Fuzz introspector: xzenc_fuzzer
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
61 61 1 :

['XzEncProps_Normalize_Fixed']

61 61 XzProps_Normalize call site: 00020 /src/lzma-fuzz/sdk/C/XzEnc.c:586
21 21 1 :

['Lzma2Dec_AllocateProbs']

21 21 Lzma2State_SetProps call site: 00000 /src/lzma-fuzz/sdk/C/XzDec.c:364
13 13 1 :

['MixCoder_ResetFromMethod']

13 17 XzDecMix_Init call site: 00259 /src/lzma-fuzz/sdk/C/XzDec.c:890
9 9 1 :

['MatchFinder_Normalize']

9 33 MatchFinder_CheckLimits call site: 00000 /src/lzma-fuzz/sdk/C/LzFind.c:375
4 4 1 :

['XzEnc_FreeOutBufs']

4 712 XzEnc_Encode call site: 00037 /src/lzma-fuzz/sdk/C/XzEnc.c:1219
0 388 2 :

['LzmaDec_DecodeReal2', 'LzmaDec_TryDummy']

0 388 LzmaDec_DecodeToDic call site: 00000 /src/lzma-fuzz/sdk/C/LzmaDec.c:929
0 269 1 :

['Lzma2Dec_DecodeToDic']

0 269 Lzma2State_Code2 call site: 00000 /src/lzma-fuzz/sdk/C/XzDec.c:392
0 5 1 :

['XzEncIndex_ReAlloc']

0 5 XzEncIndex_AddIndexRecord call site: 00208 /src/lzma-fuzz/sdk/C/XzEnc.c:180
0 2 1 :

['LzmaDec_FreeProbs']

0 2 Lzma2State_Free call site: 00000 /src/lzma-fuzz/sdk/C/XzDec.c:351
0 0 None 101 638 Lzma2Enc_EncodeMt1 call site: 00070 /src/lzma-fuzz/sdk/C/Lzma2Enc.c:512
0 0 None 101 587 Lzma2Enc_EncodeMt1 call site: 00071 /src/lzma-fuzz/sdk/C/Lzma2Enc.c:522
0 0 None 101 587 Lzma2Enc_EncodeMt1 call site: 00071 /src/lzma-fuzz/sdk/C/Lzma2Enc.c:538

Fuzzer calltree

0 LLVMFuzzerTestOneInput [function] [call site] 00000
1 CrcGenerateTable [function] [call site] 00001
2 CPU_Is_InOrder [function] [call site] 00002
3 x86cpuid_CheckAndRead [function] [call site] 00003
4 MyCPUID [function] [call site] 00004
4 MyCPUID [function] [call site] 00005
3 x86cpuid_GetFirm [function] [call site] 00006
1 Crc64GenerateTable [function] [call site] 00007
1 XzProps_Init [function] [call site] 00008
2 XzFilterProps_Init [function] [call site] 00009
2 Lzma2EncProps_Init [function] [call site] 00010
3 LzmaEncProps_Init [function] [call site] 00011
1 OutputBuffer::OutputBuffer() [function] [call site] 00012
1 InputBuffer::InputBuffer(unsigned char const*, unsigned long) [function] [call site] 00013
1 XzEnc_Create [function] [call site] 00014
2 XzEnc_Construct [function] [call site] 00015
3 XzEncIndex_Construct [function] [call site] 00016
3 Lzma2WithFilters_Construct [function] [call site] 00017
4 SeqInFilter_Construct [function] [call site] 00018
2 XzProps_Init [function] [call site] 00019
2 XzProps_Normalize [function] [call site] 00020
3 Lzma2EncProps_Normalize [function] [call site] 00021
4 LzmaEncProps_Normalize [function] [call site] 00022
4 LzmaEncProps_Normalize [function] [call site] 00023
3 XzEncProps_Normalize_Fixed [function] [call site] 00024
4 Lzma2EncProps_Normalize [function] [call site] 00025
4 Lzma2EncProps_Normalize [function] [call site] 00026
1 XzEnc_SetProps [function] [call site] 00027
2 XzProps_Normalize [function] [call site] 00028
1 XzEnc_SetDataSize [function] [call site] 00029
1 OutputBuffer::stream() [function] [call site] 00030
1 XzEnc_Encode [function] [call site] 00031
2 XzEncIndex_Init [function] [call site] 00032
2 XzEncIndex_PreAlloc [function] [call site] 00033
3 Xz_WriteVarInt [function] [call site] 00034
3 Xz_WriteVarInt [function] [call site] 00035
3 XzEncIndex_ReAlloc [function] [call site] 00036
2 Xz_WriteHeader [function] [call site] 00037
3 CrcCalc [function] [call site] 00038
3 WriteBytes [function] [call site] 00039
2 XzEnc_FreeOutBufs [function] [call site] 00040
2 Xz_CompressBlock [function] [call site] 00041
3 Lzma2WithFilters_Create [function] [call site] 00042
4 Lzma2Enc_Create [function] [call site] 00043
5 Lzma2EncProps_Init [function] [call site] 00044
5 Lzma2EncProps_Normalize [function] [call site] 00045
3 Lzma2Enc_SetProps [function] [call site] 00046
4 LzmaEncProps_Normalize [function] [call site] 00047
4 Lzma2EncProps_Normalize [function] [call site] 00048
3 Lzma2Enc_WriteProperties [function] [call site] 00049
4 LzmaEncProps_GetDictSize [function] [call site] 00050
5 LzmaEncProps_Normalize [function] [call site] 00051
3 XzBlock_WriteHeader [function] [call site] 00052
4 Xz_WriteVarInt [function] [call site] 00053
4 Xz_WriteVarInt [function] [call site] 00054
4 Xz_WriteVarInt [function] [call site] 00055
4 Xz_WriteVarInt [function] [call site] 00056
4 CrcCalc [function] [call site] 00057
4 WriteBytes [function] [call site] 00058
3 SeqCheckInStream_Init [function] [call site] 00059
4 XzCheck_Init [function] [call site] 00060
5 Sha256_Init [function] [call site] 00061
3 SeqInFilter_Init [function] [call site] 00062
4 BraState_SetFromMethod [function] [call site] 00063
3 XzCheck_Update [function] [call site] 00064
4 CrcUpdate [function] [call site] 00065
4 Crc64Update [function] [call site] 00066
4 Sha256_Update [function] [call site] 00067
5 Sha256_WriteByteBlock [function] [call site] 00068
3 Lzma2Enc_Encode2 [function] [call site] 00069
4 Lzma2Enc_EncodeMt1 [function] [call site] 00070
5 LzmaEnc_Create [function] [call site] 00071
6 LzmaEnc_Construct [function] [call site] 00072
7 RangeEnc_Construct [function] [call site] 00073
7 MatchFinder_Construct [function] [call site] 00074
8 MatchFinder_SetDefaultSettings [function] [call site] 00075
7 LzmaEncProps_Init [function] [call site] 00076
7 LzmaEnc_SetProps [function] [call site] 00077
8 LzmaEncProps_Normalize [function] [call site] 00078
7 LzmaEnc_FastPosInit [function] [call site] 00079
7 LzmaEnc_InitPriceTables [function] [call site] 00080
5 Lzma2EncInt_InitBlock [function] [call site] 00081
5 LimitedSeqInStream_Init [function] [call site] 00082
5 LzmaEnc_SetDataSize [function] [call site] 00083
5 LzmaEnc_PrepareForLzma2 [function] [call site] 00084
6 LzmaEnc_AllocAndInit [function] [call site] 00085
7 LzmaEnc_Alloc [function] [call site] 00086
8 RangeEnc_Alloc [function] [call site] 00087
8 LzmaEnc_FreeLits [function] [call site] 00088
8 LzmaEnc_FreeLits [function] [call site] 00089
8 MatchFinder_Create [function] [call site] 00090
9 MatchFinder_Free [function] [call site] 00091
10 MatchFinder_FreeThisClassMemory [function] [call site] 00092
10 LzInWindow_Free [function] [call site] 00093
9 LzInWindow_Create [function] [call site] 00094
10 LzInWindow_Free [function] [call site] 00095
9 MatchFinder_FreeThisClassMemory [function] [call site] 00096
9 AllocRefs [function] [call site] 00097
9 MatchFinder_Free [function] [call site] 00098
8 MatchFinder_CreateVTable [function] [call site] 00099
7 LzmaEnc_Init [function] [call site] 00100
8 RangeEnc_Init [function] [call site] 00101
8 LenEnc_Init [function] [call site] 00102
8 LenEnc_Init [function] [call site] 00103
7 LzmaEnc_InitPrices [function] [call site] 00104
8 FillDistancesPrices [function] [call site] 00105
8 FillAlignPrices [function] [call site] 00106
8 LenPriceEnc_UpdateTables [function] [call site] 00107
9 SetPrices_3 [function] [call site] 00108
9 SetPrices_3 [function] [call site] 00109
8 LenPriceEnc_UpdateTables [function] [call site] 00110
5 LzmaEnc_MemPrepare [function] [call site] 00111
6 LzmaEnc_SetInputBuf [function] [call site] 00112
6 LzmaEnc_SetDataSize [function] [call site] 00113
6 LzmaEnc_AllocAndInit [function] [call site] 00114
5 Lzma2EncInt_EncodeSubblock [function] [call site] 00115
6 LzmaEnc_SaveState [function] [call site] 00116
6 LzmaEnc_CodeOneMemBlock [function] [call site] 00117
7 LzmaEnc_Init [function] [call site] 00118
7 LzmaEnc_InitPrices [function] [call site] 00119
7 RangeEnc_Init [function] [call site] 00120
7 LzmaEnc_CodeOneBlock [function] [call site] 00121
8 CheckErrors [function] [call site] 00122
8 Flush [function] [call site] 00123
9 WriteEndMarker [function] [call site] 00124
10 RangeEnc_ShiftLow [function] [call site] 00125
11 RangeEnc_FlushStream [function] [call site] 00126
11 RangeEnc_FlushStream [function] [call site] 00127
10 RangeEnc_ShiftLow [function] [call site] 00128
10 LenEnc_Encode [function] [call site] 00129
11 RangeEnc_ShiftLow [function] [call site] 00130
11 RangeEnc_ShiftLow [function] [call site] 00131
11 LitEnc_Encode [function] [call site] 00132
12 RangeEnc_ShiftLow [function] [call site] 00133
11 RangeEnc_ShiftLow [function] [call site] 00134
11 RangeEnc_ShiftLow [function] [call site] 00135
11 RangeEnc_ShiftLow [function] [call site] 00136
11 RangeEnc_ShiftLow [function] [call site] 00137
10 RangeEnc_ShiftLow [function] [call site] 00138
10 RangeEnc_ShiftLow [function] [call site] 00139
10 RangeEnc_ShiftLow [function] [call site] 00140
9 RangeEnc_FlushData [function] [call site] 00141
10 RangeEnc_ShiftLow [function] [call site] 00142
9 RangeEnc_FlushStream [function] [call site] 00143
9 CheckErrors [function] [call site] 00144
8 ReadMatchDistances [function] [call site] 00145
8 RangeEnc_EncodeBit_0 [function] [call site] 00146
9 RangeEnc_ShiftLow [function] [call site] 00147
8 LitEnc_Encode [function] [call site] 00148
8 GetOptimumFast [function] [call site] 00149
9 ReadMatchDistances [function] [call site] 00150
9 ReadMatchDistances [function] [call site] 00151
8 GetOptimum [function] [call site] 00152
9 ReadMatchDistances [function] [call site] 00153
9 LitEnc_Matched_GetPrice [function] [call site] 00154
9 LitEnc_GetPrice [function] [call site] 00155
9 GetPrice_PureRep [function] [call site] 00156
9 ReadMatchDistances [function] [call site] 00157
9 LitEnc_Matched_GetPrice [function] [call site] 00158
9 LitEnc_GetPrice [function] [call site] 00159
9 GetPrice_PureRep [function] [call site] 00160
9 LitEnc_Matched_GetPrice [function] [call site] 00161
9 LitEnc_Matched_GetPrice [function] [call site] 00162
9 Backward [function] [call site] 00163
8 RangeEnc_ShiftLow [function] [call site] 00164
8 LitEnc_Encode [function] [call site] 00165
8 LitEnc_EncodeMatched [function] [call site] 00166
9 RangeEnc_ShiftLow [function] [call site] 00167
8 RangeEnc_ShiftLow [function] [call site] 00168
8 RangeEnc_ShiftLow [function] [call site] 00169
8 RangeEnc_ShiftLow [function] [call site] 00170
8 RangeEnc_ShiftLow [function] [call site] 00171
8 RangeEnc_ShiftLow [function] [call site] 00172
8 RangeEnc_ShiftLow [function] [call site] 00173
8 LenEnc_Encode [function] [call site] 00174
8 RangeEnc_ShiftLow [function] [call site] 00175
8 LenEnc_Encode [function] [call site] 00176
8 RangeEnc_ShiftLow [function] [call site] 00177
8 RcTree_ReverseEncode [function] [call site] 00178
9 RangeEnc_ShiftLow [function] [call site] 00179
8 RangeEnc_ShiftLow [function] [call site] 00180
8 RangeEnc_ShiftLow [function] [call site] 00181
8 RangeEnc_ShiftLow [function] [call site] 00182
8 RangeEnc_ShiftLow [function] [call site] 00183
8 RangeEnc_ShiftLow [function] [call site] 00184
8 FillAlignPrices [function] [call site] 00185
8 FillDistancesPrices [function] [call site] 00186
8 LenPriceEnc_UpdateTables [function] [call site] 00187
8 LenPriceEnc_UpdateTables [function] [call site] 00188
8 CheckErrors [function] [call site] 00189
8 Flush [function] [call site] 00190
6 LzmaEnc_GetCurBuf [function] [call site] 00191
6 LzmaEnc_RestoreState [function] [call site] 00192
5 Progress [function] [call site] 00193
5 LzmaEnc_Finish [function] [call site] 00194
3 SeqCheckInStream_GetDigest [function] [call site] 00195
4 XzCheck_Final [function] [call site] 00196
5 Sha256_Final [function] [call site] 00197
6 Sha256_WriteByteBlock [function] [call site] 00198
6 Sha256_WriteByteBlock [function] [call site] 00199
6 Sha256_Init [function] [call site] 00200
3 XzFlags_GetCheckSize [function] [call site] 00201
3 WriteBytes [function] [call site] 00202
3 XzBlock_WriteHeader [function] [call site] 00203
2 WriteBytes [function] [call site] 00204
2 WriteBytes [function] [call site] 00205
2 XzEncIndex_AddIndexRecord [function] [call site] 00206
3 Xz_WriteVarInt [function] [call site] 00207
3 Xz_WriteVarInt [function] [call site] 00208
3 XzEncIndex_ReAlloc [function] [call site] 00209
2 XzEncIndex_WriteFooter [function] [call site] 00210
3 Xz_WriteVarInt [function] [call site] 00211
3 WriteBytesUpdateCrc [function] [call site] 00212
4 CrcUpdate [function] [call site] 00213
4 WriteBytes [function] [call site] 00214
3 WriteBytesUpdateCrc [function] [call site] 00215
3 CrcUpdate [function] [call site] 00216
3 CrcCalc [function] [call site] 00217
3 WriteBytes [function] [call site] 00218
1 __assert_fail [call site] 00219
1 XzDecMtProps_Init [function] [call site] 00220
1 OutputBuffer::OutputBuffer() [function] [call site] 00221
1 OutputBuffer::data() const [function] [call site] 00222
1 XzDecMt_Create [function] [call site] 00223
2 AlignOffsetAlloc_CreateVTable [function] [call site] 00224
2 XzUnpacker_Construct [function] [call site] 00225
3 MixCoder_Construct [function] [call site] 00226
3 XzUnpacker_Init [function] [call site] 00227
2 XzDecMtProps_Init [function] [call site] 00228
1 OutputBuffer::stream() [function] [call site] 00229
1 InputBuffer::stream() [function] [call site] 00230
1 XzDecMt_Decode [function] [call site] 00231
2 XzStatInfo_Clear [function] [call site] 00232
2 XzUnpacker_Init [function] [call site] 00233
2 XzDecMt_Decode_ST [function] [call site] 00234
3 XzUnpacker_SetOutBuf [function] [call site] 00235
3 XzUnpacker_Code [function] [call site] 00236
4 MixCoder_Code [function] [call site] 00237
4 XzCheck_Update [function] [call site] 00238
4 XzFlags_GetCheckSize [function] [call site] 00239
4 XzUnpacker_UpdateIndex [function] [call site] 00240
5 Xz_WriteVarInt [function] [call site] 00241
5 Xz_WriteVarInt [function] [call site] 00242
5 Sha256_Update [function] [call site] 00243
4 Xz_ParseHeader [function] [call site] 00244
5 CrcCalc [function] [call site] 00245
4 Sha256_Init [function] [call site] 00246
4 Xz_WriteVarInt [function] [call site] 00247
4 Sha256_Final [function] [call site] 00248
4 Sha256_Init [function] [call site] 00249
4 CrcUpdate [function] [call site] 00250
4 XzBlock_Parse [function] [call site] 00251
5 CrcCalc [function] [call site] 00252
5 Xz_ReadVarInt [function] [call site] 00253
5 Xz_ReadVarInt [function] [call site] 00254
5 Xz_ReadVarInt [function] [call site] 00255
5 Xz_ReadVarInt [function] [call site] 00256
4 XzBlock_AreSupportedFilters [function] [call site] 00257
4 XzCheck_Init [function] [call site] 00258
4 XzDecMix_Init [function] [call site] 00259
5 MixCoder_Free [function] [call site] 00260
5 MixCoder_SetFromMethod [function] [call site] 00261
6 Lzma2State_SetFromMethod [function] [call site] 00262
6 BraState_SetFromMethod [function] [call site] 00263
5 MixCoder_ResetFromMethod [function] [call site] 00264
6 Lzma2State_ResetOutBuf [function] [call site] 00265
5 MixCoder_Init [function] [call site] 00266
4 XzFlags_GetCheckSize [function] [call site] 00267
4 XzCheck_Final [function] [call site] 00268
4 memcmp [call site] 00269
4 CrcUpdate [function] [call site] 00270
4 Sha256_Update [function] [call site] 00271
4 Sha256_Final [function] [call site] 00272
4 memcmp [call site] 00273
4 Xz_CheckFooter [function] [call site] 00274
5 CrcCalc [function] [call site] 00275
2 XzStatInfo_SetStat [function] [call site] 00276
3 XzUnpacker_GetExtraSize [function] [call site] 00277
3 XzUnpacker_IsStreamWasFinished [function] [call site] 00278
1 __assert_fail [call site] 00279
1 OutputBuffer::~OutputBuffer() [function] [call site] 00280
1 OutputBuffer::size() const [function] [call site] 00281
1 __assert_fail [call site] 00282
1 OutputBuffer::data() const [function] [call site] 00283
1 memcmp [call site] 00284
1 XzDecMt_Destroy [function] [call site] 00285
2 XzDecMt_FreeSt [function] [call site] 00286
3 XzUnpacker_Free [function] [call site] 00287
4 MixCoder_Free [function] [call site] 00288
1 XzEnc_Destroy [function] [call site] 00289
2 XzEnc_Free [function] [call site] 00290
3 XzEncIndex_Free [function] [call site] 00291
3 Lzma2WithFilters_Free [function] [call site] 00292
4 SeqInFilter_Free [function] [call site] 00293
4 Lzma2Enc_Destroy [function] [call site] 00294
5 LzmaEnc_Destroy [function] [call site] 00295
6 LzmaEnc_Destruct [function] [call site] 00296
7 MatchFinder_Free [function] [call site] 00297
7 LzmaEnc_FreeLits [function] [call site] 00298
7 RangeEnc_Free [function] [call site] 00299
1 OutputBuffer::~OutputBuffer() [function] [call site] 00300