Fuzz introspector: mpv/fuzzers/fuzzer_json.c
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues

Fuzz blockers

The following nodes represent call sites where fuzz blockers occur.

Amount of callsites blocked Calltree index Parent function Callsite Largest blocked function
6 119 add_indent call site: {node_id} json_write_pretty
4 28 bstr_xappend call site: {node_id} mp_parse_escape
3 87 json_append_str call site: {node_id} bstr_xappend_asprintf
3 99 bstr_xappend_asprintf call site: {node_id} bstr_xappend_asprintf
3 112 write_json_str call site: {node_id} add_indent
1 0 EP call site: {node_id}
1 3 LLVMFuzzerTestOneInput call site: {node_id} json_skip_whitespace
1 5 json_skip_whitespace call site: {node_id} json_parse
1 21 bstr_splice call site: {node_id} bstr_xappend
1 25 resize_append call site: {node_id}
1 126 json_write_pretty call site: {node_id}

Fuzzer calltree

0 LLVMFuzzerTestOneInput [function] [call site] 00000
1 talloc_new [call site] 00001
1 talloc_array_ptrtype [call site] 00002
1 memcpy [call site] 00003
1 json_skip_whitespace [function] [call site] 00004
2 eat_ws [function] [call site] 00005
1 json_parse [function] [call site] 00006
2 eat_ws [function] [call site] 00007
2 strncmp [call site] 00008
2 strncmp [call site] 00009
2 strncmp [call site] 00010
2 read_str [function] [call site] 00011
3 eat_c [function] [call site] 00012
3 bstr0 [function] [call site] 00013
4 strlen [call site] 00014
3 mp_append_escaped_string [function] [call site] 00015
4 mp_append_escaped_string_noalloc [function] [call site] 00016
5 bstr_cut [function] [call site] 00017
5 bstr_splice [function] [call site] 00018
6 MPMIN [call site] 00019
6 MPMAX [call site] 00020
6 MPMAX [call site] 00021
5 bstr_xappend [function] [call site] 00022
6 resize_append [function] [call site] 00023
7 talloc_get_size [call site] 00024
7 mp_assert [call site] 00025
7 abort [call site] 00026
7 talloc_realloc_size [call site] 00027
6 memmove [call site] 00028
5 bstr_xappend [function] [call site] 00029
5 bstr_splice [function] [call site] 00030
5 bstr_cut [function] [call site] 00031
5 mp_parse_escape [function] [call site] 00032
6 bstr_xappend [function] [call site] 00033
6 bstr_cut [function] [call site] 00034
6 bstr_splice [function] [call site] 00035
6 bstrtoll [function] [call site] 00036
7 bstr_lstrip [function] [call site] 00037
8 mp_isspace [function] [call site] 00038
7 MPMIN [call site] 00039
7 memcpy [call site] 00040
7 strtoll [call site] 00041
7 bstr_cut [function] [call site] 00042
6 bstr_xappend [function] [call site] 00043
6 bstr_cut [function] [call site] 00044
6 bstr_splice [function] [call site] 00045
6 bstrtoll [function] [call site] 00046
6 bstr_cut [function] [call site] 00047
6 bstr_splice [function] [call site] 00048
6 bstrtoll [function] [call site] 00049
6 mp_append_utf8_bstr [function] [call site] 00050
7 PUT_UTF8 [call site] 00051
7 bstr_xappend [function] [call site] 00052
6 bstr_cut [function] [call site] 00053
4 bstr_xappend [function] [call site] 00054
2 read_sub [function] [call site] 00055
3 eat_c [function] [call site] 00056
3 eat_c [function] [call site] 00057
3 talloc_zero [call site] 00058
3 eat_ws [function] [call site] 00059
3 eat_c [function] [call site] 00060
3 eat_c [function] [call site] 00061
3 eat_ws [function] [call site] 00062
3 eat_c [function] [call site] 00063
3 read_id [function] [call site] 00064
4 mp_isalpha [function] [call site] 00065
5 mp_isupper [function] [call site] 00066
5 mp_islower [function] [call site] 00067
4 mp_isalnum [function] [call site] 00068
5 mp_isalpha [function] [call site] 00069
5 mp_isdigit [function] [call site] 00070
4 talloc_strndup [call site] 00071
3 read_str [function] [call site] 00072
3 eat_ws [function] [call site] 00073
3 eat_c [function] [call site] 00074
3 eat_c [function] [call site] 00075
3 eat_ws [function] [call site] 00076
3 MP_TARRAY_GROW [call site] 00077
3 MP_TARRAY_GROW [call site] 00078
3 json_parse [function] [call site] 00079
2 strtoll [call site] 00080
2 strtod [call site] 00081
2 isfinite [call site] 00082
1 talloc_strdup [call site] 00083
1 json_write [function] [call site] 00084
2 json_append_str [function] [call site] 00085
3 bstr0 [function] [call site] 00086
3 json_append [function] [call site] 00087
4 APPEND [call site] 00088
4 APPEND [call site] 00089
4 bstr_xappend_asprintf [function] [call site] 00090
5 va_start [call site] 00091
5 bstr_xappend_vasprintf [function] [call site] 00092
6 va_copy [call site] 00093
6 talloc_get_size [call site] 00094
6 vsnprintf [call site] 00095
6 va_end [call site] 00096
6 resize_append [function] [call site] 00097
6 vsnprintf [call site] 00098
5 va_end [call site] 00099
4 isfinite [call site] 00100
4 bstr_xappend_asprintf [function] [call site] 00101
4 APPEND [call site] 00102
4 write_json_str [function] [call site] 00103
5 mp_assert [call site] 00104
5 APPEND [call site] 00105
5 bstr_xappend [function] [call site] 00106
5 bstr_xappend [function] [call site] 00107
5 bstr_xappend [function] [call site] 00108
5 bstr_xappend_asprintf [function] [call site] 00109
5 bstr_xappend_asprintf [function] [call site] 00110
5 APPEND [call site] 00111
5 APPEND [call site] 00112
4 APPEND [call site] 00113
4 APPEND [call site] 00114
4 add_indent [function] [call site] 00115
5 bstr_xappend [function] [call site] 00116
5 bstr0 [function] [call site] 00117
5 bstr_xappend [function] [call site] 00118
5 bstr0 [function] [call site] 00119
4 write_json_str [function] [call site] 00120
4 APPEND [call site] 00121
4 json_append [function] [call site] 00122
4 add_indent [function] [call site] 00123
4 APPEND [call site] 00124
1 json_write_pretty [function] [call site] 00125
2 json_append_str [function] [call site] 00126
1 talloc_free [call site] 00127