Fuzz introspector
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues

Project functions overview

The following table shows data about each function in the project. The functions included in this table correspond to all functions that exist in the executables of the fuzzers. As such, there may be functions that are from third-party libraries.

For further technical details on the meaning of columns in the below table, please see the Glossary .

Func name Functions filename Args Function call depth Reached by Fuzzers Runtime reached by Fuzzers Combined reached by Fuzzers Fuzzers runtime hit Func lines hit % I Count BB Count Cyclomatic complexity Functions reached Reached by functions Accumulated cyclomatic complexity Undiscovered complexity

Fuzzer details

Fuzzer: fuzz_decomp_corrupt_block

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 193 94.1%
gold [1:9] 0 0.0%
yellow [10:29] 0 0.0%
greenyellow [30:49] 0 0.0%
lawngreen 50+ 12 5.85%
All colors 205 100

Fuzz blockers

The following nodes represent call sites where fuzz blockers occur.

Amount of callsites blocked Calltree index Parent function Callsite Largest blocked function
103 8 lz4_flex::frame::FrameDecoder::new call site: 00008 FrameDecoder::read_to_end
59 125 SliceSink::capacity call site: 00125 BlockInfo::read
12 112 SliceSink::extend_with_fill call site: 00112 FrameDecoder::read_block
7 0 EP call site: 00000
7 193 io::Result::extend_from_slice call site: 00193
4 186 SliceSink::extend_from_slice_wild call site: 00186 short_copy
1 203 lz4_flex::block::decompress_with_dict call site: 00203

Runtime coverage analysis

Covered functions
62
Functions that are reachable but not covered
2
Reachable functions
5
Percentage of reachable functions covered
60.0%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
fuzz/fuzz_targets/fuzz_decomp_corrupt_block.rs 5
lz4_bin/src/main.rs 7
src/block/compress.rs 4
src/frame/decompress.rs 40
src/frame/header.rs 20
src/frame/compress.rs 1
src/block/hashtable.rs 1
src/sink.rs 6
src/fastcpy.rs 5
src/block/decompress.rs 3

Fuzzer: fuzz_roundtrip

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 19 65.5%
gold [1:9] 0 0.0%
yellow [10:29] 0 0.0%
greenyellow [30:49] 0 0.0%
lawngreen 50+ 10 34.4%
All colors 29 100

Fuzz blockers

The following nodes represent call sites where fuzz blockers occur.

Amount of callsites blocked Calltree index Parent function Callsite Largest blocked function
14 14 lz4_flex::decompress_size_prepended call site: 00014 short_copy
3 5 super::uncompressed_size call site: 00005
1 0 EP call site: 00000
1 2 lz4_flex::compress_prepend_size call site: 00002

Runtime coverage analysis

Covered functions
66
Functions that are reachable but not covered
2
Reachable functions
4
Percentage of reachable functions covered
50.0%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
fuzz/fuzz_targets/fuzz_roundtrip.rs 4
src/block/compress.rs 3
src/block/decompress.rs 2
src/block/mod.rs 6
fuzz/fuzz_targets/fuzz_decomp_no_output_leak.rs 3
lz4_bin/src/main.rs 5
src/fastcpy.rs 5

Fuzzer: fuzz_roundtrip_cpp_compress

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 196 96.0%
gold [1:9] 0 0.0%
yellow [10:29] 0 0.0%
greenyellow [30:49] 0 0.0%
lawngreen 50+ 8 3.92%
All colors 204 100

Fuzz blockers

The following nodes represent call sites where fuzz blockers occur.

Amount of callsites blocked Calltree index Parent function Callsite Largest blocked function
114 0 EP call site: 00000 FrameDecoder::read_to_end
59 128 SliceSink::capacity call site: 00128 BlockInfo::read
12 115 SliceSink::extend_with_fill call site: 00115 FrameDecoder::read_block
7 196 io::Result::extend_from_slice call site: 00196
4 189 SliceSink::extend_from_slice_wild call site: 00189 short_copy

Runtime coverage analysis

Covered functions
72
Functions that are reachable but not covered
5
Reachable functions
8
Percentage of reachable functions covered
37.5%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
fuzz/fuzz_targets/fuzz_roundtrip_cpp_compress.rs 8
lz4_bin/src/main.rs 7
src/block/compress.rs 4
src/frame/decompress.rs 40
src/frame/header.rs 20
src/frame/compress.rs 1
src/block/hashtable.rs 1
src/sink.rs 6
src/fastcpy.rs 5

Fuzzer: fuzz_roundtrip_cpp_decompress

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 197 96.5%
gold [1:9] 0 0.0%
yellow [10:29] 0 0.0%
greenyellow [30:49] 0 0.0%
lawngreen 50+ 7 3.43%
All colors 204 100

Fuzz blockers

The following nodes represent call sites where fuzz blockers occur.

Amount of callsites blocked Calltree index Parent function Callsite Largest blocked function
123 0 EP call site: 00000 FrameDecoder::read_to_end
59 124 SliceSink::capacity call site: 00124 BlockInfo::read
11 192 io::Result::extend_from_slice call site: 00192 FrameDecoder::read_to_end
4 185 SliceSink::extend_from_slice_wild call site: 00185 short_copy

Runtime coverage analysis

Covered functions
66
Functions that are reachable but not covered
2
Reachable functions
4
Percentage of reachable functions covered
50.0%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
fuzz/fuzz_targets/fuzz_roundtrip_cpp_decompress.rs 4
lz4_bin/src/main.rs 7
src/block/compress.rs 4
src/frame/decompress.rs 40
src/frame/header.rs 20
src/frame/compress.rs 1
src/block/hashtable.rs 1
src/sink.rs 6
src/fastcpy.rs 5

Fuzzer: fuzz_roundtrip_frame

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 115 51.3%
gold [1:9] 0 0.0%
yellow [10:29] 0 0.0%
greenyellow [30:49] 0 0.0%
lawngreen 50+ 109 48.6%
All colors 224 100

Fuzz blockers

The following nodes represent call sites where fuzz blockers occur.

Amount of callsites blocked Calltree index Parent function Callsite Largest blocked function
23 23 lz4_flex::frame::FrameEncoder::with_frame_info call site: 00023 TrackWriteSize::write
7 74 FrameInfo::read call site: 00074
7 127 FrameInfo::read call site: 00127
6 204 FrameDecoder::read_block call site: 00204
5 0 EP call site: 00000
5 14 SliceSink::extend_from_slice call site: 00014
5 63 FrameInfo::read call site: 00063
5 116 FrameInfo::read call site: 00116
4 7 SliceSink::extend_from_slice_wild call site: 00007 short_copy
4 58 FrameInfo::read call site: 00058
4 143 FrameDecoder::read_frame_info call site: 00143
3 69 FrameInfo::read call site: 00069

Runtime coverage analysis

Covered functions
130
Functions that are reachable but not covered
43
Reachable functions
74
Percentage of reachable functions covered
41.89%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
fuzz/fuzz_targets/fuzz_roundtrip_frame.rs 20
src/sink.rs 6
src/fastcpy.rs 5
src/block/compress.rs 4
src/frame/compress.rs 4
lz4_bin/src/main.rs 5
src/frame/header.rs 24
src/frame/decompress.rs 34
src/block/hashtable.rs 1

Fuzzer: fuzz_decomp_corrupt_frame

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 57 25.7%
gold [1:9] 2 0.90%
yellow [10:29] 17 7.69%
greenyellow [30:49] 1 0.45%
lawngreen 50+ 144 65.1%
All colors 221 100

Fuzz blockers

The following nodes represent call sites where fuzz blockers occur.

Amount of callsites blocked Calltree index Parent function Callsite Largest blocked function
17 203 SliceSink::extend_from_slice call site: 00203 lz4_flex_frame_decompress
9 0 EP call site: 00000 FrameDecoder::read_to_end
6 164 FrameDecoder::read_block call site: 00164
5 196 FrameDecoder::read_to_end call site: 00196
4 185 SliceSink::extend_from_slice_wild call site: 00185 short_copy
2 18 FrameInfo::read call site: 00018
2 42 FrameInfo::read call site: 00042 TrackWriteSize::write
2 105 FrameDecoder::read_frame_info call site: 00105
2 141 FrameDecoder::read_block call site: 00141
1 25 FrameInfo::read call site: 00025
1 47 FrameInfo::read call site: 00047
1 50 FrameInfo::read call site: 00050

Runtime coverage analysis

Covered functions
71
Functions that are reachable but not covered
6
Reachable functions
11
Percentage of reachable functions covered
45.45%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
fuzz/fuzz_targets/fuzz_decomp_corrupt_frame.rs 7
lz4_bin/src/main.rs 7
src/block/compress.rs 4
src/frame/decompress.rs 40
src/frame/header.rs 20
src/frame/compress.rs 1
src/block/hashtable.rs 1
src/sink.rs 6
src/fastcpy.rs 5

Fuzzer: fuzz_decomp_no_output_leak

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 25 92.5%
gold [1:9] 0 0.0%
yellow [10:29] 0 0.0%
greenyellow [30:49] 0 0.0%
lawngreen 50+ 2 7.40%
All colors 27 100

Fuzz blockers

The following nodes represent call sites where fuzz blockers occur.

Amount of callsites blocked Calltree index Parent function Callsite Largest blocked function
23 0 EP call site: 00000 short_copy
2 24 SliceSink::extend_with_fill call site: 00024

Runtime coverage analysis

Covered functions
218
Functions that are reachable but not covered
6
Reachable functions
11
Percentage of reachable functions covered
45.45%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
fuzz/fuzz_targets/fuzz_decomp_no_output_leak.rs 8
src/block/decompress.rs 1
lz4_bin/src/main.rs 5
src/block/compress.rs 2
src/fastcpy.rs 5
src/sink.rs 1

Fuzz engine guidance

This sections provides heuristics that can be used as input to a fuzz engine when running a given fuzz target. The current focus is on providing input that is usable by libFuzzer.

fuzz/fuzz_targets/fuzz_decomp_corrupt_block.rs

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['lz4_flex::frame::FrameDecoder::new', 'SliceSink::capacity', 'SliceSink::extend_with_fill', 'io::Result::extend_from_slice', 'SliceSink::extend_from_slice_wild', 'lz4_flex::block::decompress_with_dict']

fuzz/fuzz_targets/fuzz_roundtrip.rs

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['lz4_flex::decompress_size_prepended', 'super::uncompressed_size', 'lz4_flex::compress_prepend_size']

fuzz/fuzz_targets/fuzz_roundtrip_cpp_compress.rs

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['SliceSink::capacity', 'SliceSink::extend_with_fill', 'io::Result::extend_from_slice', 'SliceSink::extend_from_slice_wild']

fuzz/fuzz_targets/fuzz_roundtrip_cpp_decompress.rs

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['SliceSink::capacity', 'io::Result::extend_from_slice', 'SliceSink::extend_from_slice_wild']

fuzz/fuzz_targets/fuzz_roundtrip_frame.rs

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['lz4_flex::frame::FrameEncoder::with_frame_info', 'FrameInfo::read', 'FrameDecoder::read_block', 'SliceSink::extend_from_slice', 'SliceSink::extend_from_slice_wild']

fuzz/fuzz_targets/fuzz_decomp_corrupt_frame.rs

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['SliceSink::extend_from_slice', 'FrameDecoder::read_block', 'fuzz_target', 'SliceSink::extend_from_slice_wild', 'FrameInfo::read', 'FrameDecoder::read_frame_info']

fuzz/fuzz_targets/fuzz_decomp_no_output_leak.rs

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['SliceSink::extend_with_fill']

Files and Directories in report

This section shows which files and directories are considered in this report. The main reason for showing this is fuzz introspector may include more code in the reasoning than is desired. This section helps identify if too many files/directories are included, e.g. third party code, which may be irrelevant for the threat model. In the event too much is included, fuzz introspector supports a configuration file that can exclude data from the report. See the following link for more information on how to create a config file: link

Files in report

Source file Reached by Covered by
/src/lz4_flex/fuzz/fuzz_targets/fuzz_decomp_corrupt_frame.rs ['fuzz_decomp_corrupt_frame'] []
/src/lz4_flex/src/block/mod.rs ['fuzz_roundtrip'] ['fuzz_roundtrip']
/src/lz4_flex/src/frame/header.rs ['fuzz_decomp_corrupt_block', 'fuzz_roundtrip_cpp_compress', 'fuzz_roundtrip_cpp_decompress', 'fuzz_roundtrip_frame', 'fuzz_decomp_corrupt_frame'] ['fuzz_decomp_corrupt_block', 'fuzz_roundtrip_cpp_compress', 'fuzz_roundtrip_cpp_decompress', 'fuzz_roundtrip_frame', 'fuzz_decomp_corrupt_frame']
/src/lz4_flex/src/frame/mod.rs [] []
/src/lz4_flex/fuzz/fuzz_targets/fuzz_decomp_corrupt_block.rs ['fuzz_decomp_corrupt_block'] []
/src/lz4_flex/fuzz/fuzz_targets/fuzz_roundtrip.rs ['fuzz_roundtrip'] []
/src/lz4_flex/tests/no_alloc.rs [] []
/src/lz4_flex/fuzz/fuzz_targets/fuzz_roundtrip_frame.rs ['fuzz_roundtrip_frame'] []
/src/lz4_flex/src/block/decompress.rs ['fuzz_decomp_corrupt_block', 'fuzz_roundtrip', 'fuzz_decomp_no_output_leak'] []
/src/lz4_flex/fuzz/fuzz_targets/fuzz_decomp_no_output_leak.rs ['fuzz_roundtrip', 'fuzz_decomp_no_output_leak'] []
/src/lz4_flex/src/block/hashtable.rs ['fuzz_decomp_corrupt_block', 'fuzz_roundtrip_cpp_compress', 'fuzz_roundtrip_cpp_decompress', 'fuzz_roundtrip_frame', 'fuzz_decomp_corrupt_frame'] ['fuzz_decomp_corrupt_block', 'fuzz_roundtrip_cpp_compress', 'fuzz_roundtrip_cpp_decompress', 'fuzz_roundtrip_frame', 'fuzz_decomp_corrupt_frame']
/src/lz4_flex/fuzz/fuzz_targets/fuzz_roundtrip_cpp_compress.rs ['fuzz_roundtrip_cpp_compress'] []
/src/lz4_flex/fuzz/fuzz_targets/fuzz_roundtrip_cpp_decompress.rs ['fuzz_roundtrip_cpp_decompress'] []
/src/lz4_flex/lz4_bin/src/main.rs ['fuzz_decomp_corrupt_block', 'fuzz_roundtrip', 'fuzz_roundtrip_cpp_compress', 'fuzz_roundtrip_cpp_decompress', 'fuzz_roundtrip_frame', 'fuzz_decomp_corrupt_frame', 'fuzz_decomp_no_output_leak'] ['fuzz_decomp_corrupt_block', 'fuzz_roundtrip', 'fuzz_roundtrip_cpp_compress', 'fuzz_roundtrip_cpp_decompress', 'fuzz_roundtrip_frame', 'fuzz_decomp_corrupt_frame', 'fuzz_decomp_no_output_leak']
/src/lz4_flex/src/frame/compress.rs ['fuzz_decomp_corrupt_block', 'fuzz_roundtrip_cpp_compress', 'fuzz_roundtrip_cpp_decompress', 'fuzz_roundtrip_frame', 'fuzz_decomp_corrupt_frame'] ['fuzz_decomp_corrupt_block', 'fuzz_roundtrip_cpp_compress', 'fuzz_roundtrip_cpp_decompress', 'fuzz_roundtrip_frame', 'fuzz_decomp_corrupt_frame']
/src/lz4_flex/src/fastcpy.rs ['fuzz_decomp_corrupt_block', 'fuzz_roundtrip', 'fuzz_roundtrip_cpp_compress', 'fuzz_roundtrip_cpp_decompress', 'fuzz_roundtrip_frame', 'fuzz_decomp_corrupt_frame', 'fuzz_decomp_no_output_leak'] []
/src/lz4_flex/tests/tests.rs [] []
/src/lz4_flex/benchmarks/src/main.rs [] []
/src/lz4_flex/src/block/compress.rs ['fuzz_decomp_corrupt_block', 'fuzz_roundtrip', 'fuzz_roundtrip_cpp_compress', 'fuzz_roundtrip_cpp_decompress', 'fuzz_roundtrip_frame', 'fuzz_decomp_corrupt_frame', 'fuzz_decomp_no_output_leak'] ['fuzz_decomp_corrupt_block', 'fuzz_roundtrip', 'fuzz_roundtrip_cpp_decompress', 'fuzz_roundtrip_frame', 'fuzz_decomp_no_output_leak']
/src/lz4_flex/miri_tests/src/main.rs [] []
/src/lz4_flex/src/frame/decompress.rs ['fuzz_decomp_corrupt_block', 'fuzz_roundtrip_cpp_compress', 'fuzz_roundtrip_cpp_decompress', 'fuzz_roundtrip_frame', 'fuzz_decomp_corrupt_frame'] ['fuzz_decomp_corrupt_block', 'fuzz_roundtrip_cpp_compress', 'fuzz_roundtrip_cpp_decompress', 'fuzz_roundtrip_frame', 'fuzz_decomp_corrupt_frame']
/src/lz4_flex/src/sink.rs ['fuzz_decomp_corrupt_block', 'fuzz_roundtrip_cpp_compress', 'fuzz_roundtrip_cpp_decompress', 'fuzz_roundtrip_frame', 'fuzz_decomp_corrupt_frame', 'fuzz_decomp_no_output_leak'] ['fuzz_decomp_corrupt_block', 'fuzz_roundtrip_cpp_compress', 'fuzz_roundtrip_cpp_decompress', 'fuzz_roundtrip_frame', 'fuzz_decomp_corrupt_frame', 'fuzz_decomp_no_output_leak']
/src/lz4_flex/src/fastcpy_unsafe.rs [] []
/src/lz4_flex/benches/binggan_bench.rs [] []
/src/lz4_flex/src/block/decompress_safe.rs [] []

Directories in report

Directory
/src/lz4_flex/src/block/
/src/lz4_flex/miri_tests/src/
/src/lz4_flex/fuzz/fuzz_targets/
/src/lz4_flex/benchmarks/src/
/src/lz4_flex/lz4_bin/src/
/src/lz4_flex/src/frame/
/src/lz4_flex/src/
/src/lz4_flex/benches/
/src/lz4_flex/tests/