site]
00064
memcmp
[call site]
00065
memcmp
[call site]
00066
memcmp
[call site]
00067
memcmp
[call site]
00068
memcmp
[call site]
00069
memcmp
[call site]
00070
memcmp
[call site]
00071
memcmp
[call site]
00072
memcmp
[call site]
00073
memcmp
[call site]
00074
read_chunk_bytes
[function]
[call site]
00075
is_critical_chunk
[function]
[call site]
00076
memcmp
[call site]
00077
check_plte
[function]
[call site]
00078
memcmp
[call site]
00079
read_and_check_crc
[function]
[call site]
00080
memcmp
[call site]
00081
memcmp
[call site]
00082
read_u32
[function]
[call site]
00083
read_u32
[function]
[call site]
00084
read_u32
[function]
[call site]
00085
read_u32
[function]
[call site]
00086
read_u32
[function]
[call site]
00087
read_u32
[function]
[call site]
00088
read_u32
[function]
[call site]
00089
read_u32
[function]
[call site]
00090
check_chrm_int
[function]
[call site]
00091
memcmp
[call site]
00092
read_u32
[function]
[call site]
00093
memcmp
[call site]
00094
check_sbit
[function]
[call site]
00095
memcmp
[call site]
00096
memcmp
[call site]
00097
read_u16
[function]
[call site]
00098
read_u16
[function]
[call site]
00099
read_u16
[function]
[call site]
00100
read_u16
[function]
[call site]
00101
memcmp
[call site]
00102
read_u16
[function]
[call site]
00103
read_u16
[function]
[call site]
00104
read_u16
[function]
[call site]
00105
read_u16
[function]
[call site]
00106
memcmp
[call site]
00107
read_u16
[function]
[call site]
00108
memcmp
[call site]
00109
read_u32
[function]
[call site]
00110
read_u32
[function]
[call site]
00111
check_phys
[function]
[call site]
00112
memcmp
[call site]
00113
read_u16
[function]
[call site]
00114
check_time
[function]
[call site]
00115
memcmp
[call site]
00116
read_s32
[function]
[call site]
00117
read_u32
[function]
[call site]
00118
read_s32
[function]
[call site]
00119
check_offs
[function]
[call site]
00120
memcmp
[call site]
00121
increase_cache_usage
[function]
[call site]
00122
spng__malloc
[function]
[call site]
00123
read_chunk_bytes2
[function]
[call site]
00124
crc32
[function]
[call site]
00125
spng__free
[function]
[call site]
00126
check_exif
[function]
[call site]
00127
memcmp
[call site]
00128
spng__free
[function]
[call site]
00129
memcmp
[call site]
00130
read_chunk_bytes
[function]
[call site]
00131
memchr
[call site]
00132
check_png_keyword
[function]
[call site]
00133
strlen
[call site]
00134
strstr
[call site]
00135
spng__inflate_stream
[function]
[call site]
00136
spng__inflate_init
[function]
[call site]
00137
inflateEnd
[function]
[call site]
00138
inflateStateCheck
[function]
[call site]
00139
spng__zalloc
[function]
[call site]
00140
spng__malloc
[function]
[call site]
00141
spng__zfree
[function]
[call site]
00142
spng__free
[function]
[call site]
00143
inflateInit2_
[function]
[call site]
00144
zcalloc
[function]
[call site]
00145
zcfree
[function]
[call site]
00146
inflateReset2
[function]
[call site]
00147
inflateStateCheck
[function]
[call site]
00148
inflateReset
[function]
[call site]
00149
inflateStateCheck
[function]
[call site]
00150
inflateResetKeep
[function]
[call site]
00151
inflateStateCheck
[function]
[call site]
00152
is_critical_chunk
[function]
[call site]
00153
inflateValidate
[function]
[call site]
00154
inflateStateCheck
[function]
[call site]
00155
spng__malloc
[function]
[call site]
00156
inflate
[function]
[call site]
00157
inflateStateCheck
[function]
[call site]
00158
crc32
[function]
[call site]
00159
crc32
[function]
[call site]
00160
adler32
[function]
[call site]
00161
adler32_z
[function]
[call site]
00162
crc32
[function]
[call site]
00163
crc32
[function]
[call site]
00164
crc32
[function]
[call site]
00165
crc32
[function]
[call site]
00166
crc32
[function]
[call site]
00167
crc32
[function]
[call site]
00168
crc32
[function]
[call site]
00169
crc32
[function]
[call site]
00170
adler32
[function]
[call site]
00171
fixedtables
[function]
[call site]
00172
inflate_table
[function]
[call site]
00173
inflate_table
[function]
[call site]
00174
inflate_table
[function]
[call site]
00175
inflate_fast
[function]
[call site]
00176
crc32
[function]
[call site]
00177
adler32
[function]
[call site]
00178
updatewindow
[function]
[call site]
00179
crc32
[function]
[call site]
00180
adler32
[function]
[call site]
00181
spng__realloc
[function]
[call site]
00182
read_chunk_bytes
[function]
[call site]
00183
spng__realloc
[function]
[call site]
00184
increase_cache_usage
[function]
[call site]
00185
spng__free
[function]
[call site]
00186
memcmp
[call site]
00187
memcmp
[call site]
00188
memcmp
[call site]
00189
increase_cache_usage
[function]
[call site]
00190
spng__realloc
[function]
[call site]
00191
text_undo
[function]
[call site]
00192
spng__free
[function]
[call site]
00193
spng__free
[function]
[call site]
00194
decrease_cache_usage
[function]
[call site]
00195
decrease_cache_usage
[function]
[call site]
00196
read_chunk_bytes
[function]
[call site]
00197
memchr
[call site]
00198
memcmp
[call site]
00199
memcmp
[call site]
00200
memcmp
[call site]
00201
memchr
[call site]
00202
memchr
[call site]
00203
increase_cache_usage
[function]
[call site]
00204
spng__calloc
[function]
[call site]
00205
spng__inflate_stream
[function]
[call site]
00206
increase_cache_usage
[function]
[call site]
00207
spng__malloc
[function]
[call site]
00208
read_chunk_bytes2
[function]
[call site]
00209
check_png_keyword
[function]
[call site]
00210
strlen
[call site]
00211
check_png_text
[function]
[call site]
00212
memcmp
[call site]
00213
increase_cache_usage
[function]
[call site]
00214
spng__realloc
[function]
[call site]
00215
splt_undo
[function]
[call site]
00216
spng__free
[function]
[call site]
00217
decrease_cache_usage
[function]
[call site]
00218
decrease_cache_usage
[function]
[call site]
00219
spng__malloc
[function]
[call site]
00220
read_chunk_bytes2
[function]
[call site]
00221
memchr
[call site]
00222
check_png_keyword
[function]
[call site]
00223
strcmp
[call site]
00224
increase_cache_usage
[function]
[call site]
00225
spng__malloc
[function]
[call site]
00226
spng__free
[function]
[call site]
00227
read_u16
[function]
[call site]
00228
read_u16
[function]
[call site]
00229
read_u16
[function]
[call site]
00230
read_u16
[function]
[call site]
00231
read_u16
[function]
[call site]
00232
read_u16
[function]
[call site]
00233
spng__free
[function]
[call site]
00234
decrease_cache_usage
[function]
[call site]
00235
increase_cache_usage
[function]
[call site]
00236
spng__realloc
[function]
[call site]
00237
chunk_undo
[function]
[call site]
00238
spng__free
[function]
[call site]
00239
decrease_cache_usage
[function]
[call site]
00240
decrease_cache_usage
[function]
[call site]
00241
spng__malloc
[function]
[call site]
00242
read_chunk_bytes2
[function]
[call site]
00243
spng__free
[function]
[call site]
00244
discard_chunk_bytes
[function]
[call site]
00245
is_critical_chunk
[function]
[call site]
00246
discard_chunk_bytes
[function]
[call site]
00247
decode_err
[function]
[call site]
00248
decode_err
[function]
[call site]
00249
decode_err
[function]
[call site]
00250
check_decode_fmt
[function]
[call site]
00251
calculate_image_size
[function]
[call site]
00252
calculate_image_width
[function]
[call site]
00253
calculate_scanline_width
[function]
[call site]
00254
spng_get_ihdr
[function]
[call site]
00255
read_chunks
[function]
[call site]
00256
spng_get_plte
[function]
[call site]
00257
read_chunks
[function]
[call site]
00258
spng_get_trns
[function]
[call site]
00259
read_chunks
[function]
[call site]
00260
spng_get_chrm
[function]
[call site]
00261
read_chunks
[function]
[call site]
00262
spng_get_chrm_int
[function]
[call site]
00263
read_chunks
[function]
[call site]
00264
spng_get_gama
[function]
[call site]
00265
read_chunks
[function]
[call site]
00266
spng_get_iccp
[function]
[call site]
00267
read_chunks
[function]
[call site]
00268
spng_get_sbit
[function]
[call site]
00269
read_chunks
[function]
[call site]
00270
spng_get_srgb
[function]
[call site]
00271
read_chunks
[function]
[call site]
00272
spng_get_text
[function]
[call site]
00273
read_chunks
[function]
[call site]
00274
strlen
[call site]
00275
spng_get_text
[function]
[call site]
00276
memchr
[call site]
00277
spng_ctx_free
[function]
[call site]
00278
spng__free
[function]
[call site]
00279
spng__free
[function]
[call site]
00280
spng__free
[function]
[call site]
00281
spng__free
[function]
[call site]
00282
spng__free
[function]
[call site]
00283
spng__free
[function]
[call site]
00284
spng__free
[function]
[call site]
00285
spng__free
[function]
[call site]
00286
spng__free
[function]
[call site]
00287
spng__free
[function]
[call site]
00288
deflateEnd
[function]
[call site]
00289
deflateStateCheck
[function]
[call site]
00290
inflateEnd
[function]
[call site]
00291
spng__free
[function]
[call site]
00292
spng__free
[function]
[call site]
00293
spng__free
[function]
[call site]
00294
spng__free
[function]
[call site]
00295
spng__free
[function]
[call site]
00296
spng__free
[function]
[call site]
00297
strlen
[call site]
00298
spng_get_bkgd
[function]
[call site]
00299
read_chunks
[function]
[call site]
00300
spng_get_hist
[function]
[call site]
00301
read_chunks
[function]
[call site]
00302
spng_get_phys
[function]
[call site]
00303
read_chunks
[function]
[call site]
00304
spng_get_splt
[function]
[call site]
00305
read_chunks
[function]
[call site]
00306
spng_get_splt
[function]
[call site]
00307
memchr
[call site]
00308
spng_ctx_free
[function]
[call site]
00309
spng_get_unknown_chunks
[function]
[call site]
00310
read_chunks
[function]
[call site]
00311
spng_get_unknown_chunks
[function]
[call site]
00312
spng_ctx_free
[function]
[call site]
00313
spng_decode_image
[function]
[call site]
00314
read_chunks
[function]
[call site]
00315
decode_err
[function]
[call site]
00316
check_decode_fmt
[function]
[call site]
00317
calculate_image_width
[function]
[call site]
00318
decode_err
[function]
[call site]
00319
read_idat_bytes
[function]
[call site]
00320
memcmp
[call site]
00321
read_header
[function]
[call site]
00322
memcmp
[call site]
00323
read_chunk_bytes
[function]
[call site]
00324
decode_err
[function]
[call site]
00325
read_u16
[function]
[call site]
00326
spng__inflate_init
[function]
[call site]
00327
decode_err
[function]
[call site]
00328
spng__malloc
[function]
[call site]
00329
spng__malloc
[function]
[call site]
00330
spng__malloc
[function]
[call site]
00331
decode_err
[function]
[call site]
00332
decode_err
[function]
[call site]
00333
spng__malloc
[function]
[call site]
00334
decode_err
[function]
[call site]
00335
decode_err
[function]
[call site]
00336
pow
[call site]
00337
decode_err
[function]
[call site]
00338
sample_to_target
[function]
[call site]
00339
abs
[call site]
00340
sample_to_target
[function]
[call site]
00341
sample_to_target
[function]
[call site]
00342
sample_to_target
[function]
[call site]
00343
decode_err
[function]
[call site]
00344
read_scanline_bytes
[function]
[call site]
00345
inflate
[function]
[call site]
00346
read_idat_bytes
[function]
[call site]
00347
decode_err
[function]
[call site]
00348
decode_err
[function]
[call site]
00349
spng_decode_row
[function]
[call site]
00350
spng_decode_scanline
[function]
[call site]
00351
spng__iter_init
[function]
[call site]
00352
read_scanline
[function]
[call site]
00353
read_scanline_bytes
[function]
[call site]
00354
read_scanline_bytes
[function]
[call site]
00355
u16_row_to_host
[function]
[call site]
00356
read_u16
[function]
[call site]
00357
defilter_scanline
[function]
[call site]
00358
defilter_sub4
[function]
[call site]
00359
load4
[function]
[call site]
00360
store4
[function]
[call site]
00361
defilter_avg4
[function]
[call site]
00362
load4
[function]
[call site]
00363
load4
[function]
[call site]
00364
store4
[function]
[call site]
00365
defilter_paeth4
[function]
[call site]
00366
load4
[function]
[call site]
00367
load4
[function]
[call site]
00368
abs_i16
[function]
[call site]
00369
abs_i16
[function]
[call site]
00370
abs_i16
[function]
[call site]
00371
if_then_else
[function]
[call site]
00372
if_then_else
[function]
[call site]
00373
store4
[function]
[call site]
00374
defilter_sub3
[function]
[call site]
00375
load4
[function]
[call site]
00376
store3
[function]
[call site]
00377
load3
[function]
[call site]
00378
store3
[function]
[call site]
00379
defilter_avg3
[function]
[call site]
00380
load4
[function]
[call site]
00381
load4
[function]
[call site]
00382
store3
[function]
[call site]
00383
load3
[function]
[call site]
00384
load3
[function]
[call site]
00385
store3
[function]
[call site]
00386
defilter_paeth3
[function]
[call site]
00387
load4
[function]
[call site]
00388
load4
[function]
[call site]
00389
abs_i16
[function]
[call site]
00390
abs_i16
[function]
[call site]
00391
abs_i16
[function]
[call site]
00392
if_then_else
[function]
[call site]
00393
if_then_else
[function]
[call site]
00394
store3
[function]
[call site]
00395
load3
[function]
[call site]
00396
load3
[function]
[call site]
00397
abs_i16
[function]
[call site]
00398
abs_i16
[function]
[call site]
00399
abs_i16
[function]
[call site]
00400
if_then_else
[function]
[call site]
00401
if_then_else
[function]
[call site]
00402
store3
[function]
[call site]
00403
defilter_up
[function]
[call site]
00404
paeth
[function]
[call site]
00405
decode_err
[function]
[call site]
00409
unpack_scanline
[function]
[call site]
00410
spng__iter_init
[function]
[call site]
00411
get_sample
[function]
[call site]
00412
get_sample
[function]
[call site]
00413
get_sample
[function]
[call site]
00414
rgb8_row_to_rgba8
[function]
[call site]
00415
expand_row
[function]
[call site]
00416
get_sample
[function]
[call site]
00417
get_sample
[function]
[call site]
00418
trns_row
[function]
[call site]
00419
memcmp
[call site]
00420
memcmp
[call site]
00421
memcmp
[call site]
00422
spng__iter_init
[function]
[call site]
00423
get_sample
[function]
[call site]
00424
memcmp
[call site]
00425
spng__iter_init
[function]
[call site]
00426
get_sample
[function]
[call site]
00427
scale_row
[function]
[call site]
00428
sample_to_target
[function]
[call site]
00429
sample_to_target
[function]
[call site]
00430
sample_to_target
[function]
[call site]
00431
sample_to_target
[function]
[call site]
00432
sample_to_target
[function]
[call site]
00433
sample_to_target
[function]
[call site]
00434
sample_to_target
[function]
[call site]
00435
sample_to_target
[function]
[call site]
00436
sample_to_target
[function]
[call site]
00437
sample_to_target
[function]
[call site]
00438
sample_to_target
[function]
[call site]
00439
sample_to_target
[function]
[call site]
00440
sample_to_target
[function]
[call site]
00441
gamma_correct_row
[function]
[call site]
00442
update_row_info
[function]
[call site]
00443
discard_chunk_bytes
[function]
[call site]
00444
decode_err
[function]
[call site]
00445
spng_decode_scanline
[function]
[call site]
00446
spng__iter_init
[function]
[call site]
00447
get_sample
[function]
[call site]
00448
decode_err
[function]
[call site]
00449
spng_get_row_info
[function]
[call site]
00450
spng_decode_row
[function]
[call site]
00451
spng_decode_image
[function]
[call site]
00452
spng_get_time
[function]
[call site]
00453
read_chunks
[function]
[call site]
00454
spng_ctx_free
[function]
[call site]
00455
fclose
[call site]
00456