Fuzz introspector
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues

Fuzzers overview

Fuzzer Fuzzer filename Functions Reached Functions unreached Fuzzer depth Files reached Basic blocks reached Cyclomatic complexity Details
mpi-submod /src/nss/out/Debug/../../fuzz/mpi_submod_target.cc 72 102 8 3 1030 405 mpi_submod_target.cc
mpi-addmod /src/nss/out/Debug/../../fuzz/mpi_addmod_target.cc 71 103 8 3 996 393 mpi_addmod_target.cc
mpi-invmod /src/nss/out/Debug/../../fuzz/mpi_invmod_target.cc 135 72 10 9 3543 1231 mpi_invmod_target.cc
mpi-div /src/nss/out/Debug/../../fuzz/mpi_div_target.cc 73 100 8 4 1297 422 mpi_div_target.cc
quickder /src/nss/out/Debug/../../fuzz/quickder_target.cc 189 7010 16 36 2772 1210 quickder_target.cc
certDN /src/nss/out/Debug/../../fuzz/certDN_target.cc 300 6865 22 49 4929 2068 certDN_target.cc
dtls-server /src/nss/out/Debug/../../fuzz/tls_server_target.cc 1971 6731 46 158 40195 16409 tls_server_target.cc
/src/nss/out/Debug/../../fuzz/mpi_addmod_target.cc /src/nss/out/Debug/../../fuzz/mpi_addmod_target.cc 71 103 8 3 996 393 mpi_addmod_target.cc
/src/nss/out/Debug/../../fuzz/mpi_sqrmod_target.cc /src/nss/out/Debug/../../fuzz/mpi_sqrmod_target.cc 75 98 8 4 1307 432 mpi_sqrmod_target.cc
/src/nss/out/Debug/../../fuzz/mpi_invmod_target.cc /src/nss/out/Debug/../../fuzz/mpi_invmod_target.cc 135 72 10 9 3543 1231 mpi_invmod_target.cc
/src/nss/out/Debug/../../fuzz/mpi_sqr_target.cc /src/nss/out/Debug/../../fuzz/mpi_sqr_target.cc 71 102 8 4 1381 377 mpi_sqr_target.cc
mpi-sqrmod /src/nss/out/Debug/../../fuzz/mpi_sqrmod_target.cc 75 98 8 4 1307 432 mpi_sqrmod_target.cc
/src/nss/out/Debug/../../fuzz/mpi_expmod_target.cc /src/nss/out/Debug/../../fuzz/mpi_expmod_target.cc 114 79 8 8 2875 982 mpi_expmod_target.cc
/src/nss/out/Debug/../../fuzz/mpi_mulmod_target.cc /src/nss/out/Debug/../../fuzz/mpi_mulmod_target.cc 78 96 8 4 1339 442 mpi_mulmod_target.cc
mpi-mulmod /src/nss/out/Debug/../../fuzz/mpi_mulmod_target.cc 78 96 8 4 1339 442 mpi_mulmod_target.cc
dtls-client-no_fuzzer_mode /src/nss/out/Debug/../../fuzz/tls_client_target.cc 1981 6726 46 156 40962 16631 tls_client_target.cc
/src/nss/out/Debug/../../fuzz/mpi_div_target.cc /src/nss/out/Debug/../../fuzz/mpi_div_target.cc 73 100 8 4 1297 422 mpi_div_target.cc
/src/nss/out/Debug/../../fuzz/pkcs8_target.cc /src/nss/out/Debug/../../fuzz/pkcs8_target.cc 852 6496 46 101 13942 5834 pkcs8_target.cc
/src/nss/out/Debug/../../fuzz/pkcs8_target.cc /src/nss/out/Debug/../../fuzz/pkcs8_target.cc 852 6496 46 101 13942 5834 pkcs8_target.cc
mpi-sub /src/nss/out/Debug/../../fuzz/mpi_sub_target.cc 61 112 8 3 806 319 mpi_sub_target.cc
mpi-mod /src/nss/out/Debug/../../fuzz/mpi_mod_target.cc 75 98 8 4 1370 447 mpi_mod_target.cc
mpi-add /src/nss/out/Debug/../../fuzz/mpi_add_target.cc 61 112 8 3 806 319 mpi_add_target.cc
mpi-sqr /src/nss/out/Debug/../../fuzz/mpi_sqr_target.cc 71 102 8 4 1381 377 mpi_sqr_target.cc
mpi-expmod /src/nss/out/Debug/../../fuzz/mpi_expmod_target.cc 114 79 8 8 2875 982 mpi_expmod_target.cc
tls-client /src/nss/out/Debug/../../fuzz/tls_client_target.cc 1951 6746 46 156 39927 16241 tls_client_target.cc
/src/nss/out/Debug/../../fuzz/mpi_submod_target.cc /src/nss/out/Debug/../../fuzz/mpi_submod_target.cc 72 102 8 3 1030 405 mpi_submod_target.cc
dtls-client /src/nss/out/Debug/../../fuzz/tls_client_target.cc 1951 6747 46 156 39923 16241 tls_client_target.cc
dtls-server-no_fuzzer_mode /src/nss/out/Debug/../../fuzz/tls_server_target.cc 2001 6710 46 158 41234 16799 tls_server_target.cc
/src/nss/out/Debug/../../fuzz/mpi_sub_target.cc /src/nss/out/Debug/../../fuzz/mpi_sub_target.cc 61 112 8 3 806 319 mpi_sub_target.cc
/src/nss/out/Debug/../../fuzz/mpi_add_target.cc /src/nss/out/Debug/../../fuzz/mpi_add_target.cc 61 112 8 3 806 319 mpi_add_target.cc
/src/nss/out/Debug/../../fuzz/mpi_mod_target.cc /src/nss/out/Debug/../../fuzz/mpi_mod_target.cc 75 98 8 4 1370 447 mpi_mod_target.cc
tls-server-no_fuzzer_mode /src/nss/out/Debug/../../fuzz/tls_server_target.cc 2001 6709 46 158 41238 16799 tls_server_target.cc
tls-server /src/nss/out/Debug/../../fuzz/tls_server_target.cc 1971 6730 46 158 40199 16409 tls_server_target.cc
/src/nss/out/Debug/../../fuzz/quickder_target.cc /src/nss/out/Debug/../../fuzz/quickder_target.cc 189 7010 16 36 2772 1210 quickder_target.cc
tls-client-no_fuzzer_mode /src/nss/out/Debug/../../fuzz/tls_client_target.cc 1981 6725 46 156 40966 16631 tls_client_target.cc
/src/nss/out/Debug/../../fuzz/certDN_target.cc /src/nss/out/Debug/../../fuzz/certDN_target.cc 300 6865 22 49 4929 2068 certDN_target.cc

Fuzzer details

Fuzzer: mpi-submod

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 48 22.8%
gold [1:9] 1 0.47%
yellow [10:29] 0 0.0%
greenyellow [30:49] 1 0.47%
lawngreen 50+ 160 76.1%
All colors 210 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
95 127 5 :

['s_mp_div_d', 'mp_clear', 's_mp_exch', 's_mp_cmp_d', 'mp_init_copy']

95 127 mp_div_d call site: 00083 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:562
30 30 1 :

['s_mp_add_3arg']

30 37 mp_add call site: 00196 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:746
30 30 1 :

['s_mp_add_3arg']

30 37 mp_sub call site: 00133 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:785
8 18 2 :

['mp_set', 'mp_zero']

8 65 mp_div call site: 00156 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:1104
0 22 1 :

['s_mp_pad']

8 280 mp_div call site: 00152 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:1091
0 7 2 :

['s_mp_alloc', 's_mp_free']

0 11 mp_copy call site: 00017 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:217
0 5 1 :

['mp_zero']

0 5 mp_mul_d call site: 00014 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:504
0 2 1 :

['s_mp_setz']

0 2 s_mp_rshd call site: 00086 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:3283
0 0 None 2 79 s_mp_mul_d call site: 00024 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:3585
0 0 None 0 41 mp_add call site: 00198 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:748
0 0 None 0 40 mp_div call site: 00188 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:1122
0 0 None 0 33 mp_div call site: 00189 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:1128

Runtime coverage analysis

Covered functions
46
Functions that are reachable but not covered
22
Reachable functions
72
Percentage of reachable functions covered
69.44%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/mpi_submod_target.cc 1
/src/nss/out/Debug/../../lib/freebl/mpi/mpi.c 48
/src/nss/out/Debug/../../fuzz/mpi_helper.cc 4

Fuzzer: mpi-addmod

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 48 23.7%
gold [1:9] 1 0.49%
yellow [10:29] 0 0.0%
greenyellow [30:49] 0 0.0%
lawngreen 50+ 153 75.7%
All colors 202 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
95 127 5 :

['s_mp_div_d', 'mp_clear', 's_mp_exch', 's_mp_cmp_d', 'mp_init_copy']

95 127 mp_div_d call site: 00083 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:562
8 18 2 :

['mp_set', 'mp_zero']

8 65 mp_div call site: 00154 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:1104
0 71 1 :

['mp_add']

0 71 mp_mod call site: 00146 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:1305
0 71 1 :

['mp_add']

0 71 mp_mod call site: 00195 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:1314
0 22 1 :

['s_mp_pad']

8 280 mp_div call site: 00150 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:1091
0 7 2 :

['s_mp_alloc', 's_mp_free']

0 11 mp_copy call site: 00017 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:217
0 5 1 :

['mp_zero']

0 5 mp_mul_d call site: 00014 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:504
0 2 1 :

['s_mp_setz']

0 2 s_mp_rshd call site: 00086 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:3283
0 0 None 2 79 s_mp_mul_d call site: 00024 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:3585
0 0 None 0 40 mp_div call site: 00186 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:1122
0 0 None 0 33 mp_div call site: 00187 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:1128
0 0 None 0 30 s_mp_div call site: 00175 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:4596

Runtime coverage analysis

Covered functions
45
Functions that are reachable but not covered
22
Reachable functions
71
Percentage of reachable functions covered
69.01%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/mpi_addmod_target.cc 1
/src/nss/out/Debug/../../lib/freebl/mpi/mpi.c 47
/src/nss/out/Debug/../../fuzz/mpi_helper.cc 4

Fuzzer: mpi-invmod

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 341 48.7%
gold [1:9] 6 0.85%
yellow [10:29] 1 0.14%
greenyellow [30:49] 1 0.14%
lawngreen 50+ 351 50.1%
All colors 700 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
580 580 1 :

['mp_exptmod_i']

580 598 mp_exptmod call site: 00302 /src/nss/out/Debug/../../lib/freebl/mpi/mpmontg.c:1144
425 431 2 :

['s_mp_invmod_even_m', 'mp_iseven']

425 431 mp_invmod call site: 00000 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:2677
30 30 1 :

['mp_neg']

30 49 mp_sub_d call site: 00645 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:465
23 23 1 :

['getIntelCacheLineSize']

23 23 s_mpi_getProcessorLineSize call site: 00304 /src/nss/out/Debug/../../lib/freebl/mpi/mpcpucache.c:691
9 9 1 :

['s_mp_mod_2d']

9 54 s_mp_div call site: 00168 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:4528
9 9 1 :

['s_mp_mod_2d']

9 9 mp_div_2d call site: 00660 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:1165
5 5 1 :

['s_mp_mul_comba_16']

5 14 s_mp_mulg call site: 00227 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:870
5 5 1 :

['s_mp_mul_comba_32']

5 14 s_mp_mulg call site: 00228 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:874
5 5 1 :

['s_mp_sqr_comba_16']

5 14 mp_sqr call site: 00268 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:1008
5 5 1 :

['s_mp_sqr_comba_32']

5 14 mp_sqr call site: 00269 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:1012
0 249 2 :

['mp_init', 'mp_mod']

580 1482 mp_exptmod call site: 00291 /src/nss/out/Debug/../../lib/freebl/mpi/mpmontg.c:1053
0 213 2 :

['mp_to_mont', 'mp_set']

4 3250 mp_exptmod_safe_i call site: 00357 /src/nss/out/Debug/../../lib/freebl/mpi/mpmontg.c:894

Runtime coverage analysis

Covered functions
94
Functions that are reachable but not covered
39
Reachable functions
135
Percentage of reachable functions covered
71.11%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/mpi_invmod_target.cc 1
/src/nss/out/Debug/../../lib/freebl/mpi/mpi.c 67
/src/nss/out/Debug/../../fuzz/mpi_helper.cc 3
/src/nss/out/Debug/../../lib/freebl/mpi/mpprime.c 8
/src/nss/out/Debug/../../lib/freebl/mpi/mplogic.c 3
/src/nss/out/Debug/../../lib/freebl/mpi/mpmontg.c 9
/src/nss/out/Debug/../../lib/freebl/mpi/mp_comba.c 8
/src/nss/out/Debug/../../lib/freebl/mpi/mpcpucache.c 6
/src/nss/out/Debug/../../lib/freebl/mpi/mpi_amd64.c 1

Fuzzer: mpi-div

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 35 22.2%
gold [1:9] 0 0.0%
yellow [10:29] 2 1.27%
greenyellow [30:49] 1 0.63%
lawngreen 50+ 119 75.7%
All colors 157 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
95 127 5 :

['s_mp_div_d', 'mp_clear', 's_mp_exch', 's_mp_cmp_d', 'mp_init_copy']

95 127 mp_div_d call site: 00083 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:562
0 10 1 :

['mp_init_size']

0 263 mp_div call site: 00000 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:1091
0 5 1 :

['mp_zero']

0 5 mp_mul_d call site: 00014 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:504
0 2 1 :

['s_mp_setz']

0 2 s_mp_rshd call site: 00086 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:3283
0 0 None 4 67 s_mp_mulg call site: 00125 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:831
0 0 None 2 79 s_mp_mul_d call site: 00024 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:3585
0 0 None 0 303 mp_div call site: 00000 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:1083
0 0 None 0 30 mp_div call site: 00000 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:1131
0 0 None 0 30 s_mp_div call site: 00000 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:4596
0 0 None 0 9 mp_add_d call site: 00051 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:418
0 0 None 0 9 s_mp_mulg call site: 00127 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:850
0 0 None 0 9 s_mp_mulg call site: 00135 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:901

Runtime coverage analysis

Covered functions
50
Functions that are reachable but not covered
20
Reachable functions
73
Percentage of reachable functions covered
72.6%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/mpi_div_target.cc 1
/src/nss/out/Debug/../../lib/freebl/mpi/mpi.c 42
/src/nss/out/Debug/../../fuzz/mpi_helper.cc 3
/src/nss/out/Debug/../../lib/freebl/mpi/mp_comba.c 4

Fuzzer: quickder

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 304 51.6%
gold [1:9] 189 32.0%
yellow [10:29] 21 3.56%
greenyellow [30:49] 2 0.33%
lawngreen 50+ 73 12.3%
All colors 589 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
5544 7405 3 :

['PR_Assert', 'PR_Unlock', 'PR_Lock']

5544 10182 _PR_Getfd call site: 00305 /src/nspr/Debug/pr/src/io/../../../../pr/src/io/prfdcach.c:66
992 1917 4 :

['pthread_mutex_destroy', '_MD_unix_map_default_error', 'PR_Free', 'pthread_cond_destroy']

992 1917 PR_NewMonitor call site: 00265 /src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptsynch.c:528
944 1868 2 :

['PR_SetError', 'PR_WaitCondVar']

944 3729 PR_CallOnce call site: 00547 /src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prinit.c:779
933 933 1 :

['pr_ZoneFree']

933 933 PR_Free call site: 00056 /src/nspr/Debug/pr/src/malloc/../../../../pr/src/malloc/prmem.c:472
930 930 1 :

['pt_PostNotifiesFromMonitor']

1856 2785 PR_ExitMonitor call site: 00419 /src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptsynch.c:674
928 928 1 :

['pt_AttachThread']

1852 1852 PR_GetCurrentThread call site: 00008 /src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptthread.c:641
928 928 1 :

['PL_FinishArenaPool']

928 928 PORT_DestroyCheapArena call site: 00583 /src/nss/out/Debug/../../lib/util/secport.c:395
926 926 1 :

['PR_Realloc']

2800 5576 ExpandMonitorCache call site: 00256 /src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prcmon.c:120
926 926 2 :

['PR_Assert', 'fcntl']

944 946 pt_SetMethods call site: 00316 /src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptio.c:3580
924 4644 4 :

['PR_Assert', 'PR_GetCurrentThread', 'PR_Unlock', 'PR_Lock']

924 7425 PORT_ArenaAlloc_Util call site: 00499 /src/nss/out/Debug/../../lib/util/secport.c:305
924 924 1 :

['PR_Assert']

924 18290 DecodeItem call site: 00476 /src/nss/out/Debug/../../lib/util/quickder.c:622
4 4 2 :

['pthread_cond_wait', 'pthread_equal']

3702 3702 PR_EnterMonitor call site: 00380 /src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptsynch.c:615

Runtime coverage analysis

Covered functions
89
Functions that are reachable but not covered
100
Reachable functions
189
Percentage of reachable functions covered
47.09%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/quickder_target.cc 1
/src/nss/out/Debug/../../lib/util/secport.c 6
/src/nspr/Debug/lib/ds/../../../lib/ds/plarena.c 5
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prlog2.c 1
/src/nss/out/Debug/../../lib/util/quickder.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerror.c 4
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptthread.c 6
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prinit.c 4
/src/nspr/Debug/pr/src/malloc/../../../../pr/src/malloc/prmem.c 11
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prlog.c 8
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/unix.c 4
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prtime.c 5
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prprf.c 12
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptsynch.c 17
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/priometh.c 2
/src/nspr/Debug/pr/src/md/../../../../pr/src/md/prosdep.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prenv.c 3
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/linux.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/pratom.c 1
/src/nspr/Debug/pr/src/memory/../../../../pr/src/memory/prseg.c 1
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptmisc.c 2
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prtpd.c 3
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prlayer.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prinrval.c 4
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prcmon.c 2
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/unix_errors.c 2
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptio.c 11
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prfdcach.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prnetdb.c 1
/src/nspr/Debug/pr/src/linking/../../../../pr/src/linking/prlink.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prdtoa.c 1
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prmwait.c 1
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prrwlock.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerr.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerrortable.c 1
/src/nss/out/Debug/../../lib/util/secasn1u.c 1

Fuzzer: certDN

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 433 46.8%
gold [1:9] 206 22.2%
yellow [10:29] 17 1.83%
greenyellow [30:49] 0 0.0%
lawngreen 50+ 269 29.0%
All colors 925 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
5544 7405 3 :

['PR_Assert', 'PR_Unlock', 'PR_Lock']

5544 10182 _PR_Getfd call site: 00302 /src/nspr/Debug/pr/src/io/../../../../pr/src/io/prfdcach.c:66
1848 4624 3 :

['PR_Assert', 'PR_Free', 'PR_Malloc']

1848 4624 BuildArgArray call site: 00032 /src/nspr/Debug/pr/src/io/../../../../pr/src/io/prprf.c:435
1150 1150 1 :

['DecodeGroup']

1150 2998 DecodeItem call site: 00784 /src/nss/out/Debug/../../lib/util/quickder.c:715
1147 1147 1 :

['DecodeSequence']

1147 2071 DecodeItem call site: 00784 /src/nss/out/Debug/../../lib/util/quickder.c:724
1141 1141 1 :

['DecodeChoice']

1141 2065 DecodeItem call site: 00784 /src/nss/out/Debug/../../lib/util/quickder.c:705
1137 1137 1 :

['DecodeExplicit']

1137 2061 DecodeItem call site: 00784 /src/nss/out/Debug/../../lib/util/quickder.c:695
1137 1137 1 :

['DecodePointer']

1137 2061 DecodeItem call site: 00784 /src/nss/out/Debug/../../lib/util/quickder.c:703
1135 1135 1 :

['DecodeInline']

1135 2059 DecodeItem call site: 00783 /src/nss/out/Debug/../../lib/util/quickder.c:690
992 1917 4 :

['pthread_mutex_destroy', '_MD_unix_map_default_error', 'PR_Free', 'pthread_cond_destroy']

992 1917 PR_NewMonitor call site: 00262 /src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptsynch.c:528
978 978 1 :

['secoid_FindDynamicByTag']

978 978 SECOID_FindOIDByTag_Util call site: 00629 /src/nss/out/Debug/../../lib/util/secoid.c:2286
960 1889 2 :

['SECITEM_FreeItem_Util', 'PORT_ArenaRelease_Util']

960 1889 SECITEM_AllocItem_Util call site: 00663 /src/nss/out/Debug/../../lib/util/secitem.c:45
955 955 1 :

['handleHashAlgSupport']

6499 13070 SECOID_Init call site: 00470 /src/nss/out/Debug/../../lib/util/secoid.c:2182

Runtime coverage analysis

Covered functions
186
Functions that are reachable but not covered
119
Reachable functions
300
Percentage of reachable functions covered
60.33%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/certDN_target.cc 1
/src/nss/out/Debug/../../lib/util/secoid.c 8
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prenv.c 3
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prinit.c 4
/src/nspr/Debug/pr/src/malloc/../../../../pr/src/malloc/prmem.c 11
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prlog.c 8
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/unix.c 4
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prtime.c 5
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prprf.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerror.c 4
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptthread.c 6
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptsynch.c 19
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/priometh.c 2
/src/nspr/Debug/pr/src/md/../../../../pr/src/md/prosdep.c 2
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/linux.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/pratom.c 1
/src/nspr/Debug/pr/src/memory/../../../../pr/src/memory/prseg.c 1
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptmisc.c 2
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prtpd.c 3
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prlayer.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prinrval.c 4
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prcmon.c 2
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/unix_errors.c 2
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptio.c 11
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prfdcach.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prnetdb.c 1
/src/nspr/Debug/pr/src/linking/../../../../pr/src/linking/prlink.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prdtoa.c 1
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prmwait.c 1
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prrwlock.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerr.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerrortable.c 1
/src/nss/out/Debug/../../lib/util/secport.c 23
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strpbrk.c 1
/src/nss/out/Debug/../../lib/util/nssrwlk.c 4
/src/nspr/Debug/lib/ds/../../../lib/ds/plarena.c 8
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prlog2.c 1
/src/nspr/Debug/lib/ds/../../../lib/ds/plhash.c 7
/src/nss/out/Debug/../../lib/util/secitem.c 6
/src/nss/out/Debug/../../lib/certdb/alg1485.c 29
/src/nss/out/Debug/../../lib/certdb/secname.c 12
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strcase.c 2
/src/nss/out/Debug/../../lib/util/oidstring.c 1
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strlen.c 1
/src/nss/out/Debug/../../lib/util/utf8.c 4
/src/nss/out/Debug/../../lib/util/dersubr.c 2
/src/nss/out/Debug/../../lib/util/quickder.c 13
/src/nss/out/Debug/../../lib/util/secasn1u.c 1
/src/nss/out/Debug/../../lib/certdb/certdb.c 1

Fuzzer: dtls-server

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 7389 68.5%
gold [1:9] 1402 13.0%
yellow [10:29] 271 2.51%
greenyellow [30:49] 104 0.96%
lawngreen 50+ 1617 14.9%
All colors 10783 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
38038 64816 12 :

['PORT_ZFree_Util', 'PK11_SaveContextAlloc', 'PORT_SetError_Util', 'ssl_GetMacDefByAlg', 'ssl_MapLowLevelError', 'ssl_PrintBuf', 'PK11_DigestOp', 'PR_Assert', 'PK11_DigestBegin', 'PK11_DigestFinal', 'PK11_DigestKey', 'PK11_RestoreContext']

38038 64816 ssl3_ComputeHandshakeHashes call site: 07920 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:4856
16664 16664 1 :

['sftk_CreateNewSlot']

16664 17628 NSC_CreateObject call site: 00000 /src/nss/out/Debug/../../lib/softoken/pkcs11.c:4842
16543 36030 18 :

['PR_WaitCondVar', 'PR_NotifyAllCondVar', 'PR_GetCurrentThread', 'nssToken_Remove', 'nssToken_Destroy', 'PK11_InitToken', 'nssToken_GetDefaultSession', 'PR_Unlock', 'nssToken_NotifyCertsNotVisible', 'PK11Slot_GetNSSToken', 'PR_Lock', 'nssTrustDomain_UpdateCachedTokenCerts', 'nssSession_EnterMonitor', 'nssSession_ExitMonitor', 'PK11_GetSlotInfo', 'PR_IntervalNow', 'token_status_checked', 'nssToken_Refresh']

16543 36030 nssSlot_IsTokenPresent call site: 00844 /src/nss/out/Debug/../../lib/dev/devslot.c:130
15059 34280 10 :

['ssl3_ComputeHandshakeHash', 'ssl_ConsumeSignatureScheme', 'PR_Assert', 'PORT_GetError_Util', 'ssl_HashHandshakeMessage', 'ssl3_VerifySignedHashes', 'ssl_SignatureSchemeToHashType', 'ssl_CheckSignatureSchemeConsistency', 'ssl3_ComputeHandshakeHashes', 'ssl3_ConsumeHandshakeVariable']

15059 41773 ssl3_HandleCertificateVerify call site: 09634 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:10526
13440 49820 18 :

['SECKEY_GetPublicKeyType', 'PK11_PubDeriveWithKDF', 'SECKEY_CreateECPrivateKey', 'PK11_FreeSymKey', 'SECKEY_PublicKeyStrengthInBits', 'PORT_SetError_Util', 'PK11_WrapSymKey', 'PK11_KeyGen', 'ssl_MapLowLevelError', 'ssl_GetWrappingKey', 'SECKEY_PublicKeyStrength', 'PK11_GetBestKeyLength', 'SECKEY_DestroyPrivateKey', 'PK11_PubWrapSymKey', 'ssl_UnwrapSymWrappingKey', 'SECKEY_DestroyPublicKey', 'ssl_SetWrappingKey', 'PR_Assert']

13440 50754 ssl3_GetWrappingKey call site: 07182 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:6049
11713 11713 2 :

['tls13_WriteServerEchSignal', 'tls13_WriteServerEchHrrSignal']

11713 11713 ssl_ConstructServerHello call site: 05217 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:10011
10256 45188 8 :

['PORT_SetError_Util', 'ssl3_ExtConsumeHandshakeVariable', 'ssl_PrintBuf', 'ssl3_ExtSendAlert', 'ssl3_ExtConsumeHandshakeNumber', 'PR_Assert', 'ssl3_ProcessSessionTicketCommon', 'SECITEM_CompareItem_Util']

10256 45188 tls13_ServerHandlePreSharedKeyXtn call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13exthandle.c:562
9491 9491 1 :

['tls13_HandlePostHelloHandshakeMessage']

9491 16984 ssl3_HandleHandshakeMessage call site: 08119 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:12681
9472 9472 1 :

['pk11_CopyToSlot']

14211 14221 PK11_SymKeysToSameSlot call site: 06997 /src/nss/out/Debug/../../lib/pk11wrap/pk11skey.c:1490
9446 9446 3 :

['VFY_Update', 'VFY_End', 'VFY_Begin']

9446 9446 vfy_SingleShot call site: 00000 /src/nss/out/Debug/../../lib/cryptohi/secvfy.c:955
9440 12213 5 :

['PK11_GetBestSlotMultiple', 'PORT_SetError_Util', 'ssl3_Alg2Mech', 'NSSRWLock_HaveWriteLock_Util', 'PR_Assert']

9440 18338 ssl3_GenerateRSAPMS call site: 09485 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:10630
9113 9113 2 :

['findOIDinOIDSeqByTagNum', 'cert_IsIPsecOID']

10115 11965 cert_ComputeCertType call site: 02035 /src/nss/out/Debug/../../lib/certdb/certdb.c:508

Runtime coverage analysis

Covered functions
1968
Functions that are reachable but not covered
858
Reachable functions
1971
Percentage of reachable functions covered
56.47%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/tls_server_target.cc 4
/src/nss/out/Debug/../../fuzz/shared.h 1
/src/nss/out/Debug/../../lib/nss/nssinit.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prinit.c 5
/src/nspr/Debug/pr/src/malloc/../../../../pr/src/malloc/prmem.c 11
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prlog.c 8
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/unix.c 9
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prtime.c 8
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prprf.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerror.c 6
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptthread.c 6
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptsynch.c 21
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/priometh.c 6
/src/nspr/Debug/pr/src/md/../../../../pr/src/md/prosdep.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prenv.c 4
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/linux.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/pratom.c 1
/src/nspr/Debug/pr/src/memory/../../../../pr/src/memory/prseg.c 1
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptmisc.c 2
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prtpd.c 5
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prlayer.c 6
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prinrval.c 6
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prcmon.c 2
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/unix_errors.c 5
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptio.c 15
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prfdcach.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prnetdb.c 9
/src/nspr/Debug/pr/src/linking/../../../../pr/src/linking/prlink.c 9
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prdtoa.c 1
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prmwait.c 1
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prrwlock.c 10
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerr.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerrortable.c 2
/src/nss/out/Debug/../../lib/certdb/certdb.c 27
/src/nss/out/Debug/../../lib/certdb/crl.c 1
/src/nss/out/Debug/../../lib/util/secport.c 26
/src/nspr/Debug/lib/ds/../../../lib/ds/plhash.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prlog2.c 1
/src/nss/out/Debug/../../lib/util/secitem.c 15
/src/nss/out/Debug/../../lib/certhigh/ocsp.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11load.c 6
/src/nss/out/Debug/../../lib/pk11wrap/pk11util.c 28
/src/nss/out/Debug/../../lib/pk11wrap/pk11list.c 6
/src/nss/out/Debug/../../lib/util/nssrwlk.c 7
/src/nss/out/Debug/../../lib/pk11wrap/pk11pars.c 34
/src/nss/out/Debug/../../lib/util/utilpars.c 40
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strcase.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11slot.c 66
/src/nspr/Debug/lib/ds/../../../lib/ds/plarena.c 7
/src/nss/out/Debug/../../lib/pk11wrap/pk11skey.c 63
/src/nss/out/Debug/../../lib/pk11wrap/pk11obj.c 34
/src/nss/out/Debug/../../lib/dev/devtoken.c 19
/src/nss/out/Debug/../../lib/dev/devslot.c 9
/src/nss/out/Debug/../../lib/pk11wrap/dev3hack.c 10
/src/nss/out/Debug/../../lib/pk11wrap/pk11err.c 1
/src/nss/out/Debug/../../lib/pki/tdcache.c 17
/src/nss/out/Debug/../../lib/base/arena.c 16
/src/nss/out/Debug/../../lib/base/error.c 6
/src/nss/out/Debug/../../lib/base/libc.c 3
/src/nss/out/Debug/../../lib/base/hash.c 10
/src/nss/out/Debug/../../lib/pki/pkibase.c 28
/src/nss/out/Debug/../../lib/dev/devutil.c 25
/src/nss/out/Debug/../../lib/base/tracker.c 6
/src/nss/out/Debug/../../lib/base/list.c 17
/src/nss/out/Debug/../../lib/pki/certificate.c 20
/src/nss/out/Debug/../../lib/pki/pki3hack.c 20
/src/nss/out/Debug/../../lib/util/quickder.c 13
/src/nss/out/Debug/../../lib/util/secasn1u.c 3
/src/nss/out/Debug/../../lib/certdb/certxutl.c 5
/src/nss/out/Debug/../../lib/util/secoid.c 16
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strpbrk.c 1
/src/nss/out/Debug/../../lib/certdb/alg1485.c 13
/src/nss/out/Debug/../../lib/certdb/secname.c 2
/src/nss/out/Debug/../../lib/util/utf8.c 4
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strlen.c 1
/src/nss/out/Debug/../../lib/certdb/certv3.c 5
/src/nss/out/Debug/../../lib/certdb/xconst.c 1
/src/nss/out/Debug/../../lib/certdb/genname.c 4
/src/nss/out/Debug/../../lib/pk11wrap/pk11cxt.c 20
/src/nss/out/Debug/../../lib/pk11wrap/pk11mech.c 10
/src/nss/out/Debug/../../lib/base/utf8.c 3
/src/nss/out/Debug/../../lib/pk11wrap/pk11auth.c 9
/src/nss/out/Debug/../../lib/dev/ckhelper.c 4
/src/nss/out/Debug/../../lib/pki/cryptocontext.c 5
/src/nss/out/Debug/../../lib/pki/pkistore.c 18
/src/nss/out/Debug/../../lib/pki/trustdomain.c 15
/src/nss/out/Debug/../../lib/cryptohi/sechash.c 9
/src/nss/out/Debug/../../lib/certdb/polcyxtn.c 3
/src/nss/out/Debug/../../lib/certdb/xbsconst.c 1
/src/nss/out/Debug/../../lib/util/dersubr.c 3
/src/nss/out/Debug/../../lib/certdb/stanpcertdb.c 4
/src/nss/out/Debug/../../lib/pki/certdecode.c 2
/src/nss/out/Debug/../../lib/util/errstrs.c 2
/src/nss/out/Debug/../../lib/nss/nssoptions.c 2
/src/nss/out/Debug/../../lib/pk11wrap/debug_module.c 1
/src/nss/out/Debug/../../lib/pk11wrap/pk11sdr.c 1
/src/nss/out/Debug/../../lib/ssl/sslsnce.c 34
/src/nss/out/Debug/../../lib/ssl/sslnonce.c 23
/src/nss/out/Debug/../../lib/ssl/ssl3con.c 211
/src/nss/out/Debug/../../lib/ssl/sslerrstrs.c 2
/src/nspr/Debug/pr/src/memory/../../../../pr/src/memory/prshma.c 1
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/uxshm.c 1
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prmmap.c 4
/src/nss/out/Debug/../../lib/ssl/sslmutex.c 9
/src/nss/out/Debug/../../lib/ssl/unix_err.c 1
/src/nss/out/Debug/../../fuzz/tls_server_config.cc 8
/src/nss/out/Debug/../../lib/ssl/ssltrace.c 3
/src/nss/out/Debug/../../lib/freebl/det_rng.c 1
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/pripv6.c 4
/src/nss/out/Debug/../../lib/ssl/sslsock.c 47
/src/nss/out/Debug/../../lib/ssl/sslinit.c 2
/src/nss/out/Debug/../../lib/ssl/sslspec.c 13
/src/nss/out/Debug/../../lib/ssl/ssl3ext.c 28
/src/nss/out/Debug/../../lib/ssl/dtlscon.c 38
/src/nss/out/Debug/../../lib/ssl/sslsecur.c 10
/src/nss/out/Debug/../../lib/ssl/sslencode.c 25
/src/nss/out/Debug/../../lib/ssl/ssl3gthr.c 6
/src/nss/out/Debug/../../lib/ssl/ssl3exthandle.c 4
/src/nss/out/Debug/../../lib/ssl/tls13con.c 116
/src/nss/out/Debug/../../lib/ssl/tls13subcerts.c 11
/src/nss/out/Debug/../../lib/cryptohi/seckey.c 30
/src/nss/out/Debug/../../lib/ssl/tls13ech.c 31
/src/nss/out/Debug/../../lib/certhigh/certhigh.c 6
/src/nss/out/Debug/../../lib/ssl/sslprimitive.c 3
/src/nss/out/Debug/../../lib/ssl/tls13psk.c 5
/src/nss/out/Debug/../../lib/pk11wrap/pk11hpke.c 24
/src/nss/out/Debug/../../lib/ssl/sslcert.c 8
/src/nss/out/Debug/../../lib/ssl/tls13replay.c 5
/src/nss/out/Debug/../../lib/ssl/sslbloom.c 6
/src/nss/out/Debug/../../lib/base/item.c 2
/src/nss/out/Debug/../../lib/ssl/ssldef.c 3
/src/nss/out/Debug/../../fuzz/tls_socket.h 1
/src/nss/out/Debug/../../cpputil/dummy_io.h 1
/src/nss/out/Debug/../../cpputil/dummy_io.cc 1
/src/nss/out/Debug/../../fuzz/tls_common.cc 3
/src/nss/out/Debug/../../lib/ssl/dtls13con.c 19
/src/nss/out/Debug/../../lib/ssl/sslerr.c 1
/src/nss/out/Debug/../../lib/ssl/tls13hkdf.c 4
/src/nss/out/Debug/../../lib/pk11wrap/pk11kea.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11akey.c 14
/src/nss/out/Debug/../../lib/util/secasn1e.c 25
/src/nss/out/Debug/../../lib/ssl/sslgrp.c 5
/src/nss/out/Debug/../../lib/ssl/ssl3ecc.c 11
/src/nss/out/Debug/../../lib/pk11wrap/pk11cert.c 6
/src/nss/out/Debug/../../lib/util/secalgid.c 2
/src/nss/out/Debug/../../lib/cryptohi/secsign.c 2
/src/nss/out/Debug/../../lib/cryptohi/secvfy.c 16
/src/nss/out/Debug/../../lib/util/secdig.c 3
/src/nss/out/Debug/../../lib/util/derenc.c 4
/src/nss/out/Debug/../../lib/cryptohi/dsautil.c 6
/src/nss/out/Debug/../../lib/ssl/tls13exthandle.c 9
/src/nss/out/Debug/../../lib/ssl/tls13hashstate.c 2
/src/nss/out/Debug/../../lib/ssl/selfencrypt.c 5
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/praton.c 4
/src/nss/out/Debug/../../lib/certhigh/certvfy.c 1
/src/nss/out/Debug/../../lib/util/pkcs1sig.c 2
/src/nss/out/Debug/../../lib/util/sectime.c 1
/src/nss/out/Debug/../../lib/util/dertime.c 3

Fuzzer: /src/nss/out/Debug/../../fuzz/mpi_addmod_target.cc

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 30 14.8%
gold [1:9] 1 0.49%
yellow [10:29] 5 2.47%
greenyellow [30:49] 1 0.49%
lawngreen 50+ 165 81.6%
All colors 202 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
20580 92835 20 :

['SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'CERT_DestroyCertificate', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl3_HandleExtensions', 'tls13_IsPostHandshake', 'tls13_SendPostHandshakeCertificate', 'ssl_Trace', 'SECITEM_FreeItem_Util', 'CERT_DestroyCertificateList', 'SECKEY_DestroyPrivateKey', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PR_Assert', 'PORT_Free_Util', 'PK11_CloneContext', 'ssl3_ConsumeHandshakeVariable']

20580 92835 tls13_HandleCertificateRequest call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:3022
16674 123218 24 :

['SECKEY_ExtractPublicKey', 'PORT_SetError_Util', 'ssl_SignatureSchemeToAuthType', 'ssl_ConsumeSignatureScheme', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl_SetAuthKeyBits', 'tls13_IsVerifyingWithDelegatedCredential', 'PORT_GetError_Util', 'ssl_VerifySignedHashesWithPubKey', 'ssl_CheckSignatureSchemeConsistency', 'ssl_SignatureSchemeToHashType', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_ComputeHandshakeHashes', 'tls13_FatalError', 'SECKEY_DestroyPublicKey', 'tls13_AddContextToHashes', 'PR_Assert', 'ssl_HashHandshakeMessage', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'tls13_VerifyDelegatedCredential']

16674 123218 tls13_HandleCertificateVerify call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:5142
16664 16664 1 :

['sftk_CreateNewSlot']

16664 17628 NSC_CreateObject call site: 00000 /src/nss/out/Debug/../../lib/softoken/pkcs11.c:4842
16543 36030 18 :

['PR_WaitCondVar', 'PR_NotifyAllCondVar', 'PR_GetCurrentThread', 'nssToken_Remove', 'nssToken_Destroy', 'PK11_InitToken', 'nssToken_GetDefaultSession', 'PR_Unlock', 'nssToken_NotifyCertsNotVisible', 'PK11Slot_GetNSSToken', 'PR_Lock', 'nssTrustDomain_UpdateCachedTokenCerts', 'nssSession_EnterMonitor', 'nssSession_ExitMonitor', 'PK11_GetSlotInfo', 'PR_IntervalNow', 'token_status_checked', 'nssToken_Refresh']

16543 36030 nssSlot_IsTokenPresent call site: 00000 /src/nss/out/Debug/../../lib/dev/devslot.c:130
14748 88475 20 :

['ssl3_CleanupPeerCerts', 'SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'ssl_Time', 'dtls_ReceivedFirstMessageInFlight', 'SECITEM_CompareItem_Util', 'ssl_CipherSpecReleaseByEpoch', 'ssl3_HandleNoCertificate', 'SECKEY_UpdateCertPQG', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PORT_NewArena_Util', 'PR_Assert', 'tls13_HandleCertificateEntry', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'ssl3_AuthCertificate', 'PORT_ArenaAlloc_Util']

14748 88475 tls13_HandleCertificate call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:4058
13440 49820 18 :

['SECKEY_GetPublicKeyType', 'PK11_PubDeriveWithKDF', 'SECKEY_CreateECPrivateKey', 'PK11_FreeSymKey', 'SECKEY_PublicKeyStrengthInBits', 'PORT_SetError_Util', 'PK11_WrapSymKey', 'PK11_KeyGen', 'ssl_MapLowLevelError', 'ssl_GetWrappingKey', 'SECKEY_PublicKeyStrength', 'PK11_GetBestKeyLength', 'SECKEY_DestroyPrivateKey', 'PK11_PubWrapSymKey', 'ssl_UnwrapSymWrappingKey', 'SECKEY_DestroyPublicKey', 'ssl_SetWrappingKey', 'PR_Assert']

13440 50754 ssl3_GetWrappingKey call site: 00000 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:6049
11713 11713 2 :

['tls13_WriteServerEchSignal', 'tls13_WriteServerEchHrrSignal']

11713 11713 ssl_ConstructServerHello call site: 00000 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:10011
11366 15619 7 :

['tls13_ComputeEarlySecretsWithPsk', 'CERT_DupCertificate', 'tls13_RecoverWrappedSharedSecret', 'ssl_FindServerCert', 'tls13_RestoreCipherInfo', 'SECITEM_CompareItem_Util', 'ssl3_RegisterExtensionSender']

34068 135314 tls13_HandleClientHelloPart2 call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2253
11250 120798 25 :

['PK11_FreeSymKey', 'ssl_UncacheSessionID', 'SECITEM_CopyItem_Util', 'ssl3_ConsumeHandshakeNumber', 'ssl_Time', 'CERT_DupCertificate', 'PORT_SetError_Util', 'ssl_FreeSID', 'ssl_PrintBuf', 'tls13_HkdfExpandLabel', 'tls13_IsPostHandshake', 'ssl3_HandleExtensions', 'tls13_GetHash', 'ssl3_ConsumeHandshake', 'tls13_GetHashSize', 'ssl3_NewSessionID', 'getpid', 'ssl3_SetSIDSessionTicket', 'tls13_FatalError', 'PR_ntohl', 'PR_Assert', 'ssl3_FillInCachedSID', 'ssl_CacheSessionID', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable']

11250 120798 tls13_HandleNewSessionTicket call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:6149
10815 25482 10 :

['SECITEM_FreeItem_Util', 'PK11_ConcatSymKeys', 'PK11_FreeSymKey', 'getpid', 'tls13_HandleKEMKey', 'PORT_SetError_Util', 'tls13_FatalError', 'PR_Assert', 'PORT_GetError_Util', 'ssl_Trace']

10815 25482 tls13_HandleClientKeyShare call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2663
9446 9446 3 :

['VFY_Update', 'VFY_End', 'VFY_Begin']

9446 9446 vfy_SingleShot call site: 00000 /src/nss/out/Debug/../../lib/cryptohi/secvfy.c:955
8356 18110 8 :

['ssl_TicketTimeValid', 'ssl_UncacheSessionID', 'ssl3_SetupCipherSuite', 'ssl_FreeSID', 'tls13_RecoverWrappedSharedSecret', 'PR_Assert', 'PORT_GetError_Util', 'SSL_AtomicIncrementLong']

16930 46400 tls13_SetupClientHello call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:572

Runtime coverage analysis

Covered functions
2495
Functions that are reachable but not covered
15
Reachable functions
71
Percentage of reachable functions covered
78.87%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/mpi_addmod_target.cc 1
/src/nss/out/Debug/../../lib/freebl/mpi/mpi.c 47
/src/nss/out/Debug/../../fuzz/mpi_helper.cc 4

Fuzzer: /src/nss/out/Debug/../../fuzz/mpi_sqrmod_target.cc

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 39 19.0%
gold [1:9] 1 0.48%
yellow [10:29] 5 2.43%
greenyellow [30:49] 1 0.48%
lawngreen 50+ 159 77.5%
All colors 205 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
20580 92835 20 :

['SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'CERT_DestroyCertificate', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl3_HandleExtensions', 'tls13_IsPostHandshake', 'tls13_SendPostHandshakeCertificate', 'ssl_Trace', 'SECITEM_FreeItem_Util', 'CERT_DestroyCertificateList', 'SECKEY_DestroyPrivateKey', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PR_Assert', 'PORT_Free_Util', 'PK11_CloneContext', 'ssl3_ConsumeHandshakeVariable']

20580 92835 tls13_HandleCertificateRequest call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:3022
16674 123218 24 :

['SECKEY_ExtractPublicKey', 'PORT_SetError_Util', 'ssl_SignatureSchemeToAuthType', 'ssl_ConsumeSignatureScheme', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl_SetAuthKeyBits', 'tls13_IsVerifyingWithDelegatedCredential', 'PORT_GetError_Util', 'ssl_VerifySignedHashesWithPubKey', 'ssl_CheckSignatureSchemeConsistency', 'ssl_SignatureSchemeToHashType', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_ComputeHandshakeHashes', 'tls13_FatalError', 'SECKEY_DestroyPublicKey', 'tls13_AddContextToHashes', 'PR_Assert', 'ssl_HashHandshakeMessage', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'tls13_VerifyDelegatedCredential']

16674 123218 tls13_HandleCertificateVerify call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:5142
16664 16664 1 :

['sftk_CreateNewSlot']

16664 17628 NSC_CreateObject call site: 00000 /src/nss/out/Debug/../../lib/softoken/pkcs11.c:4842
16543 36030 18 :

['PR_WaitCondVar', 'PR_NotifyAllCondVar', 'PR_GetCurrentThread', 'nssToken_Remove', 'nssToken_Destroy', 'PK11_InitToken', 'nssToken_GetDefaultSession', 'PR_Unlock', 'nssToken_NotifyCertsNotVisible', 'PK11Slot_GetNSSToken', 'PR_Lock', 'nssTrustDomain_UpdateCachedTokenCerts', 'nssSession_EnterMonitor', 'nssSession_ExitMonitor', 'PK11_GetSlotInfo', 'PR_IntervalNow', 'token_status_checked', 'nssToken_Refresh']

16543 36030 nssSlot_IsTokenPresent call site: 00000 /src/nss/out/Debug/../../lib/dev/devslot.c:130
14748 88475 20 :

['ssl3_CleanupPeerCerts', 'SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'ssl_Time', 'dtls_ReceivedFirstMessageInFlight', 'SECITEM_CompareItem_Util', 'ssl_CipherSpecReleaseByEpoch', 'ssl3_HandleNoCertificate', 'SECKEY_UpdateCertPQG', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PORT_NewArena_Util', 'PR_Assert', 'tls13_HandleCertificateEntry', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'ssl3_AuthCertificate', 'PORT_ArenaAlloc_Util']

14748 88475 tls13_HandleCertificate call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:4058
13440 49820 18 :

['SECKEY_GetPublicKeyType', 'PK11_PubDeriveWithKDF', 'SECKEY_CreateECPrivateKey', 'PK11_FreeSymKey', 'SECKEY_PublicKeyStrengthInBits', 'PORT_SetError_Util', 'PK11_WrapSymKey', 'PK11_KeyGen', 'ssl_MapLowLevelError', 'ssl_GetWrappingKey', 'SECKEY_PublicKeyStrength', 'PK11_GetBestKeyLength', 'SECKEY_DestroyPrivateKey', 'PK11_PubWrapSymKey', 'ssl_UnwrapSymWrappingKey', 'SECKEY_DestroyPublicKey', 'ssl_SetWrappingKey', 'PR_Assert']

13440 50754 ssl3_GetWrappingKey call site: 00000 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:6049
11713 11713 2 :

['tls13_WriteServerEchSignal', 'tls13_WriteServerEchHrrSignal']

11713 11713 ssl_ConstructServerHello call site: 00000 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:10011
11366 15619 7 :

['tls13_ComputeEarlySecretsWithPsk', 'CERT_DupCertificate', 'tls13_RecoverWrappedSharedSecret', 'ssl_FindServerCert', 'tls13_RestoreCipherInfo', 'SECITEM_CompareItem_Util', 'ssl3_RegisterExtensionSender']

34068 135314 tls13_HandleClientHelloPart2 call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2253
11250 120798 25 :

['PK11_FreeSymKey', 'ssl_UncacheSessionID', 'SECITEM_CopyItem_Util', 'ssl3_ConsumeHandshakeNumber', 'ssl_Time', 'CERT_DupCertificate', 'PORT_SetError_Util', 'ssl_FreeSID', 'ssl_PrintBuf', 'tls13_HkdfExpandLabel', 'tls13_IsPostHandshake', 'ssl3_HandleExtensions', 'tls13_GetHash', 'ssl3_ConsumeHandshake', 'tls13_GetHashSize', 'ssl3_NewSessionID', 'getpid', 'ssl3_SetSIDSessionTicket', 'tls13_FatalError', 'PR_ntohl', 'PR_Assert', 'ssl3_FillInCachedSID', 'ssl_CacheSessionID', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable']

11250 120798 tls13_HandleNewSessionTicket call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:6149
10815 25482 10 :

['SECITEM_FreeItem_Util', 'PK11_ConcatSymKeys', 'PK11_FreeSymKey', 'getpid', 'tls13_HandleKEMKey', 'PORT_SetError_Util', 'tls13_FatalError', 'PR_Assert', 'PORT_GetError_Util', 'ssl_Trace']

10815 25482 tls13_HandleClientKeyShare call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2663
9446 9446 3 :

['VFY_Update', 'VFY_End', 'VFY_Begin']

9446 9446 vfy_SingleShot call site: 00000 /src/nss/out/Debug/../../lib/cryptohi/secvfy.c:955
8356 18110 8 :

['ssl_TicketTimeValid', 'ssl_UncacheSessionID', 'ssl3_SetupCipherSuite', 'ssl_FreeSID', 'tls13_RecoverWrappedSharedSecret', 'PR_Assert', 'PORT_GetError_Util', 'SSL_AtomicIncrementLong']

16930 46400 tls13_SetupClientHello call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:572

Runtime coverage analysis

Covered functions
2495
Functions that are reachable but not covered
14
Reachable functions
75
Percentage of reachable functions covered
81.33%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/mpi_sqrmod_target.cc 1
/src/nss/out/Debug/../../lib/freebl/mpi/mpi.c 50
/src/nss/out/Debug/../../fuzz/mpi_helper.cc 3
/src/nss/out/Debug/../../lib/freebl/mpi/mp_comba.c 4

Fuzzer: /src/nss/out/Debug/../../fuzz/mpi_invmod_target.cc

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 296 42.2%
gold [1:9] 8 1.14%
yellow [10:29] 12 1.71%
greenyellow [30:49] 2 0.28%
lawngreen 50+ 382 54.5%
All colors 700 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
20580 92835 20 :

['SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'CERT_DestroyCertificate', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl3_HandleExtensions', 'tls13_IsPostHandshake', 'tls13_SendPostHandshakeCertificate', 'ssl_Trace', 'SECITEM_FreeItem_Util', 'CERT_DestroyCertificateList', 'SECKEY_DestroyPrivateKey', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PR_Assert', 'PORT_Free_Util', 'PK11_CloneContext', 'ssl3_ConsumeHandshakeVariable']

20580 92835 tls13_HandleCertificateRequest call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:3022
16674 123218 24 :

['SECKEY_ExtractPublicKey', 'PORT_SetError_Util', 'ssl_SignatureSchemeToAuthType', 'ssl_ConsumeSignatureScheme', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl_SetAuthKeyBits', 'tls13_IsVerifyingWithDelegatedCredential', 'PORT_GetError_Util', 'ssl_VerifySignedHashesWithPubKey', 'ssl_CheckSignatureSchemeConsistency', 'ssl_SignatureSchemeToHashType', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_ComputeHandshakeHashes', 'tls13_FatalError', 'SECKEY_DestroyPublicKey', 'tls13_AddContextToHashes', 'PR_Assert', 'ssl_HashHandshakeMessage', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'tls13_VerifyDelegatedCredential']

16674 123218 tls13_HandleCertificateVerify call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:5142
16664 16664 1 :

['sftk_CreateNewSlot']

16664 17628 NSC_CreateObject call site: 00000 /src/nss/out/Debug/../../lib/softoken/pkcs11.c:4842
16543 36030 18 :

['PR_WaitCondVar', 'PR_NotifyAllCondVar', 'PR_GetCurrentThread', 'nssToken_Remove', 'nssToken_Destroy', 'PK11_InitToken', 'nssToken_GetDefaultSession', 'PR_Unlock', 'nssToken_NotifyCertsNotVisible', 'PK11Slot_GetNSSToken', 'PR_Lock', 'nssTrustDomain_UpdateCachedTokenCerts', 'nssSession_EnterMonitor', 'nssSession_ExitMonitor', 'PK11_GetSlotInfo', 'PR_IntervalNow', 'token_status_checked', 'nssToken_Refresh']

16543 36030 nssSlot_IsTokenPresent call site: 00000 /src/nss/out/Debug/../../lib/dev/devslot.c:130
14748 88475 20 :

['ssl3_CleanupPeerCerts', 'SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'ssl_Time', 'dtls_ReceivedFirstMessageInFlight', 'SECITEM_CompareItem_Util', 'ssl_CipherSpecReleaseByEpoch', 'ssl3_HandleNoCertificate', 'SECKEY_UpdateCertPQG', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PORT_NewArena_Util', 'PR_Assert', 'tls13_HandleCertificateEntry', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'ssl3_AuthCertificate', 'PORT_ArenaAlloc_Util']

14748 88475 tls13_HandleCertificate call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:4058
13440 49820 18 :

['SECKEY_GetPublicKeyType', 'PK11_PubDeriveWithKDF', 'SECKEY_CreateECPrivateKey', 'PK11_FreeSymKey', 'SECKEY_PublicKeyStrengthInBits', 'PORT_SetError_Util', 'PK11_WrapSymKey', 'PK11_KeyGen', 'ssl_MapLowLevelError', 'ssl_GetWrappingKey', 'SECKEY_PublicKeyStrength', 'PK11_GetBestKeyLength', 'SECKEY_DestroyPrivateKey', 'PK11_PubWrapSymKey', 'ssl_UnwrapSymWrappingKey', 'SECKEY_DestroyPublicKey', 'ssl_SetWrappingKey', 'PR_Assert']

13440 50754 ssl3_GetWrappingKey call site: 00000 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:6049
11713 11713 2 :

['tls13_WriteServerEchSignal', 'tls13_WriteServerEchHrrSignal']

11713 11713 ssl_ConstructServerHello call site: 00000 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:10011
11366 15619 7 :

['tls13_ComputeEarlySecretsWithPsk', 'CERT_DupCertificate', 'tls13_RecoverWrappedSharedSecret', 'ssl_FindServerCert', 'tls13_RestoreCipherInfo', 'SECITEM_CompareItem_Util', 'ssl3_RegisterExtensionSender']

34068 135314 tls13_HandleClientHelloPart2 call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2253
11250 120798 25 :

['PK11_FreeSymKey', 'ssl_UncacheSessionID', 'SECITEM_CopyItem_Util', 'ssl3_ConsumeHandshakeNumber', 'ssl_Time', 'CERT_DupCertificate', 'PORT_SetError_Util', 'ssl_FreeSID', 'ssl_PrintBuf', 'tls13_HkdfExpandLabel', 'tls13_IsPostHandshake', 'ssl3_HandleExtensions', 'tls13_GetHash', 'ssl3_ConsumeHandshake', 'tls13_GetHashSize', 'ssl3_NewSessionID', 'getpid', 'ssl3_SetSIDSessionTicket', 'tls13_FatalError', 'PR_ntohl', 'PR_Assert', 'ssl3_FillInCachedSID', 'ssl_CacheSessionID', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable']

11250 120798 tls13_HandleNewSessionTicket call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:6149
10815 25482 10 :

['SECITEM_FreeItem_Util', 'PK11_ConcatSymKeys', 'PK11_FreeSymKey', 'getpid', 'tls13_HandleKEMKey', 'PORT_SetError_Util', 'tls13_FatalError', 'PR_Assert', 'PORT_GetError_Util', 'ssl_Trace']

10815 25482 tls13_HandleClientKeyShare call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2663
9446 9446 3 :

['VFY_Update', 'VFY_End', 'VFY_Begin']

9446 9446 vfy_SingleShot call site: 00000 /src/nss/out/Debug/../../lib/cryptohi/secvfy.c:955
8356 18110 8 :

['ssl_TicketTimeValid', 'ssl_UncacheSessionID', 'ssl3_SetupCipherSuite', 'ssl_FreeSID', 'tls13_RecoverWrappedSharedSecret', 'PR_Assert', 'PORT_GetError_Util', 'SSL_AtomicIncrementLong']

16930 46400 tls13_SetupClientHello call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:572

Runtime coverage analysis

Covered functions
2495
Functions that are reachable but not covered
25
Reachable functions
135
Percentage of reachable functions covered
81.48%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/mpi_invmod_target.cc 1
/src/nss/out/Debug/../../lib/freebl/mpi/mpi.c 67
/src/nss/out/Debug/../../fuzz/mpi_helper.cc 3
/src/nss/out/Debug/../../lib/freebl/mpi/mpprime.c 8
/src/nss/out/Debug/../../lib/freebl/mpi/mplogic.c 3
/src/nss/out/Debug/../../lib/freebl/mpi/mpmontg.c 9
/src/nss/out/Debug/../../lib/freebl/mpi/mp_comba.c 8
/src/nss/out/Debug/../../lib/freebl/mpi/mpcpucache.c 6
/src/nss/out/Debug/../../lib/freebl/mpi/mpi_amd64.c 1

Fuzzer: /src/nss/out/Debug/../../fuzz/mpi_sqr_target.cc

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 36 23.2%
gold [1:9] 0 0.0%
yellow [10:29] 1 0.64%
greenyellow [30:49] 1 0.64%
lawngreen 50+ 117 75.4%
All colors 155 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
20580 92835 20 :

['SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'CERT_DestroyCertificate', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl3_HandleExtensions', 'tls13_IsPostHandshake', 'tls13_SendPostHandshakeCertificate', 'ssl_Trace', 'SECITEM_FreeItem_Util', 'CERT_DestroyCertificateList', 'SECKEY_DestroyPrivateKey', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PR_Assert', 'PORT_Free_Util', 'PK11_CloneContext', 'ssl3_ConsumeHandshakeVariable']

20580 92835 tls13_HandleCertificateRequest call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:3022
16674 123218 24 :

['SECKEY_ExtractPublicKey', 'PORT_SetError_Util', 'ssl_SignatureSchemeToAuthType', 'ssl_ConsumeSignatureScheme', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl_SetAuthKeyBits', 'tls13_IsVerifyingWithDelegatedCredential', 'PORT_GetError_Util', 'ssl_VerifySignedHashesWithPubKey', 'ssl_CheckSignatureSchemeConsistency', 'ssl_SignatureSchemeToHashType', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_ComputeHandshakeHashes', 'tls13_FatalError', 'SECKEY_DestroyPublicKey', 'tls13_AddContextToHashes', 'PR_Assert', 'ssl_HashHandshakeMessage', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'tls13_VerifyDelegatedCredential']

16674 123218 tls13_HandleCertificateVerify call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:5142
16664 16664 1 :

['sftk_CreateNewSlot']

16664 17628 NSC_CreateObject call site: 00000 /src/nss/out/Debug/../../lib/softoken/pkcs11.c:4842
16543 36030 18 :

['PR_WaitCondVar', 'PR_NotifyAllCondVar', 'PR_GetCurrentThread', 'nssToken_Remove', 'nssToken_Destroy', 'PK11_InitToken', 'nssToken_GetDefaultSession', 'PR_Unlock', 'nssToken_NotifyCertsNotVisible', 'PK11Slot_GetNSSToken', 'PR_Lock', 'nssTrustDomain_UpdateCachedTokenCerts', 'nssSession_EnterMonitor', 'nssSession_ExitMonitor', 'PK11_GetSlotInfo', 'PR_IntervalNow', 'token_status_checked', 'nssToken_Refresh']

16543 36030 nssSlot_IsTokenPresent call site: 00000 /src/nss/out/Debug/../../lib/dev/devslot.c:130
14748 88475 20 :

['ssl3_CleanupPeerCerts', 'SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'ssl_Time', 'dtls_ReceivedFirstMessageInFlight', 'SECITEM_CompareItem_Util', 'ssl_CipherSpecReleaseByEpoch', 'ssl3_HandleNoCertificate', 'SECKEY_UpdateCertPQG', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PORT_NewArena_Util', 'PR_Assert', 'tls13_HandleCertificateEntry', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'ssl3_AuthCertificate', 'PORT_ArenaAlloc_Util']

14748 88475 tls13_HandleCertificate call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:4058
13440 49820 18 :

['SECKEY_GetPublicKeyType', 'PK11_PubDeriveWithKDF', 'SECKEY_CreateECPrivateKey', 'PK11_FreeSymKey', 'SECKEY_PublicKeyStrengthInBits', 'PORT_SetError_Util', 'PK11_WrapSymKey', 'PK11_KeyGen', 'ssl_MapLowLevelError', 'ssl_GetWrappingKey', 'SECKEY_PublicKeyStrength', 'PK11_GetBestKeyLength', 'SECKEY_DestroyPrivateKey', 'PK11_PubWrapSymKey', 'ssl_UnwrapSymWrappingKey', 'SECKEY_DestroyPublicKey', 'ssl_SetWrappingKey', 'PR_Assert']

13440 50754 ssl3_GetWrappingKey call site: 00000 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:6049
11713 11713 2 :

['tls13_WriteServerEchSignal', 'tls13_WriteServerEchHrrSignal']

11713 11713 ssl_ConstructServerHello call site: 00000 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:10011
11366 15619 7 :

['tls13_ComputeEarlySecretsWithPsk', 'CERT_DupCertificate', 'tls13_RecoverWrappedSharedSecret', 'ssl_FindServerCert', 'tls13_RestoreCipherInfo', 'SECITEM_CompareItem_Util', 'ssl3_RegisterExtensionSender']

34068 135314 tls13_HandleClientHelloPart2 call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2253
11250 120798 25 :

['PK11_FreeSymKey', 'ssl_UncacheSessionID', 'SECITEM_CopyItem_Util', 'ssl3_ConsumeHandshakeNumber', 'ssl_Time', 'CERT_DupCertificate', 'PORT_SetError_Util', 'ssl_FreeSID', 'ssl_PrintBuf', 'tls13_HkdfExpandLabel', 'tls13_IsPostHandshake', 'ssl3_HandleExtensions', 'tls13_GetHash', 'ssl3_ConsumeHandshake', 'tls13_GetHashSize', 'ssl3_NewSessionID', 'getpid', 'ssl3_SetSIDSessionTicket', 'tls13_FatalError', 'PR_ntohl', 'PR_Assert', 'ssl3_FillInCachedSID', 'ssl_CacheSessionID', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable']

11250 120798 tls13_HandleNewSessionTicket call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:6149
10815 25482 10 :

['SECITEM_FreeItem_Util', 'PK11_ConcatSymKeys', 'PK11_FreeSymKey', 'getpid', 'tls13_HandleKEMKey', 'PORT_SetError_Util', 'tls13_FatalError', 'PR_Assert', 'PORT_GetError_Util', 'ssl_Trace']

10815 25482 tls13_HandleClientKeyShare call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2663
9446 9446 3 :

['VFY_Update', 'VFY_End', 'VFY_Begin']

9446 9446 vfy_SingleShot call site: 00000 /src/nss/out/Debug/../../lib/cryptohi/secvfy.c:955
8356 18110 8 :

['ssl_TicketTimeValid', 'ssl_UncacheSessionID', 'ssl3_SetupCipherSuite', 'ssl_FreeSID', 'tls13_RecoverWrappedSharedSecret', 'PR_Assert', 'PORT_GetError_Util', 'SSL_AtomicIncrementLong']

16930 46400 tls13_SetupClientHello call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:572

Runtime coverage analysis

Covered functions
2495
Functions that are reachable but not covered
14
Reachable functions
71
Percentage of reachable functions covered
80.28%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/mpi_sqr_target.cc 1
/src/nss/out/Debug/../../lib/freebl/mpi/mpi.c 42
/src/nss/out/Debug/../../fuzz/mpi_helper.cc 3
/src/nss/out/Debug/../../lib/freebl/mpi/mp_comba.c 8

Fuzzer: mpi-sqrmod

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 131 63.9%
gold [1:9] 0 0.0%
yellow [10:29] 0 0.0%
greenyellow [30:49] 0 0.0%
lawngreen 50+ 74 36.0%
All colors 205 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
95 127 5 :

['s_mp_div_d', 'mp_clear', 's_mp_exch', 's_mp_cmp_d', 'mp_init_copy']

95 127 mp_div_d call site: 00079 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:562
2 29 3 :

['s_mp_clamp', 's_mpv_mul_set_vec64', 's_mp_pad']

2 29 s_mp_mul_d call site: 00026 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:3591
0 15 4 :

['s_mp_alloc', 's_mp_copy', 's_mp_setz', 's_mp_free']

0 15 mp_copy call site: 00017 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:204
0 5 1 :

['mp_zero']

0 5 mp_mul_d call site: 00014 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:504
0 2 1 :

['s_mp_setz']

0 2 s_mp_rshd call site: 00082 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:3279
0 0 None 2 79 s_mp_mul_d call site: 00024 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:3585
0 0 None 0 9 mp_add_d call site: 00051 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:418
0 0 None 0 9 mp_toradix call site: 00077 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:2949
0 0 None 0 9 mp_toradix call site: 00105 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:2961
0 0 4 :

['std::__1::basic_ostream >& std::__1::operator<<[abi:v180000] , std::__1::allocator >(std::__1::basic_ostream >&, std::__1::basic_string , std::__1::allocator > const&)', 'std::__1::basic_ostream >::operator<<[abi:v180000](std::__1::basic_ostream >& (*)(std::__1::basic_ostream >&))', 'std::__1::basic_ostream >& std::__1::operator<<[abi:v180000] >(std::__1::basic_ostream >&, char const*)', 'std::__1::basic_ostream >::operator<<[abi:v180000](std::__1::ios_base& (*)(std::__1::ios_base&))']

0 0 check_equal(bignum_st*,mp_int*,unsignedlong) call site: 00000 /src/nss/out/Debug/../../fuzz/mpi_helper.cc:36
0 0 None 0 0 mp_init_size call site: 00005 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:144
0 0 None 0 0 mp_init_copy call site: 00048 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:172

Runtime coverage analysis

Covered functions
32
Functions that are reachable but not covered
40
Reachable functions
75
Percentage of reachable functions covered
46.67%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/mpi_sqrmod_target.cc 1
/src/nss/out/Debug/../../lib/freebl/mpi/mpi.c 50
/src/nss/out/Debug/../../fuzz/mpi_helper.cc 3
/src/nss/out/Debug/../../lib/freebl/mpi/mp_comba.c 4

Fuzzer: /src/nss/out/Debug/../../fuzz/mpi_expmod_target.cc

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 279 44.0%
gold [1:9] 6 0.94%
yellow [10:29] 6 0.94%
greenyellow [30:49] 2 0.31%
lawngreen 50+ 341 53.7%
All colors 634 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
20580 92835 20 :

['SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'CERT_DestroyCertificate', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl3_HandleExtensions', 'tls13_IsPostHandshake', 'tls13_SendPostHandshakeCertificate', 'ssl_Trace', 'SECITEM_FreeItem_Util', 'CERT_DestroyCertificateList', 'SECKEY_DestroyPrivateKey', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PR_Assert', 'PORT_Free_Util', 'PK11_CloneContext', 'ssl3_ConsumeHandshakeVariable']

20580 92835 tls13_HandleCertificateRequest call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:3022
16674 123218 24 :

['SECKEY_ExtractPublicKey', 'PORT_SetError_Util', 'ssl_SignatureSchemeToAuthType', 'ssl_ConsumeSignatureScheme', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl_SetAuthKeyBits', 'tls13_IsVerifyingWithDelegatedCredential', 'PORT_GetError_Util', 'ssl_VerifySignedHashesWithPubKey', 'ssl_CheckSignatureSchemeConsistency', 'ssl_SignatureSchemeToHashType', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_ComputeHandshakeHashes', 'tls13_FatalError', 'SECKEY_DestroyPublicKey', 'tls13_AddContextToHashes', 'PR_Assert', 'ssl_HashHandshakeMessage', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'tls13_VerifyDelegatedCredential']

16674 123218 tls13_HandleCertificateVerify call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:5142
16664 16664 1 :

['sftk_CreateNewSlot']

16664 17628 NSC_CreateObject call site: 00000 /src/nss/out/Debug/../../lib/softoken/pkcs11.c:4842
16543 36030 18 :

['PR_WaitCondVar', 'PR_NotifyAllCondVar', 'PR_GetCurrentThread', 'nssToken_Remove', 'nssToken_Destroy', 'PK11_InitToken', 'nssToken_GetDefaultSession', 'PR_Unlock', 'nssToken_NotifyCertsNotVisible', 'PK11Slot_GetNSSToken', 'PR_Lock', 'nssTrustDomain_UpdateCachedTokenCerts', 'nssSession_EnterMonitor', 'nssSession_ExitMonitor', 'PK11_GetSlotInfo', 'PR_IntervalNow', 'token_status_checked', 'nssToken_Refresh']

16543 36030 nssSlot_IsTokenPresent call site: 00000 /src/nss/out/Debug/../../lib/dev/devslot.c:130
14748 88475 20 :

['ssl3_CleanupPeerCerts', 'SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'ssl_Time', 'dtls_ReceivedFirstMessageInFlight', 'SECITEM_CompareItem_Util', 'ssl_CipherSpecReleaseByEpoch', 'ssl3_HandleNoCertificate', 'SECKEY_UpdateCertPQG', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PORT_NewArena_Util', 'PR_Assert', 'tls13_HandleCertificateEntry', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'ssl3_AuthCertificate', 'PORT_ArenaAlloc_Util']

14748 88475 tls13_HandleCertificate call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:4058
13440 49820 18 :

['SECKEY_GetPublicKeyType', 'PK11_PubDeriveWithKDF', 'SECKEY_CreateECPrivateKey', 'PK11_FreeSymKey', 'SECKEY_PublicKeyStrengthInBits', 'PORT_SetError_Util', 'PK11_WrapSymKey', 'PK11_KeyGen', 'ssl_MapLowLevelError', 'ssl_GetWrappingKey', 'SECKEY_PublicKeyStrength', 'PK11_GetBestKeyLength', 'SECKEY_DestroyPrivateKey', 'PK11_PubWrapSymKey', 'ssl_UnwrapSymWrappingKey', 'SECKEY_DestroyPublicKey', 'ssl_SetWrappingKey', 'PR_Assert']

13440 50754 ssl3_GetWrappingKey call site: 00000 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:6049
11713 11713 2 :

['tls13_WriteServerEchSignal', 'tls13_WriteServerEchHrrSignal']

11713 11713 ssl_ConstructServerHello call site: 00000 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:10011
11366 15619 7 :

['tls13_ComputeEarlySecretsWithPsk', 'CERT_DupCertificate', 'tls13_RecoverWrappedSharedSecret', 'ssl_FindServerCert', 'tls13_RestoreCipherInfo', 'SECITEM_CompareItem_Util', 'ssl3_RegisterExtensionSender']

34068 135314 tls13_HandleClientHelloPart2 call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2253
11250 120798 25 :

['PK11_FreeSymKey', 'ssl_UncacheSessionID', 'SECITEM_CopyItem_Util', 'ssl3_ConsumeHandshakeNumber', 'ssl_Time', 'CERT_DupCertificate', 'PORT_SetError_Util', 'ssl_FreeSID', 'ssl_PrintBuf', 'tls13_HkdfExpandLabel', 'tls13_IsPostHandshake', 'ssl3_HandleExtensions', 'tls13_GetHash', 'ssl3_ConsumeHandshake', 'tls13_GetHashSize', 'ssl3_NewSessionID', 'getpid', 'ssl3_SetSIDSessionTicket', 'tls13_FatalError', 'PR_ntohl', 'PR_Assert', 'ssl3_FillInCachedSID', 'ssl_CacheSessionID', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable']

11250 120798 tls13_HandleNewSessionTicket call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:6149
10815 25482 10 :

['SECITEM_FreeItem_Util', 'PK11_ConcatSymKeys', 'PK11_FreeSymKey', 'getpid', 'tls13_HandleKEMKey', 'PORT_SetError_Util', 'tls13_FatalError', 'PR_Assert', 'PORT_GetError_Util', 'ssl_Trace']

10815 25482 tls13_HandleClientKeyShare call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2663
9446 9446 3 :

['VFY_Update', 'VFY_End', 'VFY_Begin']

9446 9446 vfy_SingleShot call site: 00000 /src/nss/out/Debug/../../lib/cryptohi/secvfy.c:955
8356 18110 8 :

['ssl_TicketTimeValid', 'ssl_UncacheSessionID', 'ssl3_SetupCipherSuite', 'ssl_FreeSID', 'tls13_RecoverWrappedSharedSecret', 'PR_Assert', 'PORT_GetError_Util', 'SSL_AtomicIncrementLong']

16930 46400 tls13_SetupClientHello call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:572

Runtime coverage analysis

Covered functions
2495
Functions that are reachable but not covered
23
Reachable functions
114
Percentage of reachable functions covered
79.82%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/mpi_expmod_target.cc 1
/src/nss/out/Debug/../../lib/freebl/mpi/mpi.c 59
/src/nss/out/Debug/../../fuzz/mpi_helper.cc 4
/src/nss/out/Debug/../../lib/freebl/mpi/mpmontg.c 9
/src/nss/out/Debug/../../lib/freebl/mpi/mp_comba.c 8
/src/nss/out/Debug/../../lib/freebl/mpi/mplogic.c 2
/src/nss/out/Debug/../../lib/freebl/mpi/mpcpucache.c 6
/src/nss/out/Debug/../../lib/freebl/mpi/mpi_amd64.c 1

Fuzzer: /src/nss/out/Debug/../../fuzz/mpi_mulmod_target.cc

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 31 14.3%
gold [1:9] 1 0.46%
yellow [10:29] 5 2.31%
greenyellow [30:49] 2 0.92%
lawngreen 50+ 177 81.9%
All colors 216 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
20580 92835 20 :

['SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'CERT_DestroyCertificate', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl3_HandleExtensions', 'tls13_IsPostHandshake', 'tls13_SendPostHandshakeCertificate', 'ssl_Trace', 'SECITEM_FreeItem_Util', 'CERT_DestroyCertificateList', 'SECKEY_DestroyPrivateKey', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PR_Assert', 'PORT_Free_Util', 'PK11_CloneContext', 'ssl3_ConsumeHandshakeVariable']

20580 92835 tls13_HandleCertificateRequest call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:3022
16674 123218 24 :

['SECKEY_ExtractPublicKey', 'PORT_SetError_Util', 'ssl_SignatureSchemeToAuthType', 'ssl_ConsumeSignatureScheme', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl_SetAuthKeyBits', 'tls13_IsVerifyingWithDelegatedCredential', 'PORT_GetError_Util', 'ssl_VerifySignedHashesWithPubKey', 'ssl_CheckSignatureSchemeConsistency', 'ssl_SignatureSchemeToHashType', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_ComputeHandshakeHashes', 'tls13_FatalError', 'SECKEY_DestroyPublicKey', 'tls13_AddContextToHashes', 'PR_Assert', 'ssl_HashHandshakeMessage', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'tls13_VerifyDelegatedCredential']

16674 123218 tls13_HandleCertificateVerify call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:5142
16664 16664 1 :

['sftk_CreateNewSlot']

16664 17628 NSC_CreateObject call site: 00000 /src/nss/out/Debug/../../lib/softoken/pkcs11.c:4842
16543 36030 18 :

['PR_WaitCondVar', 'PR_NotifyAllCondVar', 'PR_GetCurrentThread', 'nssToken_Remove', 'nssToken_Destroy', 'PK11_InitToken', 'nssToken_GetDefaultSession', 'PR_Unlock', 'nssToken_NotifyCertsNotVisible', 'PK11Slot_GetNSSToken', 'PR_Lock', 'nssTrustDomain_UpdateCachedTokenCerts', 'nssSession_EnterMonitor', 'nssSession_ExitMonitor', 'PK11_GetSlotInfo', 'PR_IntervalNow', 'token_status_checked', 'nssToken_Refresh']

16543 36030 nssSlot_IsTokenPresent call site: 00000 /src/nss/out/Debug/../../lib/dev/devslot.c:130
14748 88475 20 :

['ssl3_CleanupPeerCerts', 'SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'ssl_Time', 'dtls_ReceivedFirstMessageInFlight', 'SECITEM_CompareItem_Util', 'ssl_CipherSpecReleaseByEpoch', 'ssl3_HandleNoCertificate', 'SECKEY_UpdateCertPQG', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PORT_NewArena_Util', 'PR_Assert', 'tls13_HandleCertificateEntry', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'ssl3_AuthCertificate', 'PORT_ArenaAlloc_Util']

14748 88475 tls13_HandleCertificate call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:4058
13440 49820 18 :

['SECKEY_GetPublicKeyType', 'PK11_PubDeriveWithKDF', 'SECKEY_CreateECPrivateKey', 'PK11_FreeSymKey', 'SECKEY_PublicKeyStrengthInBits', 'PORT_SetError_Util', 'PK11_WrapSymKey', 'PK11_KeyGen', 'ssl_MapLowLevelError', 'ssl_GetWrappingKey', 'SECKEY_PublicKeyStrength', 'PK11_GetBestKeyLength', 'SECKEY_DestroyPrivateKey', 'PK11_PubWrapSymKey', 'ssl_UnwrapSymWrappingKey', 'SECKEY_DestroyPublicKey', 'ssl_SetWrappingKey', 'PR_Assert']

13440 50754 ssl3_GetWrappingKey call site: 00000 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:6049
11713 11713 2 :

['tls13_WriteServerEchSignal', 'tls13_WriteServerEchHrrSignal']

11713 11713 ssl_ConstructServerHello call site: 00000 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:10011
11366 15619 7 :

['tls13_ComputeEarlySecretsWithPsk', 'CERT_DupCertificate', 'tls13_RecoverWrappedSharedSecret', 'ssl_FindServerCert', 'tls13_RestoreCipherInfo', 'SECITEM_CompareItem_Util', 'ssl3_RegisterExtensionSender']

34068 135314 tls13_HandleClientHelloPart2 call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2253
11250 120798 25 :

['PK11_FreeSymKey', 'ssl_UncacheSessionID', 'SECITEM_CopyItem_Util', 'ssl3_ConsumeHandshakeNumber', 'ssl_Time', 'CERT_DupCertificate', 'PORT_SetError_Util', 'ssl_FreeSID', 'ssl_PrintBuf', 'tls13_HkdfExpandLabel', 'tls13_IsPostHandshake', 'ssl3_HandleExtensions', 'tls13_GetHash', 'ssl3_ConsumeHandshake', 'tls13_GetHashSize', 'ssl3_NewSessionID', 'getpid', 'ssl3_SetSIDSessionTicket', 'tls13_FatalError', 'PR_ntohl', 'PR_Assert', 'ssl3_FillInCachedSID', 'ssl_CacheSessionID', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable']

11250 120798 tls13_HandleNewSessionTicket call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:6149
10815 25482 10 :

['SECITEM_FreeItem_Util', 'PK11_ConcatSymKeys', 'PK11_FreeSymKey', 'getpid', 'tls13_HandleKEMKey', 'PORT_SetError_Util', 'tls13_FatalError', 'PR_Assert', 'PORT_GetError_Util', 'ssl_Trace']

10815 25482 tls13_HandleClientKeyShare call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2663
9446 9446 3 :

['VFY_Update', 'VFY_End', 'VFY_Begin']

9446 9446 vfy_SingleShot call site: 00000 /src/nss/out/Debug/../../lib/cryptohi/secvfy.c:955
8356 18110 8 :

['ssl_TicketTimeValid', 'ssl_UncacheSessionID', 'ssl3_SetupCipherSuite', 'ssl_FreeSID', 'tls13_RecoverWrappedSharedSecret', 'PR_Assert', 'PORT_GetError_Util', 'SSL_AtomicIncrementLong']

16930 46400 tls13_SetupClientHello call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:572

Runtime coverage analysis

Covered functions
2495
Functions that are reachable but not covered
16
Reachable functions
78
Percentage of reachable functions covered
79.49%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/mpi_mulmod_target.cc 1
/src/nss/out/Debug/../../lib/freebl/mpi/mpi.c 49
/src/nss/out/Debug/../../fuzz/mpi_helper.cc 4
/src/nss/out/Debug/../../lib/freebl/mpi/mp_comba.c 4

Fuzzer: mpi-mulmod

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 56 25.9%
gold [1:9] 0 0.0%
yellow [10:29] 1 0.46%
greenyellow [30:49] 0 0.0%
lawngreen 50+ 159 73.6%
All colors 216 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
95 127 5 :

['s_mp_div_d', 'mp_clear', 's_mp_exch', 's_mp_cmp_d', 'mp_init_copy']

95 127 mp_div_d call site: 00083 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:562
71 71 1 :

['mp_add']

71 71 mp_mod call site: 00150 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:1305
71 71 1 :

['mp_add']

71 71 mp_mod call site: 00209 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:1314
8 18 2 :

['mp_set', 'mp_zero']

8 65 mp_div call site: 00158 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:1104
0 22 1 :

['s_mp_pad']

8 280 mp_div call site: 00154 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:1091
0 13 1 :

['mp_init_copy']

4 80 s_mp_mulg call site: 00134 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:834
0 7 2 :

['s_mp_alloc', 's_mp_free']

0 11 mp_copy call site: 00017 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:217
0 5 1 :

['mp_zero']

0 5 mp_mul_d call site: 00014 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:504
0 2 1 :

['s_mp_setz']

0 2 s_mp_rshd call site: 00086 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:3283
0 0 None 4 80 s_mp_mulg call site: 00133 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:828
0 0 None 2 79 s_mp_mul_d call site: 00024 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:3585
0 0 None 0 40 mp_div call site: 00190 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:1122

Runtime coverage analysis

Covered functions
49
Functions that are reachable but not covered
25
Reachable functions
78
Percentage of reachable functions covered
67.95%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/mpi_mulmod_target.cc 1
/src/nss/out/Debug/../../lib/freebl/mpi/mpi.c 49
/src/nss/out/Debug/../../fuzz/mpi_helper.cc 4
/src/nss/out/Debug/../../lib/freebl/mpi/mp_comba.c 4

Fuzzer: dtls-client-no_fuzzer_mode

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 7660 69.9%
gold [1:9] 325 2.96%
yellow [10:29] 67 0.61%
greenyellow [30:49] 29 0.26%
lawngreen 50+ 2873 26.2%
All colors 10954 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
38038 64816 12 :

['PORT_ZFree_Util', 'PK11_SaveContextAlloc', 'PORT_SetError_Util', 'ssl_GetMacDefByAlg', 'ssl_MapLowLevelError', 'ssl_PrintBuf', 'PK11_DigestOp', 'PR_Assert', 'PK11_DigestBegin', 'PK11_DigestFinal', 'PK11_DigestKey', 'PK11_RestoreContext']

38038 64816 ssl3_ComputeHandshakeHashes call site: 08070 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:4856
24621 54690 18 :

['PR_EnterMonitor', 'ssl3_SendNewSessionTicket', 'ssl3_HandshakeFailure', 'ssl3_SendNextProto', 'ssl3_FinishHandshake', 'PR_GetCurrentThread', 'ssl3_SendChangeCipherSpecs', 'PR_ExitMonitor', 'ssl3_IllegalParameter', 'ssl3_ExtensionNegotiated', 'ssl3_KEASupportsTickets', 'PR_Assert', 'ssl_HashHandshakeMessage', 'ssl3_SendFinished', 'ssl3_ComputeTLSFinished', 'NSS_SecureMemcmp', 'dtls_ReceivedFirstMessageInFlight', 'ssl3_ComputeHandshakeHashes']

24621 60234 ssl3_HandleFinished call site: 09922 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:12275
16664 16664 1 :

['sftk_CreateNewSlot']

16664 17628 NSC_CreateObject call site: 00000 /src/nss/out/Debug/../../lib/softoken/pkcs11.c:4842
16543 36030 18 :

['PR_WaitCondVar', 'PR_NotifyAllCondVar', 'PR_GetCurrentThread', 'nssToken_Remove', 'nssToken_Destroy', 'PK11_InitToken', 'nssToken_GetDefaultSession', 'PR_Unlock', 'nssToken_NotifyCertsNotVisible', 'PK11Slot_GetNSSToken', 'PR_Lock', 'nssTrustDomain_UpdateCachedTokenCerts', 'nssSession_EnterMonitor', 'nssSession_ExitMonitor', 'PK11_GetSlotInfo', 'PR_IntervalNow', 'token_status_checked', 'nssToken_Refresh']

16543 36030 nssSlot_IsTokenPresent call site: 00843 /src/nss/out/Debug/../../lib/dev/devslot.c:130
9913 38570 16 :

['PK11_DeriveWithFlags', 'PK11_FreeSymKey', 'PK11_FreeSlot', 'PK11_GetBestSlot', 'PK11_KeyGen', 'strlen', 'PK11_GetKeyData', 'sslBuffer_AppendVariable', 'tls13_PadChInner', 'PR_Assert', 'ssl3_EmplaceExtension', 'sslBuffer_AppendNumber', 'sslBuffer_Clear', 'PK11_ExtractKeyValue', 'tls13_ConstructInnerExtensionsFromOuter', 'tls13_EncodeClientHelloInner']

9913 38570 tls13_MaybeGreaseEch call site: 08631 /src/nss/out/Debug/../../lib/ssl/tls13ech.c:2148
9491 9491 1 :

['tls13_HandlePostHelloHandshakeMessage']

9491 16984 ssl3_HandleHandshakeMessage call site: 08268 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:12681
8210 8210 1 :

['tls13_HandleHelloRetryRequest']

8210 9154 ssl3_HandleServerHello call site: 08337 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:7226
8134 9992 4 :

['KEA_Verify', 'SECITEM_ZfreeItem_Util', 'sftk_Attribute2SecItem', 'sftk_VerifyDH_Prime']

8134 13735 sftk_PairwiseConsistencyCheck call site: 00000 /src/nss/out/Debug/../../lib/softoken/pkcs11c.c:5255
7501 7506 3 :

['PR_Assert', 'tls13_RandomGreaseValue', 'ssl3_ExtensionAdvertised']

7501 7506 tls13_MaybeGreaseExtensionType call site: 05227 /src/nss/out/Debug/../../lib/ssl/tls13con.c:7175
7218 18034 10 :

['NSSUTIL_ArgGetParamValue', 'NSS_OptionSet', 'PR_SetEnv', 'SECOID_Init', 'NSSUTIL_ArgHasFlag', 'secmod_applyCryptoPolicy', 'NSS_OptionGet', 'PORT_Free_Util', 'secmod_sanityCheckCryptoPolicy', 'NSS_LockPolicy']

7218 18034 secmod_parseCryptoPolicy call site: 02530 /src/nss/out/Debug/../../lib/pk11wrap/pk11pars.c:865
6931 6931 1 :

['tls13_SetupClientHello']

40798 71932 ssl3_SendClientHello call site: 08469 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:5567
6721 6721 3 :

['dtls13_HandleOutOfEpochRecord', 'ssl_Trace', 'getpid']

14228 45936 ssl3_HandleRecord call site: 05981 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:13710

Runtime coverage analysis

Covered functions
1792
Functions that are reachable but not covered
926
Reachable functions
1981
Percentage of reachable functions covered
53.26%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/tls_client_target.cc 6
/src/nss/out/Debug/../../fuzz/shared.h 1
/src/nss/out/Debug/../../lib/nss/nssinit.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prinit.c 5
/src/nspr/Debug/pr/src/malloc/../../../../pr/src/malloc/prmem.c 11
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prlog.c 8
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/unix.c 5
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prtime.c 8
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prprf.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerror.c 5
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptthread.c 6
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptsynch.c 21
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/priometh.c 4
/src/nspr/Debug/pr/src/md/../../../../pr/src/md/prosdep.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prenv.c 4
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/linux.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/pratom.c 1
/src/nspr/Debug/pr/src/memory/../../../../pr/src/memory/prseg.c 1
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptmisc.c 2
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prtpd.c 5
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prlayer.c 6
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prinrval.c 6
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prcmon.c 2
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/unix_errors.c 2
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptio.c 12
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prfdcach.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prnetdb.c 9
/src/nspr/Debug/pr/src/linking/../../../../pr/src/linking/prlink.c 9
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prdtoa.c 1
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prmwait.c 1
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prrwlock.c 10
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerr.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerrortable.c 2
/src/nss/out/Debug/../../lib/certdb/certdb.c 27
/src/nss/out/Debug/../../lib/certdb/crl.c 1
/src/nss/out/Debug/../../lib/util/secport.c 26
/src/nspr/Debug/lib/ds/../../../lib/ds/plhash.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prlog2.c 1
/src/nss/out/Debug/../../lib/util/secitem.c 15
/src/nss/out/Debug/../../lib/certhigh/ocsp.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11load.c 6
/src/nss/out/Debug/../../lib/pk11wrap/pk11util.c 28
/src/nss/out/Debug/../../lib/pk11wrap/pk11list.c 6
/src/nss/out/Debug/../../lib/util/nssrwlk.c 7
/src/nss/out/Debug/../../lib/pk11wrap/pk11pars.c 34
/src/nss/out/Debug/../../lib/util/utilpars.c 40
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strcase.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11slot.c 66
/src/nspr/Debug/lib/ds/../../../lib/ds/plarena.c 7
/src/nss/out/Debug/../../lib/pk11wrap/pk11skey.c 63
/src/nss/out/Debug/../../lib/pk11wrap/pk11obj.c 37
/src/nss/out/Debug/../../lib/dev/devtoken.c 19
/src/nss/out/Debug/../../lib/dev/devslot.c 9
/src/nss/out/Debug/../../lib/pk11wrap/dev3hack.c 10
/src/nss/out/Debug/../../lib/pk11wrap/pk11err.c 1
/src/nss/out/Debug/../../lib/pki/tdcache.c 17
/src/nss/out/Debug/../../lib/base/arena.c 16
/src/nss/out/Debug/../../lib/base/error.c 6
/src/nss/out/Debug/../../lib/base/libc.c 3
/src/nss/out/Debug/../../lib/base/hash.c 10
/src/nss/out/Debug/../../lib/pki/pkibase.c 28
/src/nss/out/Debug/../../lib/dev/devutil.c 25
/src/nss/out/Debug/../../lib/base/tracker.c 6
/src/nss/out/Debug/../../lib/base/list.c 17
/src/nss/out/Debug/../../lib/pki/certificate.c 20
/src/nss/out/Debug/../../lib/pki/pki3hack.c 20
/src/nss/out/Debug/../../lib/util/quickder.c 13
/src/nss/out/Debug/../../lib/util/secasn1u.c 3
/src/nss/out/Debug/../../lib/certdb/certxutl.c 5
/src/nss/out/Debug/../../lib/util/secoid.c 16
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strpbrk.c 1
/src/nss/out/Debug/../../lib/certdb/alg1485.c 13
/src/nss/out/Debug/../../lib/certdb/secname.c 2
/src/nss/out/Debug/../../lib/util/utf8.c 4
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strlen.c 1
/src/nss/out/Debug/../../lib/certdb/certv3.c 5
/src/nss/out/Debug/../../lib/certdb/xconst.c 1
/src/nss/out/Debug/../../lib/certdb/genname.c 4
/src/nss/out/Debug/../../lib/pk11wrap/pk11cxt.c 24
/src/nss/out/Debug/../../lib/pk11wrap/pk11mech.c 10
/src/nss/out/Debug/../../lib/base/utf8.c 3
/src/nss/out/Debug/../../lib/pk11wrap/pk11auth.c 9
/src/nss/out/Debug/../../lib/dev/ckhelper.c 4
/src/nss/out/Debug/../../lib/pki/cryptocontext.c 5
/src/nss/out/Debug/../../lib/pki/pkistore.c 18
/src/nss/out/Debug/../../lib/pki/trustdomain.c 15
/src/nss/out/Debug/../../lib/cryptohi/sechash.c 9
/src/nss/out/Debug/../../lib/certdb/polcyxtn.c 3
/src/nss/out/Debug/../../lib/certdb/xbsconst.c 1
/src/nss/out/Debug/../../lib/util/dersubr.c 3
/src/nss/out/Debug/../../lib/certdb/stanpcertdb.c 4
/src/nss/out/Debug/../../lib/pki/certdecode.c 2
/src/nss/out/Debug/../../lib/util/errstrs.c 2
/src/nss/out/Debug/../../lib/nss/nssoptions.c 2
/src/nss/out/Debug/../../lib/pk11wrap/debug_module.c 1
/src/nss/out/Debug/../../lib/pk11wrap/pk11sdr.c 1
/src/nss/out/Debug/../../fuzz/tls_common.cc 5
/src/nss/out/Debug/../../lib/ssl/sslsock.c 52
/src/nss/out/Debug/../../fuzz/tls_client_config.cc 9
/src/nss/out/Debug/../../lib/freebl/det_rng.c 1
/src/nss/out/Debug/../../fuzz/tls_socket.h 1
/src/nss/out/Debug/../../cpputil/dummy_io.h 1
/src/nss/out/Debug/../../cpputil/dummy_io.cc 1
/src/nss/out/Debug/../../lib/ssl/sslinit.c 2
/src/nss/out/Debug/../../lib/ssl/sslerrstrs.c 2
/src/nss/out/Debug/../../lib/ssl/ssl3con.c 221
/src/nss/out/Debug/../../lib/ssl/sslspec.c 13
/src/nss/out/Debug/../../lib/ssl/ssltrace.c 3
/src/nss/out/Debug/../../lib/ssl/ssl3ext.c 28
/src/nss/out/Debug/../../lib/ssl/dtlscon.c 38
/src/nss/out/Debug/../../lib/ssl/sslsecur.c 12
/src/nss/out/Debug/../../lib/ssl/sslencode.c 25
/src/nss/out/Debug/../../lib/ssl/ssl3gthr.c 6
/src/nss/out/Debug/../../lib/ssl/ssl3exthandle.c 4
/src/nss/out/Debug/../../lib/ssl/tls13con.c 122
/src/nss/out/Debug/../../lib/ssl/tls13subcerts.c 11
/src/nss/out/Debug/../../lib/cryptohi/seckey.c 30
/src/nss/out/Debug/../../lib/ssl/tls13ech.c 31
/src/nss/out/Debug/../../lib/ssl/sslnonce.c 23
/src/nss/out/Debug/../../lib/certhigh/certhigh.c 6
/src/nss/out/Debug/../../lib/ssl/sslprimitive.c 4
/src/nss/out/Debug/../../lib/ssl/tls13psk.c 5
/src/nss/out/Debug/../../lib/pk11wrap/pk11hpke.c 27
/src/nss/out/Debug/../../lib/ssl/sslcert.c 8
/src/nss/out/Debug/../../lib/ssl/tls13replay.c 5
/src/nss/out/Debug/../../lib/ssl/sslbloom.c 6
/src/nss/out/Debug/../../lib/base/item.c 2
/src/nss/out/Debug/../../lib/ssl/ssldef.c 3
/src/nss/out/Debug/../../lib/ssl/sslauth.c 1
/src/nss/out/Debug/../../lib/ssl/sslsnce.c 28
/src/nss/out/Debug/../../lib/ssl/sslmutex.c 4
/src/nss/out/Debug/../../lib/ssl/unix_err.c 1
/src/nss/out/Debug/../../lib/ssl/dtls13con.c 20
/src/nss/out/Debug/../../lib/ssl/sslerr.c 1
/src/nss/out/Debug/../../lib/ssl/tls13hkdf.c 4
/src/nss/out/Debug/../../lib/pk11wrap/pk11kea.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11akey.c 14
/src/nss/out/Debug/../../lib/util/secasn1e.c 25
/src/nss/out/Debug/../../lib/ssl/sslgrp.c 5
/src/nss/out/Debug/../../lib/ssl/ssl3ecc.c 11
/src/nss/out/Debug/../../lib/pk11wrap/pk11cert.c 6
/src/nss/out/Debug/../../lib/util/secalgid.c 2
/src/nss/out/Debug/../../lib/cryptohi/secsign.c 2
/src/nss/out/Debug/../../lib/cryptohi/secvfy.c 16
/src/nss/out/Debug/../../lib/util/secdig.c 3
/src/nss/out/Debug/../../lib/util/derenc.c 4
/src/nss/out/Debug/../../lib/cryptohi/dsautil.c 6
/src/nss/out/Debug/../../lib/ssl/tls13exthandle.c 9
/src/nss/out/Debug/../../lib/ssl/tls13hashstate.c 2
/src/nss/out/Debug/../../lib/ssl/selfencrypt.c 6
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/praton.c 4
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/pripv6.c 3
/src/nss/out/Debug/../../lib/certhigh/certvfy.c 1
/src/nss/out/Debug/../../lib/util/pkcs1sig.c 2
/src/nss/out/Debug/../../lib/util/sectime.c 1
/src/nss/out/Debug/../../lib/util/dertime.c 3

Fuzzer: /src/nss/out/Debug/../../fuzz/mpi_div_target.cc

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 35 22.2%
gold [1:9] 0 0.0%
yellow [10:29] 1 0.63%
greenyellow [30:49] 1 0.63%
lawngreen 50+ 120 76.4%
All colors 157 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
20580 92835 20 :

['SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'CERT_DestroyCertificate', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl3_HandleExtensions', 'tls13_IsPostHandshake', 'tls13_SendPostHandshakeCertificate', 'ssl_Trace', 'SECITEM_FreeItem_Util', 'CERT_DestroyCertificateList', 'SECKEY_DestroyPrivateKey', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PR_Assert', 'PORT_Free_Util', 'PK11_CloneContext', 'ssl3_ConsumeHandshakeVariable']

20580 92835 tls13_HandleCertificateRequest call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:3022
16674 123218 24 :

['SECKEY_ExtractPublicKey', 'PORT_SetError_Util', 'ssl_SignatureSchemeToAuthType', 'ssl_ConsumeSignatureScheme', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl_SetAuthKeyBits', 'tls13_IsVerifyingWithDelegatedCredential', 'PORT_GetError_Util', 'ssl_VerifySignedHashesWithPubKey', 'ssl_CheckSignatureSchemeConsistency', 'ssl_SignatureSchemeToHashType', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_ComputeHandshakeHashes', 'tls13_FatalError', 'SECKEY_DestroyPublicKey', 'tls13_AddContextToHashes', 'PR_Assert', 'ssl_HashHandshakeMessage', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'tls13_VerifyDelegatedCredential']

16674 123218 tls13_HandleCertificateVerify call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:5142
16664 16664 1 :

['sftk_CreateNewSlot']

16664 17628 NSC_CreateObject call site: 00000 /src/nss/out/Debug/../../lib/softoken/pkcs11.c:4842
16543 36030 18 :

['PR_WaitCondVar', 'PR_NotifyAllCondVar', 'PR_GetCurrentThread', 'nssToken_Remove', 'nssToken_Destroy', 'PK11_InitToken', 'nssToken_GetDefaultSession', 'PR_Unlock', 'nssToken_NotifyCertsNotVisible', 'PK11Slot_GetNSSToken', 'PR_Lock', 'nssTrustDomain_UpdateCachedTokenCerts', 'nssSession_EnterMonitor', 'nssSession_ExitMonitor', 'PK11_GetSlotInfo', 'PR_IntervalNow', 'token_status_checked', 'nssToken_Refresh']

16543 36030 nssSlot_IsTokenPresent call site: 00000 /src/nss/out/Debug/../../lib/dev/devslot.c:130
14748 88475 20 :

['ssl3_CleanupPeerCerts', 'SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'ssl_Time', 'dtls_ReceivedFirstMessageInFlight', 'SECITEM_CompareItem_Util', 'ssl_CipherSpecReleaseByEpoch', 'ssl3_HandleNoCertificate', 'SECKEY_UpdateCertPQG', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PORT_NewArena_Util', 'PR_Assert', 'tls13_HandleCertificateEntry', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'ssl3_AuthCertificate', 'PORT_ArenaAlloc_Util']

14748 88475 tls13_HandleCertificate call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:4058
13440 49820 18 :

['SECKEY_GetPublicKeyType', 'PK11_PubDeriveWithKDF', 'SECKEY_CreateECPrivateKey', 'PK11_FreeSymKey', 'SECKEY_PublicKeyStrengthInBits', 'PORT_SetError_Util', 'PK11_WrapSymKey', 'PK11_KeyGen', 'ssl_MapLowLevelError', 'ssl_GetWrappingKey', 'SECKEY_PublicKeyStrength', 'PK11_GetBestKeyLength', 'SECKEY_DestroyPrivateKey', 'PK11_PubWrapSymKey', 'ssl_UnwrapSymWrappingKey', 'SECKEY_DestroyPublicKey', 'ssl_SetWrappingKey', 'PR_Assert']

13440 50754 ssl3_GetWrappingKey call site: 00000 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:6049
11713 11713 2 :

['tls13_WriteServerEchSignal', 'tls13_WriteServerEchHrrSignal']

11713 11713 ssl_ConstructServerHello call site: 00000 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:10011
11366 15619 7 :

['tls13_ComputeEarlySecretsWithPsk', 'CERT_DupCertificate', 'tls13_RecoverWrappedSharedSecret', 'ssl_FindServerCert', 'tls13_RestoreCipherInfo', 'SECITEM_CompareItem_Util', 'ssl3_RegisterExtensionSender']

34068 135314 tls13_HandleClientHelloPart2 call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2253
11250 120798 25 :

['PK11_FreeSymKey', 'ssl_UncacheSessionID', 'SECITEM_CopyItem_Util', 'ssl3_ConsumeHandshakeNumber', 'ssl_Time', 'CERT_DupCertificate', 'PORT_SetError_Util', 'ssl_FreeSID', 'ssl_PrintBuf', 'tls13_HkdfExpandLabel', 'tls13_IsPostHandshake', 'ssl3_HandleExtensions', 'tls13_GetHash', 'ssl3_ConsumeHandshake', 'tls13_GetHashSize', 'ssl3_NewSessionID', 'getpid', 'ssl3_SetSIDSessionTicket', 'tls13_FatalError', 'PR_ntohl', 'PR_Assert', 'ssl3_FillInCachedSID', 'ssl_CacheSessionID', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable']

11250 120798 tls13_HandleNewSessionTicket call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:6149
10815 25482 10 :

['SECITEM_FreeItem_Util', 'PK11_ConcatSymKeys', 'PK11_FreeSymKey', 'getpid', 'tls13_HandleKEMKey', 'PORT_SetError_Util', 'tls13_FatalError', 'PR_Assert', 'PORT_GetError_Util', 'ssl_Trace']

10815 25482 tls13_HandleClientKeyShare call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2663
9446 9446 3 :

['VFY_Update', 'VFY_End', 'VFY_Begin']

9446 9446 vfy_SingleShot call site: 00000 /src/nss/out/Debug/../../lib/cryptohi/secvfy.c:955
8356 18110 8 :

['ssl_TicketTimeValid', 'ssl_UncacheSessionID', 'ssl3_SetupCipherSuite', 'ssl_FreeSID', 'tls13_RecoverWrappedSharedSecret', 'PR_Assert', 'PORT_GetError_Util', 'SSL_AtomicIncrementLong']

16930 46400 tls13_SetupClientHello call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:572

Runtime coverage analysis

Covered functions
2495
Functions that are reachable but not covered
14
Reachable functions
73
Percentage of reachable functions covered
80.82%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/mpi_div_target.cc 1
/src/nss/out/Debug/../../lib/freebl/mpi/mpi.c 42
/src/nss/out/Debug/../../fuzz/mpi_helper.cc 3
/src/nss/out/Debug/../../lib/freebl/mpi/mp_comba.c 4

Fuzzer: /src/nss/out/Debug/../../fuzz/pkcs8_target.cc

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 1882 55.6%
gold [1:9] 242 7.15%
yellow [10:29] 36 1.06%
greenyellow [30:49] 3 0.08%
lawngreen 50+ 1219 36.0%
All colors 3382 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
20580 92835 20 :

['SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'CERT_DestroyCertificate', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl3_HandleExtensions', 'tls13_IsPostHandshake', 'tls13_SendPostHandshakeCertificate', 'ssl_Trace', 'SECITEM_FreeItem_Util', 'CERT_DestroyCertificateList', 'SECKEY_DestroyPrivateKey', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PR_Assert', 'PORT_Free_Util', 'PK11_CloneContext', 'ssl3_ConsumeHandshakeVariable']

20580 92835 tls13_HandleCertificateRequest call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:3022
16674 123218 24 :

['SECKEY_ExtractPublicKey', 'PORT_SetError_Util', 'ssl_SignatureSchemeToAuthType', 'ssl_ConsumeSignatureScheme', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl_SetAuthKeyBits', 'tls13_IsVerifyingWithDelegatedCredential', 'PORT_GetError_Util', 'ssl_VerifySignedHashesWithPubKey', 'ssl_CheckSignatureSchemeConsistency', 'ssl_SignatureSchemeToHashType', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_ComputeHandshakeHashes', 'tls13_FatalError', 'SECKEY_DestroyPublicKey', 'tls13_AddContextToHashes', 'PR_Assert', 'ssl_HashHandshakeMessage', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'tls13_VerifyDelegatedCredential']

16674 123218 tls13_HandleCertificateVerify call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:5142
16664 16664 1 :

['sftk_CreateNewSlot']

16664 17628 NSC_CreateObject call site: 00000 /src/nss/out/Debug/../../lib/softoken/pkcs11.c:4842
16543 36030 18 :

['PR_WaitCondVar', 'PR_NotifyAllCondVar', 'PR_GetCurrentThread', 'nssToken_Remove', 'nssToken_Destroy', 'PK11_InitToken', 'nssToken_GetDefaultSession', 'PR_Unlock', 'nssToken_NotifyCertsNotVisible', 'PK11Slot_GetNSSToken', 'PR_Lock', 'nssTrustDomain_UpdateCachedTokenCerts', 'nssSession_EnterMonitor', 'nssSession_ExitMonitor', 'PK11_GetSlotInfo', 'PR_IntervalNow', 'token_status_checked', 'nssToken_Refresh']

16543 36030 nssSlot_IsTokenPresent call site: 00844 /src/nss/out/Debug/../../lib/dev/devslot.c:130
14748 88475 20 :

['ssl3_CleanupPeerCerts', 'SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'ssl_Time', 'dtls_ReceivedFirstMessageInFlight', 'SECITEM_CompareItem_Util', 'ssl_CipherSpecReleaseByEpoch', 'ssl3_HandleNoCertificate', 'SECKEY_UpdateCertPQG', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PORT_NewArena_Util', 'PR_Assert', 'tls13_HandleCertificateEntry', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'ssl3_AuthCertificate', 'PORT_ArenaAlloc_Util']

14748 88475 tls13_HandleCertificate call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:4058
13440 49820 18 :

['SECKEY_GetPublicKeyType', 'PK11_PubDeriveWithKDF', 'SECKEY_CreateECPrivateKey', 'PK11_FreeSymKey', 'SECKEY_PublicKeyStrengthInBits', 'PORT_SetError_Util', 'PK11_WrapSymKey', 'PK11_KeyGen', 'ssl_MapLowLevelError', 'ssl_GetWrappingKey', 'SECKEY_PublicKeyStrength', 'PK11_GetBestKeyLength', 'SECKEY_DestroyPrivateKey', 'PK11_PubWrapSymKey', 'ssl_UnwrapSymWrappingKey', 'SECKEY_DestroyPublicKey', 'ssl_SetWrappingKey', 'PR_Assert']

13440 50754 ssl3_GetWrappingKey call site: 00000 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:6049
11713 11713 2 :

['tls13_WriteServerEchSignal', 'tls13_WriteServerEchHrrSignal']

11713 11713 ssl_ConstructServerHello call site: 00000 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:10011
11366 15619 7 :

['tls13_ComputeEarlySecretsWithPsk', 'CERT_DupCertificate', 'tls13_RecoverWrappedSharedSecret', 'ssl_FindServerCert', 'tls13_RestoreCipherInfo', 'SECITEM_CompareItem_Util', 'ssl3_RegisterExtensionSender']

34068 135314 tls13_HandleClientHelloPart2 call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2253
11250 120798 25 :

['PK11_FreeSymKey', 'ssl_UncacheSessionID', 'SECITEM_CopyItem_Util', 'ssl3_ConsumeHandshakeNumber', 'ssl_Time', 'CERT_DupCertificate', 'PORT_SetError_Util', 'ssl_FreeSID', 'ssl_PrintBuf', 'tls13_HkdfExpandLabel', 'tls13_IsPostHandshake', 'ssl3_HandleExtensions', 'tls13_GetHash', 'ssl3_ConsumeHandshake', 'tls13_GetHashSize', 'ssl3_NewSessionID', 'getpid', 'ssl3_SetSIDSessionTicket', 'tls13_FatalError', 'PR_ntohl', 'PR_Assert', 'ssl3_FillInCachedSID', 'ssl_CacheSessionID', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable']

11250 120798 tls13_HandleNewSessionTicket call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:6149
10815 25482 10 :

['SECITEM_FreeItem_Util', 'PK11_ConcatSymKeys', 'PK11_FreeSymKey', 'getpid', 'tls13_HandleKEMKey', 'PORT_SetError_Util', 'tls13_FatalError', 'PR_Assert', 'PORT_GetError_Util', 'ssl_Trace']

10815 25482 tls13_HandleClientKeyShare call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2663
9446 9446 3 :

['VFY_Update', 'VFY_End', 'VFY_Begin']

9446 9446 vfy_SingleShot call site: 00000 /src/nss/out/Debug/../../lib/cryptohi/secvfy.c:955
8356 18110 8 :

['ssl_TicketTimeValid', 'ssl_UncacheSessionID', 'ssl3_SetupCipherSuite', 'ssl_FreeSID', 'tls13_RecoverWrappedSharedSecret', 'PR_Assert', 'PORT_GetError_Util', 'SSL_AtomicIncrementLong']

16930 46400 tls13_SetupClientHello call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:572

Runtime coverage analysis

Covered functions
2495
Functions that are reachable but not covered
294
Reachable functions
852
Percentage of reachable functions covered
65.49%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/pkcs8_target.cc 1
/src/nss/out/Debug/../../fuzz/shared.h 1
/src/nss/out/Debug/../../lib/nss/nssinit.c 11
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prinit.c 5
/src/nspr/Debug/pr/src/malloc/../../../../pr/src/malloc/prmem.c 11
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prlog.c 8
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/unix.c 5
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prtime.c 5
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prprf.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerror.c 5
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptthread.c 6
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptsynch.c 19
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/priometh.c 2
/src/nspr/Debug/pr/src/md/../../../../pr/src/md/prosdep.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prenv.c 4
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/linux.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/pratom.c 1
/src/nspr/Debug/pr/src/memory/../../../../pr/src/memory/prseg.c 1
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptmisc.c 2
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prtpd.c 5
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prlayer.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prinrval.c 6
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prcmon.c 2
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/unix_errors.c 2
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptio.c 11
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prfdcach.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prnetdb.c 1
/src/nspr/Debug/pr/src/linking/../../../../pr/src/linking/prlink.c 9
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prdtoa.c 1
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prmwait.c 1
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prrwlock.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerr.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerrortable.c 1
/src/nss/out/Debug/../../lib/certdb/certdb.c 23
/src/nss/out/Debug/../../lib/certdb/crl.c 1
/src/nss/out/Debug/../../lib/util/secport.c 26
/src/nspr/Debug/lib/ds/../../../lib/ds/plhash.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prlog2.c 1
/src/nss/out/Debug/../../lib/util/secitem.c 8
/src/nss/out/Debug/../../lib/certhigh/ocsp.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11load.c 6
/src/nss/out/Debug/../../lib/pk11wrap/pk11util.c 28
/src/nss/out/Debug/../../lib/pk11wrap/pk11list.c 6
/src/nss/out/Debug/../../lib/util/nssrwlk.c 6
/src/nss/out/Debug/../../lib/pk11wrap/pk11pars.c 34
/src/nss/out/Debug/../../lib/util/utilpars.c 40
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strcase.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11slot.c 54
/src/nspr/Debug/lib/ds/../../../lib/ds/plarena.c 7
/src/nss/out/Debug/../../lib/pk11wrap/pk11skey.c 5
/src/nss/out/Debug/../../lib/pk11wrap/pk11obj.c 13
/src/nss/out/Debug/../../lib/dev/devtoken.c 17
/src/nss/out/Debug/../../lib/dev/devslot.c 9
/src/nss/out/Debug/../../lib/pk11wrap/dev3hack.c 10
/src/nss/out/Debug/../../lib/pk11wrap/pk11err.c 1
/src/nss/out/Debug/../../lib/pki/tdcache.c 14
/src/nss/out/Debug/../../lib/base/arena.c 16
/src/nss/out/Debug/../../lib/base/error.c 5
/src/nss/out/Debug/../../lib/base/libc.c 3
/src/nss/out/Debug/../../lib/base/hash.c 10
/src/nss/out/Debug/../../lib/pki/pkibase.c 10
/src/nss/out/Debug/../../lib/dev/devutil.c 25
/src/nss/out/Debug/../../lib/base/tracker.c 6
/src/nss/out/Debug/../../lib/base/list.c 12
/src/nss/out/Debug/../../lib/pki/certificate.c 9
/src/nss/out/Debug/../../lib/pki/pki3hack.c 15
/src/nss/out/Debug/../../lib/util/quickder.c 13
/src/nss/out/Debug/../../lib/util/secasn1u.c 1
/src/nss/out/Debug/../../lib/certdb/certxutl.c 5
/src/nss/out/Debug/../../lib/util/secoid.c 15
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strpbrk.c 1
/src/nss/out/Debug/../../lib/certdb/alg1485.c 13
/src/nss/out/Debug/../../lib/certdb/secname.c 2
/src/nss/out/Debug/../../lib/util/utf8.c 4
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strlen.c 1
/src/nss/out/Debug/../../lib/certdb/certv3.c 5
/src/nss/out/Debug/../../lib/certdb/xconst.c 1
/src/nss/out/Debug/../../lib/certdb/genname.c 4
/src/nss/out/Debug/../../lib/pk11wrap/pk11cxt.c 15
/src/nss/out/Debug/../../lib/pk11wrap/pk11mech.c 1
/src/nss/out/Debug/../../lib/base/utf8.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11auth.c 7
/src/nss/out/Debug/../../lib/dev/ckhelper.c 4
/src/nss/out/Debug/../../lib/pki/cryptocontext.c 2
/src/nss/out/Debug/../../lib/pki/pkistore.c 9
/src/nss/out/Debug/../../lib/pki/trustdomain.c 7
/src/nss/out/Debug/../../lib/cryptohi/sechash.c 3
/src/nss/out/Debug/../../lib/certdb/polcyxtn.c 3
/src/nss/out/Debug/../../lib/certdb/xbsconst.c 1
/src/nss/out/Debug/../../lib/util/dersubr.c 1
/src/nss/out/Debug/../../lib/certdb/stanpcertdb.c 2
/src/nss/out/Debug/../../lib/pki/certdecode.c 1
/src/nss/out/Debug/../../lib/util/errstrs.c 2
/src/nss/out/Debug/../../lib/nss/nssoptions.c 2
/src/nss/out/Debug/../../lib/pk11wrap/debug_module.c 1
/src/nss/out/Debug/../../lib/pk11wrap/pk11sdr.c 1
/src/nss/out/Debug/../../lib/pk11wrap/pk11pk12.c 7
/src/nss/out/Debug/../../lib/util/secasn1d.c 41
/src/nss/out/Debug/../../lib/util/secalgid.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11akey.c 2
/src/nss/out/Debug/../../lib/cryptohi/seckey.c 2

Fuzzer: /src/nss/out/Debug/../../fuzz/pkcs8_target.cc

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 1882 55.6%
gold [1:9] 242 7.15%
yellow [10:29] 36 1.06%
greenyellow [30:49] 3 0.08%
lawngreen 50+ 1219 36.0%
All colors 3382 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
20580 92835 20 :

['SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'CERT_DestroyCertificate', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl3_HandleExtensions', 'tls13_IsPostHandshake', 'tls13_SendPostHandshakeCertificate', 'ssl_Trace', 'SECITEM_FreeItem_Util', 'CERT_DestroyCertificateList', 'SECKEY_DestroyPrivateKey', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PR_Assert', 'PORT_Free_Util', 'PK11_CloneContext', 'ssl3_ConsumeHandshakeVariable']

20580 92835 tls13_HandleCertificateRequest call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:3022
16674 123218 24 :

['SECKEY_ExtractPublicKey', 'PORT_SetError_Util', 'ssl_SignatureSchemeToAuthType', 'ssl_ConsumeSignatureScheme', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl_SetAuthKeyBits', 'tls13_IsVerifyingWithDelegatedCredential', 'PORT_GetError_Util', 'ssl_VerifySignedHashesWithPubKey', 'ssl_CheckSignatureSchemeConsistency', 'ssl_SignatureSchemeToHashType', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_ComputeHandshakeHashes', 'tls13_FatalError', 'SECKEY_DestroyPublicKey', 'tls13_AddContextToHashes', 'PR_Assert', 'ssl_HashHandshakeMessage', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'tls13_VerifyDelegatedCredential']

16674 123218 tls13_HandleCertificateVerify call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:5142
16664 16664 1 :

['sftk_CreateNewSlot']

16664 17628 NSC_CreateObject call site: 00000 /src/nss/out/Debug/../../lib/softoken/pkcs11.c:4842
16543 36030 18 :

['PR_WaitCondVar', 'PR_NotifyAllCondVar', 'PR_GetCurrentThread', 'nssToken_Remove', 'nssToken_Destroy', 'PK11_InitToken', 'nssToken_GetDefaultSession', 'PR_Unlock', 'nssToken_NotifyCertsNotVisible', 'PK11Slot_GetNSSToken', 'PR_Lock', 'nssTrustDomain_UpdateCachedTokenCerts', 'nssSession_EnterMonitor', 'nssSession_ExitMonitor', 'PK11_GetSlotInfo', 'PR_IntervalNow', 'token_status_checked', 'nssToken_Refresh']

16543 36030 nssSlot_IsTokenPresent call site: 00844 /src/nss/out/Debug/../../lib/dev/devslot.c:130
14748 88475 20 :

['ssl3_CleanupPeerCerts', 'SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'ssl_Time', 'dtls_ReceivedFirstMessageInFlight', 'SECITEM_CompareItem_Util', 'ssl_CipherSpecReleaseByEpoch', 'ssl3_HandleNoCertificate', 'SECKEY_UpdateCertPQG', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PORT_NewArena_Util', 'PR_Assert', 'tls13_HandleCertificateEntry', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'ssl3_AuthCertificate', 'PORT_ArenaAlloc_Util']

14748 88475 tls13_HandleCertificate call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:4058
13440 49820 18 :

['SECKEY_GetPublicKeyType', 'PK11_PubDeriveWithKDF', 'SECKEY_CreateECPrivateKey', 'PK11_FreeSymKey', 'SECKEY_PublicKeyStrengthInBits', 'PORT_SetError_Util', 'PK11_WrapSymKey', 'PK11_KeyGen', 'ssl_MapLowLevelError', 'ssl_GetWrappingKey', 'SECKEY_PublicKeyStrength', 'PK11_GetBestKeyLength', 'SECKEY_DestroyPrivateKey', 'PK11_PubWrapSymKey', 'ssl_UnwrapSymWrappingKey', 'SECKEY_DestroyPublicKey', 'ssl_SetWrappingKey', 'PR_Assert']

13440 50754 ssl3_GetWrappingKey call site: 00000 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:6049
11713 11713 2 :

['tls13_WriteServerEchSignal', 'tls13_WriteServerEchHrrSignal']

11713 11713 ssl_ConstructServerHello call site: 00000 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:10011
11366 15619 7 :

['tls13_ComputeEarlySecretsWithPsk', 'CERT_DupCertificate', 'tls13_RecoverWrappedSharedSecret', 'ssl_FindServerCert', 'tls13_RestoreCipherInfo', 'SECITEM_CompareItem_Util', 'ssl3_RegisterExtensionSender']

34068 135314 tls13_HandleClientHelloPart2 call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2253
11250 120798 25 :

['PK11_FreeSymKey', 'ssl_UncacheSessionID', 'SECITEM_CopyItem_Util', 'ssl3_ConsumeHandshakeNumber', 'ssl_Time', 'CERT_DupCertificate', 'PORT_SetError_Util', 'ssl_FreeSID', 'ssl_PrintBuf', 'tls13_HkdfExpandLabel', 'tls13_IsPostHandshake', 'ssl3_HandleExtensions', 'tls13_GetHash', 'ssl3_ConsumeHandshake', 'tls13_GetHashSize', 'ssl3_NewSessionID', 'getpid', 'ssl3_SetSIDSessionTicket', 'tls13_FatalError', 'PR_ntohl', 'PR_Assert', 'ssl3_FillInCachedSID', 'ssl_CacheSessionID', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable']

11250 120798 tls13_HandleNewSessionTicket call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:6149
10815 25482 10 :

['SECITEM_FreeItem_Util', 'PK11_ConcatSymKeys', 'PK11_FreeSymKey', 'getpid', 'tls13_HandleKEMKey', 'PORT_SetError_Util', 'tls13_FatalError', 'PR_Assert', 'PORT_GetError_Util', 'ssl_Trace']

10815 25482 tls13_HandleClientKeyShare call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2663
9446 9446 3 :

['VFY_Update', 'VFY_End', 'VFY_Begin']

9446 9446 vfy_SingleShot call site: 00000 /src/nss/out/Debug/../../lib/cryptohi/secvfy.c:955
8356 18110 8 :

['ssl_TicketTimeValid', 'ssl_UncacheSessionID', 'ssl3_SetupCipherSuite', 'ssl_FreeSID', 'tls13_RecoverWrappedSharedSecret', 'PR_Assert', 'PORT_GetError_Util', 'SSL_AtomicIncrementLong']

16930 46400 tls13_SetupClientHello call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:572

Runtime coverage analysis

Covered functions
2495
Functions that are reachable but not covered
294
Reachable functions
852
Percentage of reachable functions covered
65.49%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/pkcs8_target.cc 1
/src/nss/out/Debug/../../fuzz/shared.h 1
/src/nss/out/Debug/../../lib/nss/nssinit.c 11
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prinit.c 5
/src/nspr/Debug/pr/src/malloc/../../../../pr/src/malloc/prmem.c 11
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prlog.c 8
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/unix.c 5
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prtime.c 5
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prprf.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerror.c 5
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptthread.c 6
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptsynch.c 19
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/priometh.c 2
/src/nspr/Debug/pr/src/md/../../../../pr/src/md/prosdep.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prenv.c 4
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/linux.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/pratom.c 1
/src/nspr/Debug/pr/src/memory/../../../../pr/src/memory/prseg.c 1
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptmisc.c 2
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prtpd.c 5
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prlayer.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prinrval.c 6
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prcmon.c 2
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/unix_errors.c 2
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptio.c 11
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prfdcach.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prnetdb.c 1
/src/nspr/Debug/pr/src/linking/../../../../pr/src/linking/prlink.c 9
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prdtoa.c 1
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prmwait.c 1
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prrwlock.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerr.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerrortable.c 1
/src/nss/out/Debug/../../lib/certdb/certdb.c 23
/src/nss/out/Debug/../../lib/certdb/crl.c 1
/src/nss/out/Debug/../../lib/util/secport.c 26
/src/nspr/Debug/lib/ds/../../../lib/ds/plhash.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prlog2.c 1
/src/nss/out/Debug/../../lib/util/secitem.c 8
/src/nss/out/Debug/../../lib/certhigh/ocsp.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11load.c 6
/src/nss/out/Debug/../../lib/pk11wrap/pk11util.c 28
/src/nss/out/Debug/../../lib/pk11wrap/pk11list.c 6
/src/nss/out/Debug/../../lib/util/nssrwlk.c 6
/src/nss/out/Debug/../../lib/pk11wrap/pk11pars.c 34
/src/nss/out/Debug/../../lib/util/utilpars.c 40
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strcase.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11slot.c 54
/src/nspr/Debug/lib/ds/../../../lib/ds/plarena.c 7
/src/nss/out/Debug/../../lib/pk11wrap/pk11skey.c 5
/src/nss/out/Debug/../../lib/pk11wrap/pk11obj.c 13
/src/nss/out/Debug/../../lib/dev/devtoken.c 17
/src/nss/out/Debug/../../lib/dev/devslot.c 9
/src/nss/out/Debug/../../lib/pk11wrap/dev3hack.c 10
/src/nss/out/Debug/../../lib/pk11wrap/pk11err.c 1
/src/nss/out/Debug/../../lib/pki/tdcache.c 14
/src/nss/out/Debug/../../lib/base/arena.c 16
/src/nss/out/Debug/../../lib/base/error.c 5
/src/nss/out/Debug/../../lib/base/libc.c 3
/src/nss/out/Debug/../../lib/base/hash.c 10
/src/nss/out/Debug/../../lib/pki/pkibase.c 10
/src/nss/out/Debug/../../lib/dev/devutil.c 25
/src/nss/out/Debug/../../lib/base/tracker.c 6
/src/nss/out/Debug/../../lib/base/list.c 12
/src/nss/out/Debug/../../lib/pki/certificate.c 9
/src/nss/out/Debug/../../lib/pki/pki3hack.c 15
/src/nss/out/Debug/../../lib/util/quickder.c 13
/src/nss/out/Debug/../../lib/util/secasn1u.c 1
/src/nss/out/Debug/../../lib/certdb/certxutl.c 5
/src/nss/out/Debug/../../lib/util/secoid.c 15
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strpbrk.c 1
/src/nss/out/Debug/../../lib/certdb/alg1485.c 13
/src/nss/out/Debug/../../lib/certdb/secname.c 2
/src/nss/out/Debug/../../lib/util/utf8.c 4
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strlen.c 1
/src/nss/out/Debug/../../lib/certdb/certv3.c 5
/src/nss/out/Debug/../../lib/certdb/xconst.c 1
/src/nss/out/Debug/../../lib/certdb/genname.c 4
/src/nss/out/Debug/../../lib/pk11wrap/pk11cxt.c 15
/src/nss/out/Debug/../../lib/pk11wrap/pk11mech.c 1
/src/nss/out/Debug/../../lib/base/utf8.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11auth.c 7
/src/nss/out/Debug/../../lib/dev/ckhelper.c 4
/src/nss/out/Debug/../../lib/pki/cryptocontext.c 2
/src/nss/out/Debug/../../lib/pki/pkistore.c 9
/src/nss/out/Debug/../../lib/pki/trustdomain.c 7
/src/nss/out/Debug/../../lib/cryptohi/sechash.c 3
/src/nss/out/Debug/../../lib/certdb/polcyxtn.c 3
/src/nss/out/Debug/../../lib/certdb/xbsconst.c 1
/src/nss/out/Debug/../../lib/util/dersubr.c 1
/src/nss/out/Debug/../../lib/certdb/stanpcertdb.c 2
/src/nss/out/Debug/../../lib/pki/certdecode.c 1
/src/nss/out/Debug/../../lib/util/errstrs.c 2
/src/nss/out/Debug/../../lib/nss/nssoptions.c 2
/src/nss/out/Debug/../../lib/pk11wrap/debug_module.c 1
/src/nss/out/Debug/../../lib/pk11wrap/pk11sdr.c 1
/src/nss/out/Debug/../../lib/pk11wrap/pk11pk12.c 7
/src/nss/out/Debug/../../lib/util/secasn1d.c 41
/src/nss/out/Debug/../../lib/util/secalgid.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11akey.c 2
/src/nss/out/Debug/../../lib/cryptohi/seckey.c 2

Fuzzer: mpi-sub

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 46 30.8%
gold [1:9] 0 0.0%
yellow [10:29] 1 0.67%
greenyellow [30:49] 0 0.0%
lawngreen 50+ 102 68.4%
All colors 149 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
95 127 5 :

['s_mp_div_d', 'mp_clear', 's_mp_exch', 's_mp_cmp_d', 'mp_init_copy']

95 127 mp_div_d call site: 00083 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:562
2 29 3 :

['s_mp_clamp', 's_mpv_mul_set_vec64', 's_mp_pad']

2 29 s_mp_mul_d call site: 00026 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:3591
0 30 1 :

['s_mp_add_3arg']

0 37 mp_sub call site: 00117 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:785
0 22 1 :

['s_mp_pad']

0 22 s_mp_add_3arg call site: 00119 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:3898
0 15 4 :

['s_mp_alloc', 's_mp_copy', 's_mp_setz', 's_mp_free']

0 15 mp_copy call site: 00017 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:204
0 5 1 :

['mp_zero']

0 5 mp_mul_d call site: 00014 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:504
0 2 1 :

['s_mp_setz']

0 2 s_mp_rshd call site: 00086 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:3279
0 0 None 2 79 s_mp_mul_d call site: 00024 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:3585
0 0 None 0 44 s_mp_add_3arg call site: 00118 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:3836
0 0 None 0 9 mp_add_d call site: 00051 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:418
0 0 None 0 9 mp_toradix call site: 00081 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:2949
0 0 None 0 5 mp_sub call site: 00116 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:780

Runtime coverage analysis

Covered functions
39
Functions that are reachable but not covered
19
Reachable functions
61
Percentage of reachable functions covered
68.85%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/mpi_sub_target.cc 1
/src/nss/out/Debug/../../lib/freebl/mpi/mpi.c 41
/src/nss/out/Debug/../../fuzz/mpi_helper.cc 3

Fuzzer: mpi-mod

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 38 18.4%
gold [1:9] 4 1.94%
yellow [10:29] 2 0.97%
greenyellow [30:49] 0 0.0%
lawngreen 50+ 162 78.6%
All colors 206 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
95 127 5 :

['s_mp_div_d', 'mp_clear', 's_mp_exch', 's_mp_cmp_d', 'mp_init_copy']

95 127 mp_div_d call site: 00083 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:562
71 71 1 :

['mp_add']

71 71 mp_mod call site: 00000 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:1305
71 71 1 :

['mp_add']

71 71 mp_mod call site: 00000 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:1314
30 30 1 :

['s_mp_add_3arg']

30 37 mp_sub call site: 00188 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:785
0 5 1 :

['mp_zero']

0 5 mp_mul_d call site: 00014 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:504
0 2 1 :

['s_mp_setz']

0 2 s_mp_rshd call site: 00086 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:3283
0 0 None 4 67 s_mp_mulg call site: 00173 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:831
0 0 None 2 79 s_mp_mul_d call site: 00024 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:3585
0 0 None 0 41 mp_sub call site: 00193 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:790
0 0 None 0 30 s_mp_div call site: 00151 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:4596
0 0 None 0 9 mp_add_d call site: 00051 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:418
0 0 None 0 9 s_mp_mulg call site: 00175 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:850

Runtime coverage analysis

Covered functions
51
Functions that are reachable but not covered
21
Reachable functions
75
Percentage of reachable functions covered
72.0%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/mpi_mod_target.cc 1
/src/nss/out/Debug/../../lib/freebl/mpi/mpi.c 48
/src/nss/out/Debug/../../fuzz/mpi_helper.cc 3
/src/nss/out/Debug/../../lib/freebl/mpi/mp_comba.c 4

Fuzzer: mpi-add

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 47 31.5%
gold [1:9] 0 0.0%
yellow [10:29] 1 0.67%
greenyellow [30:49] 0 0.0%
lawngreen 50+ 101 67.7%
All colors 149 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
95 127 5 :

['s_mp_div_d', 'mp_clear', 's_mp_exch', 's_mp_cmp_d', 'mp_init_copy']

95 127 mp_div_d call site: 00083 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:562
2 29 3 :

['s_mp_clamp', 's_mpv_mul_set_vec64', 's_mp_pad']

2 29 s_mp_mul_d call site: 00026 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:3591
0 15 4 :

['s_mp_alloc', 's_mp_copy', 's_mp_setz', 's_mp_free']

0 15 mp_copy call site: 00017 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:204
0 5 1 :

['mp_zero']

0 5 mp_mul_d call site: 00014 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:504
0 2 1 :

['s_mp_setz']

0 2 s_mp_rshd call site: 00086 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:3279
0 0 None 2 79 s_mp_mul_d call site: 00024 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:3585
0 0 None 0 41 mp_sub call site: 00135 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:790
0 0 None 0 9 mp_add_d call site: 00051 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:418
0 0 None 0 9 mp_toradix call site: 00081 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:2949
0 0 None 0 9 mp_toradix call site: 00109 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:2961
0 0 None 0 5 mp_sub call site: 00131 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:780
0 0 None 0 5 s_mp_sub_3arg call site: 00123 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:4103

Runtime coverage analysis

Covered functions
39
Functions that are reachable but not covered
19
Reachable functions
61
Percentage of reachable functions covered
68.85%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/mpi_add_target.cc 1
/src/nss/out/Debug/../../lib/freebl/mpi/mpi.c 41
/src/nss/out/Debug/../../fuzz/mpi_helper.cc 3

Fuzzer: mpi-sqr

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 49 31.6%
gold [1:9] 0 0.0%
yellow [10:29] 0 0.0%
greenyellow [30:49] 0 0.0%
lawngreen 50+ 106 68.3%
All colors 155 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
95 127 5 :

['s_mp_div_d', 'mp_clear', 's_mp_exch', 's_mp_cmp_d', 'mp_init_copy']

95 127 mp_div_d call site: 00079 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:562
2 29 3 :

['s_mp_clamp', 's_mpv_mul_set_vec64', 's_mp_pad']

2 29 s_mp_mul_d call site: 00026 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:3591
0 17 1 :

['s_mp_grow']

0 17 s_mp_mul_2 call site: 00121 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:3338
0 15 4 :

['s_mp_alloc', 's_mp_copy', 's_mp_setz', 's_mp_free']

0 15 mp_copy call site: 00017 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:204
0 13 1 :

['mp_init_copy']

4 97 mp_sqr call site: 00111 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:981
0 13 1 :

['mp_init_copy']

4 80 s_mp_mulg call site: 00132 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:834
0 5 1 :

['mp_zero']

0 5 mp_mul_d call site: 00014 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:504
0 2 1 :

['s_mp_setz']

0 2 s_mp_rshd call site: 00082 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:3279
0 0 None 4 80 s_mp_mulg call site: 00131 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:828
0 0 None 4 67 s_mp_mulg call site: 00133 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:842
0 0 None 2 79 s_mp_mul_d call site: 00024 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:3585
0 0 None 0 9 mp_add_d call site: 00051 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:418

Runtime coverage analysis

Covered functions
47
Functions that are reachable but not covered
21
Reachable functions
71
Percentage of reachable functions covered
70.42%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/mpi_sqr_target.cc 1
/src/nss/out/Debug/../../lib/freebl/mpi/mpi.c 42
/src/nss/out/Debug/../../fuzz/mpi_helper.cc 3
/src/nss/out/Debug/../../lib/freebl/mpi/mp_comba.c 8

Fuzzer: mpi-expmod

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 280 44.1%
gold [1:9] 5 0.78%
yellow [10:29] 1 0.15%
greenyellow [30:49] 0 0.0%
lawngreen 50+ 348 54.8%
All colors 634 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
580 580 1 :

['mp_exptmod_i']

580 598 mp_exptmod call site: 00296 /src/nss/out/Debug/../../lib/freebl/mpi/mpmontg.c:1144
95 127 5 :

['s_mp_div_d', 'mp_clear', 's_mp_exch', 's_mp_cmp_d', 'mp_init_copy']

95 127 mp_div_d call site: 00083 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:562
30 30 1 :

['s_mp_add_3arg']

30 37 mp_add call site: 00193 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:746
30 30 1 :

['s_mp_add_3arg']

30 37 mp_sub call site: 00238 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:785
23 23 1 :

['getIntelCacheLineSize']

23 23 s_mpi_getProcessorLineSize call site: 00298 /src/nss/out/Debug/../../lib/freebl/mpi/mpcpucache.c:691
0 71 1 :

['mp_add']

0 71 mp_mod call site: 00145 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:1305
0 71 1 :

['mp_add']

0 71 mp_mod call site: 00204 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:1314
0 17 1 :

['s_mp_grow']

4 84 mp_sqr call site: 00258 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:991
0 17 1 :

['s_mp_grow']

0 17 s_mp_mul_2 call site: 00267 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:3338
0 13 1 :

['mp_init_copy']

4 97 mp_sqr call site: 00257 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:981
0 8 1 :

['mp_set']

0 60 mp_div call site: 00153 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:1105
0 7 2 :

['s_mp_alloc', 's_mp_free']

0 11 mp_copy call site: 00017 /src/nss/out/Debug/../../lib/freebl/mpi/mpi.c:217

Runtime coverage analysis

Covered functions
82
Functions that are reachable but not covered
28
Reachable functions
114
Percentage of reachable functions covered
75.44%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/mpi_expmod_target.cc 1
/src/nss/out/Debug/../../lib/freebl/mpi/mpi.c 59
/src/nss/out/Debug/../../fuzz/mpi_helper.cc 4
/src/nss/out/Debug/../../lib/freebl/mpi/mpmontg.c 9
/src/nss/out/Debug/../../lib/freebl/mpi/mp_comba.c 8
/src/nss/out/Debug/../../lib/freebl/mpi/mplogic.c 2
/src/nss/out/Debug/../../lib/freebl/mpi/mpcpucache.c 6
/src/nss/out/Debug/../../lib/freebl/mpi/mpi_amd64.c 1

Fuzzer: tls-client

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 7222 67.4%
gold [1:9] 462 4.31%
yellow [10:29] 48 0.44%
greenyellow [30:49] 22 0.20%
lawngreen 50+ 2951 27.5%
All colors 10705 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
29597 92835 20 :

['SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'CERT_DestroyCertificate', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl3_HandleExtensions', 'tls13_IsPostHandshake', 'tls13_SendPostHandshakeCertificate', 'ssl_Trace', 'SECITEM_FreeItem_Util', 'CERT_DestroyCertificateList', 'SECKEY_DestroyPrivateKey', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PR_Assert', 'PORT_Free_Util', 'PK11_CloneContext', 'ssl3_ConsumeHandshakeVariable']

29597 92835 tls13_HandleCertificateRequest call site: 10100 /src/nss/out/Debug/../../lib/ssl/tls13con.c:3022
25368 123218 24 :

['SECKEY_ExtractPublicKey', 'PORT_SetError_Util', 'ssl_SignatureSchemeToAuthType', 'ssl_ConsumeSignatureScheme', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl_SetAuthKeyBits', 'tls13_IsVerifyingWithDelegatedCredential', 'PORT_GetError_Util', 'ssl_VerifySignedHashesWithPubKey', 'ssl_CheckSignatureSchemeConsistency', 'ssl_SignatureSchemeToHashType', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_ComputeHandshakeHashes', 'tls13_FatalError', 'SECKEY_DestroyPublicKey', 'tls13_AddContextToHashes', 'PR_Assert', 'ssl_HashHandshakeMessage', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'tls13_VerifyDelegatedCredential']

25368 123218 tls13_HandleCertificateVerify call site: 10187 /src/nss/out/Debug/../../lib/ssl/tls13con.c:5142
22777 120798 25 :

['PK11_FreeSymKey', 'ssl_UncacheSessionID', 'SECITEM_CopyItem_Util', 'ssl3_ConsumeHandshakeNumber', 'ssl_Time', 'CERT_DupCertificate', 'PORT_SetError_Util', 'ssl_FreeSID', 'ssl_PrintBuf', 'tls13_HkdfExpandLabel', 'tls13_IsPostHandshake', 'ssl3_HandleExtensions', 'tls13_GetHash', 'ssl3_ConsumeHandshake', 'tls13_GetHashSize', 'ssl3_NewSessionID', 'getpid', 'ssl3_SetSIDSessionTicket', 'tls13_FatalError', 'PR_ntohl', 'PR_Assert', 'ssl3_FillInCachedSID', 'ssl_CacheSessionID', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable']

22777 120798 tls13_HandleNewSessionTicket call site: 10354 /src/nss/out/Debug/../../lib/ssl/tls13con.c:6149
21362 88475 20 :

['ssl3_CleanupPeerCerts', 'SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'ssl_Time', 'dtls_ReceivedFirstMessageInFlight', 'SECITEM_CompareItem_Util', 'ssl_CipherSpecReleaseByEpoch', 'ssl3_HandleNoCertificate', 'SECKEY_UpdateCertPQG', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PORT_NewArena_Util', 'PR_Assert', 'tls13_HandleCertificateEntry', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'ssl3_AuthCertificate', 'PORT_ArenaAlloc_Util']

21362 88475 tls13_HandleCertificate call site: 09949 /src/nss/out/Debug/../../lib/ssl/tls13con.c:4058
20022 32482 10 :

['getpid', 'tls13_SetHsState', 'tls13_MaybeHandleEchSignal', 'PORT_SetError_Util', 'tls13_ComputeHandshakeSecret', 'tls13_FatalError', 'tls13_SetCipherSpec', 'ssl_CipherSpecReleaseByEpoch', 'ssl_Trace', 'tls13_ComputeHandshakeSecrets']

20022 32482 tls13_HandleServerHelloPart2 call site: 08670 /src/nss/out/Debug/../../lib/ssl/tls13con.c:3401
17472 36030 18 :

['PR_WaitCondVar', 'PR_NotifyAllCondVar', 'PR_GetCurrentThread', 'nssToken_Remove', 'nssToken_Destroy', 'PK11_InitToken', 'nssToken_GetDefaultSession', 'PR_Unlock', 'nssToken_NotifyCertsNotVisible', 'PK11Slot_GetNSSToken', 'PR_Lock', 'nssTrustDomain_UpdateCachedTokenCerts', 'nssSession_EnterMonitor', 'nssSession_ExitMonitor', 'PK11_GetSlotInfo', 'PR_IntervalNow', 'token_status_checked', 'nssToken_Refresh']

17472 36030 nssSlot_IsTokenPresent call site: 00843 /src/nss/out/Debug/../../lib/dev/devslot.c:130
16664 16664 1 :

['sftk_CreateNewSlot']

16664 17628 NSC_CreateObject call site: 00000 /src/nss/out/Debug/../../lib/softoken/pkcs11.c:4842
11585 14580 7 :

['getpid', 'ssl_HashPostHandshakeMessage', 'PORT_SetError_Util', 'tls13_VerifyFinished', 'ssl_HashHandshakeMessage', 'tls13_ComputeHandshakeHashes', 'ssl_Trace']

11585 14580 tls13_CommonHandleFinished call site: 10422 /src/nss/out/Debug/../../lib/ssl/tls13con.c:5572
10275 18915 10 :

['getpid', 'tls13_SetHsState', 'PORT_SetError_Util', 'tls13_ShouldRequestClientAuth', 'dtls_ReceivedFirstMessageInFlight', 'tls13_FatalError', 'PR_Assert', 'tls13_SetCipherSpec', 'ssl_CipherSpecReleaseByEpoch', 'ssl_Trace']

10275 18915 tls13_HandleEndOfEarlyData call site: 09958 /src/nss/out/Debug/../../lib/ssl/tls13con.c:6894
9472 9472 1 :

['pk11_CopyToSlot']

14211 14221 PK11_SymKeysToSameSlot call site: 06906 /src/nss/out/Debug/../../lib/pk11wrap/pk11skey.c:1490
8356 18110 8 :

['ssl_TicketTimeValid', 'ssl_UncacheSessionID', 'ssl3_SetupCipherSuite', 'ssl_FreeSID', 'tls13_RecoverWrappedSharedSecret', 'PR_Assert', 'PORT_GetError_Util', 'SSL_AtomicIncrementLong']

16930 46400 tls13_SetupClientHello call site: 08329 /src/nss/out/Debug/../../lib/ssl/tls13con.c:572
8082 8082 1 :

['dtls_HandleHelloVerifyRequest']

8082 8082 ssl3_HandlePostHelloHandshakeMessage call site: 08775 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:12734

Runtime coverage analysis

Covered functions
1818
Functions that are reachable but not covered
869
Reachable functions
1951
Percentage of reachable functions covered
55.46%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/tls_client_target.cc 6
/src/nss/out/Debug/../../fuzz/shared.h 1
/src/nss/out/Debug/../../lib/nss/nssinit.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prinit.c 5
/src/nspr/Debug/pr/src/malloc/../../../../pr/src/malloc/prmem.c 11
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prlog.c 8
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/unix.c 5
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prtime.c 8
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prprf.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerror.c 5
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptthread.c 6
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptsynch.c 21
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/priometh.c 4
/src/nspr/Debug/pr/src/md/../../../../pr/src/md/prosdep.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prenv.c 4
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/linux.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/pratom.c 1
/src/nspr/Debug/pr/src/memory/../../../../pr/src/memory/prseg.c 1
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptmisc.c 2
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prtpd.c 5
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prlayer.c 6
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prinrval.c 6
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prcmon.c 2
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/unix_errors.c 2
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptio.c 12
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prfdcach.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prnetdb.c 9
/src/nspr/Debug/pr/src/linking/../../../../pr/src/linking/prlink.c 9
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prdtoa.c 1
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prmwait.c 1
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prrwlock.c 10
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerr.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerrortable.c 2
/src/nss/out/Debug/../../lib/certdb/certdb.c 27
/src/nss/out/Debug/../../lib/certdb/crl.c 1
/src/nss/out/Debug/../../lib/util/secport.c 26
/src/nspr/Debug/lib/ds/../../../lib/ds/plhash.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prlog2.c 1
/src/nss/out/Debug/../../lib/util/secitem.c 15
/src/nss/out/Debug/../../lib/certhigh/ocsp.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11load.c 6
/src/nss/out/Debug/../../lib/pk11wrap/pk11util.c 28
/src/nss/out/Debug/../../lib/pk11wrap/pk11list.c 6
/src/nss/out/Debug/../../lib/util/nssrwlk.c 7
/src/nss/out/Debug/../../lib/pk11wrap/pk11pars.c 34
/src/nss/out/Debug/../../lib/util/utilpars.c 40
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strcase.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11slot.c 66
/src/nspr/Debug/lib/ds/../../../lib/ds/plarena.c 7
/src/nss/out/Debug/../../lib/pk11wrap/pk11skey.c 63
/src/nss/out/Debug/../../lib/pk11wrap/pk11obj.c 34
/src/nss/out/Debug/../../lib/dev/devtoken.c 19
/src/nss/out/Debug/../../lib/dev/devslot.c 9
/src/nss/out/Debug/../../lib/pk11wrap/dev3hack.c 10
/src/nss/out/Debug/../../lib/pk11wrap/pk11err.c 1
/src/nss/out/Debug/../../lib/pki/tdcache.c 17
/src/nss/out/Debug/../../lib/base/arena.c 16
/src/nss/out/Debug/../../lib/base/error.c 6
/src/nss/out/Debug/../../lib/base/libc.c 3
/src/nss/out/Debug/../../lib/base/hash.c 10
/src/nss/out/Debug/../../lib/pki/pkibase.c 28
/src/nss/out/Debug/../../lib/dev/devutil.c 25
/src/nss/out/Debug/../../lib/base/tracker.c 6
/src/nss/out/Debug/../../lib/base/list.c 17
/src/nss/out/Debug/../../lib/pki/certificate.c 20
/src/nss/out/Debug/../../lib/pki/pki3hack.c 20
/src/nss/out/Debug/../../lib/util/quickder.c 13
/src/nss/out/Debug/../../lib/util/secasn1u.c 3
/src/nss/out/Debug/../../lib/certdb/certxutl.c 5
/src/nss/out/Debug/../../lib/util/secoid.c 16
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strpbrk.c 1
/src/nss/out/Debug/../../lib/certdb/alg1485.c 13
/src/nss/out/Debug/../../lib/certdb/secname.c 2
/src/nss/out/Debug/../../lib/util/utf8.c 4
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strlen.c 1
/src/nss/out/Debug/../../lib/certdb/certv3.c 5
/src/nss/out/Debug/../../lib/certdb/xconst.c 1
/src/nss/out/Debug/../../lib/certdb/genname.c 4
/src/nss/out/Debug/../../lib/pk11wrap/pk11cxt.c 20
/src/nss/out/Debug/../../lib/pk11wrap/pk11mech.c 10
/src/nss/out/Debug/../../lib/base/utf8.c 3
/src/nss/out/Debug/../../lib/pk11wrap/pk11auth.c 9
/src/nss/out/Debug/../../lib/dev/ckhelper.c 4
/src/nss/out/Debug/../../lib/pki/cryptocontext.c 5
/src/nss/out/Debug/../../lib/pki/pkistore.c 18
/src/nss/out/Debug/../../lib/pki/trustdomain.c 15
/src/nss/out/Debug/../../lib/cryptohi/sechash.c 9
/src/nss/out/Debug/../../lib/certdb/polcyxtn.c 3
/src/nss/out/Debug/../../lib/certdb/xbsconst.c 1
/src/nss/out/Debug/../../lib/util/dersubr.c 3
/src/nss/out/Debug/../../lib/certdb/stanpcertdb.c 4
/src/nss/out/Debug/../../lib/pki/certdecode.c 2
/src/nss/out/Debug/../../lib/util/errstrs.c 2
/src/nss/out/Debug/../../lib/nss/nssoptions.c 2
/src/nss/out/Debug/../../lib/pk11wrap/debug_module.c 1
/src/nss/out/Debug/../../lib/pk11wrap/pk11sdr.c 1
/src/nss/out/Debug/../../fuzz/tls_common.cc 5
/src/nss/out/Debug/../../lib/ssl/sslsock.c 52
/src/nss/out/Debug/../../fuzz/tls_client_config.cc 9
/src/nss/out/Debug/../../lib/freebl/det_rng.c 1
/src/nss/out/Debug/../../fuzz/tls_socket.h 1
/src/nss/out/Debug/../../cpputil/dummy_io.h 1
/src/nss/out/Debug/../../cpputil/dummy_io.cc 1
/src/nss/out/Debug/../../lib/ssl/sslinit.c 2
/src/nss/out/Debug/../../lib/ssl/sslerrstrs.c 2
/src/nss/out/Debug/../../lib/ssl/ssl3con.c 211
/src/nss/out/Debug/../../lib/ssl/sslspec.c 13
/src/nss/out/Debug/../../lib/ssl/ssltrace.c 3
/src/nss/out/Debug/../../lib/ssl/ssl3ext.c 28
/src/nss/out/Debug/../../lib/ssl/dtlscon.c 38
/src/nss/out/Debug/../../lib/ssl/sslsecur.c 12
/src/nss/out/Debug/../../lib/ssl/sslencode.c 25
/src/nss/out/Debug/../../lib/ssl/ssl3gthr.c 6
/src/nss/out/Debug/../../lib/ssl/ssl3exthandle.c 4
/src/nss/out/Debug/../../lib/ssl/tls13con.c 116
/src/nss/out/Debug/../../lib/ssl/tls13subcerts.c 11
/src/nss/out/Debug/../../lib/cryptohi/seckey.c 30
/src/nss/out/Debug/../../lib/ssl/tls13ech.c 31
/src/nss/out/Debug/../../lib/ssl/sslnonce.c 23
/src/nss/out/Debug/../../lib/certhigh/certhigh.c 6
/src/nss/out/Debug/../../lib/ssl/sslprimitive.c 3
/src/nss/out/Debug/../../lib/ssl/tls13psk.c 5
/src/nss/out/Debug/../../lib/pk11wrap/pk11hpke.c 24
/src/nss/out/Debug/../../lib/ssl/sslcert.c 8
/src/nss/out/Debug/../../lib/ssl/tls13replay.c 5
/src/nss/out/Debug/../../lib/ssl/sslbloom.c 6
/src/nss/out/Debug/../../lib/base/item.c 2
/src/nss/out/Debug/../../lib/ssl/ssldef.c 3
/src/nss/out/Debug/../../lib/ssl/sslauth.c 1
/src/nss/out/Debug/../../lib/ssl/sslsnce.c 28
/src/nss/out/Debug/../../lib/ssl/sslmutex.c 4
/src/nss/out/Debug/../../lib/ssl/unix_err.c 1
/src/nss/out/Debug/../../lib/ssl/dtls13con.c 19
/src/nss/out/Debug/../../lib/ssl/sslerr.c 1
/src/nss/out/Debug/../../lib/ssl/tls13hkdf.c 4
/src/nss/out/Debug/../../lib/pk11wrap/pk11kea.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11akey.c 14
/src/nss/out/Debug/../../lib/util/secasn1e.c 25
/src/nss/out/Debug/../../lib/ssl/sslgrp.c 5
/src/nss/out/Debug/../../lib/ssl/ssl3ecc.c 11
/src/nss/out/Debug/../../lib/pk11wrap/pk11cert.c 6
/src/nss/out/Debug/../../lib/util/secalgid.c 2
/src/nss/out/Debug/../../lib/cryptohi/secsign.c 2
/src/nss/out/Debug/../../lib/cryptohi/secvfy.c 16
/src/nss/out/Debug/../../lib/util/secdig.c 3
/src/nss/out/Debug/../../lib/util/derenc.c 4
/src/nss/out/Debug/../../lib/cryptohi/dsautil.c 6
/src/nss/out/Debug/../../lib/ssl/tls13exthandle.c 9
/src/nss/out/Debug/../../lib/ssl/tls13hashstate.c 2
/src/nss/out/Debug/../../lib/ssl/selfencrypt.c 5
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/praton.c 4
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/pripv6.c 3
/src/nss/out/Debug/../../lib/certhigh/certvfy.c 1
/src/nss/out/Debug/../../lib/util/pkcs1sig.c 2
/src/nss/out/Debug/../../lib/util/sectime.c 1
/src/nss/out/Debug/../../lib/util/dertime.c 3

Fuzzer: /src/nss/out/Debug/../../fuzz/mpi_submod_target.cc

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 32 15.2%
gold [1:9] 1 0.47%
yellow [10:29] 5 2.38%
greenyellow [30:49] 1 0.47%
lawngreen 50+ 171 81.4%
All colors 210 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
20580 92835 20 :

['SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'CERT_DestroyCertificate', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl3_HandleExtensions', 'tls13_IsPostHandshake', 'tls13_SendPostHandshakeCertificate', 'ssl_Trace', 'SECITEM_FreeItem_Util', 'CERT_DestroyCertificateList', 'SECKEY_DestroyPrivateKey', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PR_Assert', 'PORT_Free_Util', 'PK11_CloneContext', 'ssl3_ConsumeHandshakeVariable']

20580 92835 tls13_HandleCertificateRequest call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:3022
16674 123218 24 :

['SECKEY_ExtractPublicKey', 'PORT_SetError_Util', 'ssl_SignatureSchemeToAuthType', 'ssl_ConsumeSignatureScheme', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl_SetAuthKeyBits', 'tls13_IsVerifyingWithDelegatedCredential', 'PORT_GetError_Util', 'ssl_VerifySignedHashesWithPubKey', 'ssl_CheckSignatureSchemeConsistency', 'ssl_SignatureSchemeToHashType', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_ComputeHandshakeHashes', 'tls13_FatalError', 'SECKEY_DestroyPublicKey', 'tls13_AddContextToHashes', 'PR_Assert', 'ssl_HashHandshakeMessage', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'tls13_VerifyDelegatedCredential']

16674 123218 tls13_HandleCertificateVerify call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:5142
16664 16664 1 :

['sftk_CreateNewSlot']

16664 17628 NSC_CreateObject call site: 00000 /src/nss/out/Debug/../../lib/softoken/pkcs11.c:4842
16543 36030 18 :

['PR_WaitCondVar', 'PR_NotifyAllCondVar', 'PR_GetCurrentThread', 'nssToken_Remove', 'nssToken_Destroy', 'PK11_InitToken', 'nssToken_GetDefaultSession', 'PR_Unlock', 'nssToken_NotifyCertsNotVisible', 'PK11Slot_GetNSSToken', 'PR_Lock', 'nssTrustDomain_UpdateCachedTokenCerts', 'nssSession_EnterMonitor', 'nssSession_ExitMonitor', 'PK11_GetSlotInfo', 'PR_IntervalNow', 'token_status_checked', 'nssToken_Refresh']

16543 36030 nssSlot_IsTokenPresent call site: 00000 /src/nss/out/Debug/../../lib/dev/devslot.c:130
14748 88475 20 :

['ssl3_CleanupPeerCerts', 'SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'ssl_Time', 'dtls_ReceivedFirstMessageInFlight', 'SECITEM_CompareItem_Util', 'ssl_CipherSpecReleaseByEpoch', 'ssl3_HandleNoCertificate', 'SECKEY_UpdateCertPQG', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PORT_NewArena_Util', 'PR_Assert', 'tls13_HandleCertificateEntry', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'ssl3_AuthCertificate', 'PORT_ArenaAlloc_Util']

14748 88475 tls13_HandleCertificate call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:4058
13440 49820 18 :

['SECKEY_GetPublicKeyType', 'PK11_PubDeriveWithKDF', 'SECKEY_CreateECPrivateKey', 'PK11_FreeSymKey', 'SECKEY_PublicKeyStrengthInBits', 'PORT_SetError_Util', 'PK11_WrapSymKey', 'PK11_KeyGen', 'ssl_MapLowLevelError', 'ssl_GetWrappingKey', 'SECKEY_PublicKeyStrength', 'PK11_GetBestKeyLength', 'SECKEY_DestroyPrivateKey', 'PK11_PubWrapSymKey', 'ssl_UnwrapSymWrappingKey', 'SECKEY_DestroyPublicKey', 'ssl_SetWrappingKey', 'PR_Assert']

13440 50754 ssl3_GetWrappingKey call site: 00000 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:6049
11713 11713 2 :

['tls13_WriteServerEchSignal', 'tls13_WriteServerEchHrrSignal']

11713 11713 ssl_ConstructServerHello call site: 00000 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:10011
11366 15619 7 :

['tls13_ComputeEarlySecretsWithPsk', 'CERT_DupCertificate', 'tls13_RecoverWrappedSharedSecret', 'ssl_FindServerCert', 'tls13_RestoreCipherInfo', 'SECITEM_CompareItem_Util', 'ssl3_RegisterExtensionSender']

34068 135314 tls13_HandleClientHelloPart2 call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2253
11250 120798 25 :

['PK11_FreeSymKey', 'ssl_UncacheSessionID', 'SECITEM_CopyItem_Util', 'ssl3_ConsumeHandshakeNumber', 'ssl_Time', 'CERT_DupCertificate', 'PORT_SetError_Util', 'ssl_FreeSID', 'ssl_PrintBuf', 'tls13_HkdfExpandLabel', 'tls13_IsPostHandshake', 'ssl3_HandleExtensions', 'tls13_GetHash', 'ssl3_ConsumeHandshake', 'tls13_GetHashSize', 'ssl3_NewSessionID', 'getpid', 'ssl3_SetSIDSessionTicket', 'tls13_FatalError', 'PR_ntohl', 'PR_Assert', 'ssl3_FillInCachedSID', 'ssl_CacheSessionID', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable']

11250 120798 tls13_HandleNewSessionTicket call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:6149
10815 25482 10 :

['SECITEM_FreeItem_Util', 'PK11_ConcatSymKeys', 'PK11_FreeSymKey', 'getpid', 'tls13_HandleKEMKey', 'PORT_SetError_Util', 'tls13_FatalError', 'PR_Assert', 'PORT_GetError_Util', 'ssl_Trace']

10815 25482 tls13_HandleClientKeyShare call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2663
9446 9446 3 :

['VFY_Update', 'VFY_End', 'VFY_Begin']

9446 9446 vfy_SingleShot call site: 00000 /src/nss/out/Debug/../../lib/cryptohi/secvfy.c:955
8356 18110 8 :

['ssl_TicketTimeValid', 'ssl_UncacheSessionID', 'ssl3_SetupCipherSuite', 'ssl_FreeSID', 'tls13_RecoverWrappedSharedSecret', 'PR_Assert', 'PORT_GetError_Util', 'SSL_AtomicIncrementLong']

16930 46400 tls13_SetupClientHello call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:572

Runtime coverage analysis

Covered functions
2495
Functions that are reachable but not covered
15
Reachable functions
72
Percentage of reachable functions covered
79.17%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/mpi_submod_target.cc 1
/src/nss/out/Debug/../../lib/freebl/mpi/mpi.c 48
/src/nss/out/Debug/../../fuzz/mpi_helper.cc 4

Fuzzer: dtls-client

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 7345 68.6%
gold [1:9] 361 3.37%
yellow [10:29] 59 0.55%
greenyellow [30:49] 45 0.42%
lawngreen 50+ 2893 27.0%
All colors 10703 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
38038 64816 12 :

['PORT_ZFree_Util', 'PK11_SaveContextAlloc', 'PORT_SetError_Util', 'ssl_GetMacDefByAlg', 'ssl_MapLowLevelError', 'ssl_PrintBuf', 'PK11_DigestOp', 'PR_Assert', 'PK11_DigestBegin', 'PK11_DigestFinal', 'PK11_DigestKey', 'PK11_RestoreContext']

38038 64816 ssl3_ComputeHandshakeHashes call site: 07827 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:4856
16664 16664 1 :

['sftk_CreateNewSlot']

16664 17628 NSC_CreateObject call site: 00000 /src/nss/out/Debug/../../lib/softoken/pkcs11.c:4842
16543 36030 18 :

['PR_WaitCondVar', 'PR_NotifyAllCondVar', 'PR_GetCurrentThread', 'nssToken_Remove', 'nssToken_Destroy', 'PK11_InitToken', 'nssToken_GetDefaultSession', 'PR_Unlock', 'nssToken_NotifyCertsNotVisible', 'PK11Slot_GetNSSToken', 'PR_Lock', 'nssTrustDomain_UpdateCachedTokenCerts', 'nssSession_EnterMonitor', 'nssSession_ExitMonitor', 'PK11_GetSlotInfo', 'PR_IntervalNow', 'token_status_checked', 'nssToken_Refresh']

16543 36030 nssSlot_IsTokenPresent call site: 00843 /src/nss/out/Debug/../../lib/dev/devslot.c:130
9913 38570 16 :

['PK11_DeriveWithFlags', 'PK11_FreeSymKey', 'PK11_FreeSlot', 'PK11_GetBestSlot', 'PK11_KeyGen', 'strlen', 'PK11_GetKeyData', 'sslBuffer_AppendVariable', 'tls13_PadChInner', 'PR_Assert', 'ssl3_EmplaceExtension', 'sslBuffer_AppendNumber', 'sslBuffer_Clear', 'PK11_ExtractKeyValue', 'tls13_ConstructInnerExtensionsFromOuter', 'tls13_EncodeClientHelloInner']

9913 38570 tls13_MaybeGreaseEch call site: 08389 /src/nss/out/Debug/../../lib/ssl/tls13ech.c:2148
9491 9491 1 :

['tls13_HandlePostHelloHandshakeMessage']

9491 16984 ssl3_HandleHandshakeMessage call site: 08026 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:12681
9472 9472 1 :

['pk11_CopyToSlot']

14211 14221 PK11_SymKeysToSameSlot call site: 06904 /src/nss/out/Debug/../../lib/pk11wrap/pk11skey.c:1490
8210 8210 1 :

['tls13_HandleHelloRetryRequest']

8210 9154 ssl3_HandleServerHello call site: 08095 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:7226
7707 12395 9 :

['PR_EnterMonitor', 'getpid', 'PR_ExitMonitor', 'tls13_SendKeyUpdate', 'NSSRWLock_LockRead_Util', 'PR_Assert', 'PR_GetMonitorEntryCount', 'ssl_Trace', 'NSSRWLock_UnlockRead_Util']

7707 12395 tls13_CheckKeyUpdate call site: 00000 /src/nss/out/Debug/../../lib/ssl/sslsecur.c:789
7501 7506 3 :

['PR_Assert', 'tls13_RandomGreaseValue', 'ssl3_ExtensionAdvertised']

7501 7506 tls13_MaybeGreaseExtensionType call site: 05089 /src/nss/out/Debug/../../lib/ssl/tls13con.c:7175
7218 18034 10 :

['NSSUTIL_ArgGetParamValue', 'NSS_OptionSet', 'PR_SetEnv', 'SECOID_Init', 'NSSUTIL_ArgHasFlag', 'secmod_applyCryptoPolicy', 'NSS_OptionGet', 'PORT_Free_Util', 'secmod_sanityCheckCryptoPolicy', 'NSS_LockPolicy']

7218 18034 secmod_parseCryptoPolicy call site: 02530 /src/nss/out/Debug/../../lib/pk11wrap/pk11pars.c:865
6931 6931 1 :

['tls13_SetupClientHello']

40798 71932 ssl3_SendClientHello call site: 08227 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:5567
6721 6721 3 :

['dtls13_HandleOutOfEpochRecord', 'ssl_Trace', 'getpid']

14228 45936 ssl3_HandleRecord call site: 05774 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:13710

Runtime coverage analysis

Covered functions
1790
Functions that are reachable but not covered
883
Reachable functions
1951
Percentage of reachable functions covered
54.74%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/tls_client_target.cc 6
/src/nss/out/Debug/../../fuzz/shared.h 1
/src/nss/out/Debug/../../lib/nss/nssinit.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prinit.c 5
/src/nspr/Debug/pr/src/malloc/../../../../pr/src/malloc/prmem.c 11
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prlog.c 8
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/unix.c 5
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prtime.c 8
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prprf.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerror.c 5
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptthread.c 6
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptsynch.c 21
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/priometh.c 4
/src/nspr/Debug/pr/src/md/../../../../pr/src/md/prosdep.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prenv.c 4
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/linux.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/pratom.c 1
/src/nspr/Debug/pr/src/memory/../../../../pr/src/memory/prseg.c 1
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptmisc.c 2
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prtpd.c 5
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prlayer.c 6
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prinrval.c 6
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prcmon.c 2
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/unix_errors.c 2
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptio.c 12
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prfdcach.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prnetdb.c 9
/src/nspr/Debug/pr/src/linking/../../../../pr/src/linking/prlink.c 9
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prdtoa.c 1
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prmwait.c 1
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prrwlock.c 10
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerr.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerrortable.c 2
/src/nss/out/Debug/../../lib/certdb/certdb.c 27
/src/nss/out/Debug/../../lib/certdb/crl.c 1
/src/nss/out/Debug/../../lib/util/secport.c 26
/src/nspr/Debug/lib/ds/../../../lib/ds/plhash.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prlog2.c 1
/src/nss/out/Debug/../../lib/util/secitem.c 15
/src/nss/out/Debug/../../lib/certhigh/ocsp.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11load.c 6
/src/nss/out/Debug/../../lib/pk11wrap/pk11util.c 28
/src/nss/out/Debug/../../lib/pk11wrap/pk11list.c 6
/src/nss/out/Debug/../../lib/util/nssrwlk.c 7
/src/nss/out/Debug/../../lib/pk11wrap/pk11pars.c 34
/src/nss/out/Debug/../../lib/util/utilpars.c 40
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strcase.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11slot.c 66
/src/nspr/Debug/lib/ds/../../../lib/ds/plarena.c 7
/src/nss/out/Debug/../../lib/pk11wrap/pk11skey.c 63
/src/nss/out/Debug/../../lib/pk11wrap/pk11obj.c 34
/src/nss/out/Debug/../../lib/dev/devtoken.c 19
/src/nss/out/Debug/../../lib/dev/devslot.c 9
/src/nss/out/Debug/../../lib/pk11wrap/dev3hack.c 10
/src/nss/out/Debug/../../lib/pk11wrap/pk11err.c 1
/src/nss/out/Debug/../../lib/pki/tdcache.c 17
/src/nss/out/Debug/../../lib/base/arena.c 16
/src/nss/out/Debug/../../lib/base/error.c 6
/src/nss/out/Debug/../../lib/base/libc.c 3
/src/nss/out/Debug/../../lib/base/hash.c 10
/src/nss/out/Debug/../../lib/pki/pkibase.c 28
/src/nss/out/Debug/../../lib/dev/devutil.c 25
/src/nss/out/Debug/../../lib/base/tracker.c 6
/src/nss/out/Debug/../../lib/base/list.c 17
/src/nss/out/Debug/../../lib/pki/certificate.c 20
/src/nss/out/Debug/../../lib/pki/pki3hack.c 20
/src/nss/out/Debug/../../lib/util/quickder.c 13
/src/nss/out/Debug/../../lib/util/secasn1u.c 3
/src/nss/out/Debug/../../lib/certdb/certxutl.c 5
/src/nss/out/Debug/../../lib/util/secoid.c 16
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strpbrk.c 1
/src/nss/out/Debug/../../lib/certdb/alg1485.c 13
/src/nss/out/Debug/../../lib/certdb/secname.c 2
/src/nss/out/Debug/../../lib/util/utf8.c 4
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strlen.c 1
/src/nss/out/Debug/../../lib/certdb/certv3.c 5
/src/nss/out/Debug/../../lib/certdb/xconst.c 1
/src/nss/out/Debug/../../lib/certdb/genname.c 4
/src/nss/out/Debug/../../lib/pk11wrap/pk11cxt.c 20
/src/nss/out/Debug/../../lib/pk11wrap/pk11mech.c 10
/src/nss/out/Debug/../../lib/base/utf8.c 3
/src/nss/out/Debug/../../lib/pk11wrap/pk11auth.c 9
/src/nss/out/Debug/../../lib/dev/ckhelper.c 4
/src/nss/out/Debug/../../lib/pki/cryptocontext.c 5
/src/nss/out/Debug/../../lib/pki/pkistore.c 18
/src/nss/out/Debug/../../lib/pki/trustdomain.c 15
/src/nss/out/Debug/../../lib/cryptohi/sechash.c 9
/src/nss/out/Debug/../../lib/certdb/polcyxtn.c 3
/src/nss/out/Debug/../../lib/certdb/xbsconst.c 1
/src/nss/out/Debug/../../lib/util/dersubr.c 3
/src/nss/out/Debug/../../lib/certdb/stanpcertdb.c 4
/src/nss/out/Debug/../../lib/pki/certdecode.c 2
/src/nss/out/Debug/../../lib/util/errstrs.c 2
/src/nss/out/Debug/../../lib/nss/nssoptions.c 2
/src/nss/out/Debug/../../lib/pk11wrap/debug_module.c 1
/src/nss/out/Debug/../../lib/pk11wrap/pk11sdr.c 1
/src/nss/out/Debug/../../fuzz/tls_common.cc 5
/src/nss/out/Debug/../../lib/ssl/sslsock.c 52
/src/nss/out/Debug/../../fuzz/tls_client_config.cc 9
/src/nss/out/Debug/../../lib/freebl/det_rng.c 1
/src/nss/out/Debug/../../fuzz/tls_socket.h 1
/src/nss/out/Debug/../../cpputil/dummy_io.h 1
/src/nss/out/Debug/../../cpputil/dummy_io.cc 1
/src/nss/out/Debug/../../lib/ssl/sslinit.c 2
/src/nss/out/Debug/../../lib/ssl/sslerrstrs.c 2
/src/nss/out/Debug/../../lib/ssl/ssl3con.c 211
/src/nss/out/Debug/../../lib/ssl/sslspec.c 13
/src/nss/out/Debug/../../lib/ssl/ssltrace.c 3
/src/nss/out/Debug/../../lib/ssl/ssl3ext.c 28
/src/nss/out/Debug/../../lib/ssl/dtlscon.c 38
/src/nss/out/Debug/../../lib/ssl/sslsecur.c 12
/src/nss/out/Debug/../../lib/ssl/sslencode.c 25
/src/nss/out/Debug/../../lib/ssl/ssl3gthr.c 6
/src/nss/out/Debug/../../lib/ssl/ssl3exthandle.c 4
/src/nss/out/Debug/../../lib/ssl/tls13con.c 116
/src/nss/out/Debug/../../lib/ssl/tls13subcerts.c 11
/src/nss/out/Debug/../../lib/cryptohi/seckey.c 30
/src/nss/out/Debug/../../lib/ssl/tls13ech.c 31
/src/nss/out/Debug/../../lib/ssl/sslnonce.c 23
/src/nss/out/Debug/../../lib/certhigh/certhigh.c 6
/src/nss/out/Debug/../../lib/ssl/sslprimitive.c 3
/src/nss/out/Debug/../../lib/ssl/tls13psk.c 5
/src/nss/out/Debug/../../lib/pk11wrap/pk11hpke.c 24
/src/nss/out/Debug/../../lib/ssl/sslcert.c 8
/src/nss/out/Debug/../../lib/ssl/tls13replay.c 5
/src/nss/out/Debug/../../lib/ssl/sslbloom.c 6
/src/nss/out/Debug/../../lib/base/item.c 2
/src/nss/out/Debug/../../lib/ssl/ssldef.c 3
/src/nss/out/Debug/../../lib/ssl/sslauth.c 1
/src/nss/out/Debug/../../lib/ssl/sslsnce.c 28
/src/nss/out/Debug/../../lib/ssl/sslmutex.c 4
/src/nss/out/Debug/../../lib/ssl/unix_err.c 1
/src/nss/out/Debug/../../lib/ssl/dtls13con.c 19
/src/nss/out/Debug/../../lib/ssl/sslerr.c 1
/src/nss/out/Debug/../../lib/ssl/tls13hkdf.c 4
/src/nss/out/Debug/../../lib/pk11wrap/pk11kea.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11akey.c 14
/src/nss/out/Debug/../../lib/util/secasn1e.c 25
/src/nss/out/Debug/../../lib/ssl/sslgrp.c 5
/src/nss/out/Debug/../../lib/ssl/ssl3ecc.c 11
/src/nss/out/Debug/../../lib/pk11wrap/pk11cert.c 6
/src/nss/out/Debug/../../lib/util/secalgid.c 2
/src/nss/out/Debug/../../lib/cryptohi/secsign.c 2
/src/nss/out/Debug/../../lib/cryptohi/secvfy.c 16
/src/nss/out/Debug/../../lib/util/secdig.c 3
/src/nss/out/Debug/../../lib/util/derenc.c 4
/src/nss/out/Debug/../../lib/cryptohi/dsautil.c 6
/src/nss/out/Debug/../../lib/ssl/tls13exthandle.c 9
/src/nss/out/Debug/../../lib/ssl/tls13hashstate.c 2
/src/nss/out/Debug/../../lib/ssl/selfencrypt.c 5
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/praton.c 4
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/pripv6.c 3
/src/nss/out/Debug/../../lib/certhigh/certvfy.c 1
/src/nss/out/Debug/../../lib/util/pkcs1sig.c 2
/src/nss/out/Debug/../../lib/util/sectime.c 1
/src/nss/out/Debug/../../lib/util/dertime.c 3

Fuzzer: dtls-server-no_fuzzer_mode

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 7738 70.1%
gold [1:9] 1336 12.1%
yellow [10:29] 241 2.18%
greenyellow [30:49] 105 0.95%
lawngreen 50+ 1614 14.6%
All colors 11034 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
44730 54690 18 :

['PR_EnterMonitor', 'ssl3_SendNewSessionTicket', 'ssl3_HandshakeFailure', 'ssl3_SendNextProto', 'ssl3_FinishHandshake', 'PR_GetCurrentThread', 'ssl3_SendChangeCipherSpecs', 'PR_ExitMonitor', 'ssl3_IllegalParameter', 'ssl3_ExtensionNegotiated', 'ssl3_KEASupportsTickets', 'PR_Assert', 'ssl_HashHandshakeMessage', 'ssl3_SendFinished', 'ssl3_ComputeTLSFinished', 'NSS_SecureMemcmp', 'dtls_ReceivedFirstMessageInFlight', 'ssl3_ComputeHandshakeHashes']

44730 60234 ssl3_HandleFinished call site: 10006 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:12275
38038 64816 12 :

['PORT_ZFree_Util', 'PK11_SaveContextAlloc', 'PORT_SetError_Util', 'ssl_GetMacDefByAlg', 'ssl_MapLowLevelError', 'ssl_PrintBuf', 'PK11_DigestOp', 'PR_Assert', 'PK11_DigestBegin', 'PK11_DigestFinal', 'PK11_DigestKey', 'PK11_RestoreContext']

38038 64816 ssl3_ComputeHandshakeHashes call site: 08163 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:4856
16664 16664 1 :

['sftk_CreateNewSlot']

16664 17628 NSC_CreateObject call site: 00000 /src/nss/out/Debug/../../lib/softoken/pkcs11.c:4842
16543 36030 18 :

['PR_WaitCondVar', 'PR_NotifyAllCondVar', 'PR_GetCurrentThread', 'nssToken_Remove', 'nssToken_Destroy', 'PK11_InitToken', 'nssToken_GetDefaultSession', 'PR_Unlock', 'nssToken_NotifyCertsNotVisible', 'PK11Slot_GetNSSToken', 'PR_Lock', 'nssTrustDomain_UpdateCachedTokenCerts', 'nssSession_EnterMonitor', 'nssSession_ExitMonitor', 'PK11_GetSlotInfo', 'PR_IntervalNow', 'token_status_checked', 'nssToken_Refresh']

16543 36030 nssSlot_IsTokenPresent call site: 00844 /src/nss/out/Debug/../../lib/dev/devslot.c:130
16106 33352 12 :

['SECITEM_FreeItem_Util', 'ssl3_SendChangeCipherSpecs', 'SECITEM_CopyItem_Util', 'CERT_DupCertificate', 'ssl3_UnwrapMasterSecretServer', 'ssl3_SendServerHello', 'ssl_FindServerCert', 'PR_Assert', 'ssl3_InitPendingCipherSpecs', 'ssl3_FreeSniNameArray', 'ssl3_SendFinished', 'ssl_LookupNamedGroup']

16108 84872 ssl3_HandleClientHelloPart2 call site: 08107 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:9516
15059 34280 10 :

['ssl3_ComputeHandshakeHash', 'ssl_ConsumeSignatureScheme', 'PR_Assert', 'PORT_GetError_Util', 'ssl_HashHandshakeMessage', 'ssl3_VerifySignedHashes', 'ssl_SignatureSchemeToHashType', 'ssl_CheckSignatureSchemeConsistency', 'ssl3_ComputeHandshakeHashes', 'ssl3_ConsumeHandshakeVariable']

15059 41773 ssl3_HandleCertificateVerify call site: 09883 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:10526
11713 11713 2 :

['tls13_WriteServerEchSignal', 'tls13_WriteServerEchHrrSignal']

11713 11713 ssl_ConstructServerHello call site: 05355 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:10011
10256 45188 8 :

['PORT_SetError_Util', 'ssl3_ExtConsumeHandshakeVariable', 'ssl_PrintBuf', 'ssl3_ExtSendAlert', 'ssl3_ExtConsumeHandshakeNumber', 'PR_Assert', 'ssl3_ProcessSessionTicketCommon', 'SECITEM_CompareItem_Util']

10256 45188 tls13_ServerHandlePreSharedKeyXtn call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13exthandle.c:562
9491 9491 1 :

['tls13_HandlePostHelloHandshakeMessage']

9491 16984 ssl3_HandleHandshakeMessage call site: 08361 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:12681
9446 9446 3 :

['VFY_Update', 'VFY_End', 'VFY_Begin']

9446 9446 vfy_SingleShot call site: 00000 /src/nss/out/Debug/../../lib/cryptohi/secvfy.c:955
9440 12213 5 :

['PK11_GetBestSlotMultiple', 'PORT_SetError_Util', 'ssl3_Alg2Mech', 'NSSRWLock_HaveWriteLock_Util', 'PR_Assert']

9440 18338 ssl3_GenerateRSAPMS call site: 09734 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:10630
9113 9113 2 :

['findOIDinOIDSeqByTagNum', 'cert_IsIPsecOID']

10115 11965 cert_ComputeCertType call site: 02035 /src/nss/out/Debug/../../lib/certdb/certdb.c:508

Runtime coverage analysis

Covered functions
1956
Functions that are reachable but not covered
897
Reachable functions
2001
Percentage of reachable functions covered
55.17%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/tls_server_target.cc 4
/src/nss/out/Debug/../../fuzz/shared.h 1
/src/nss/out/Debug/../../lib/nss/nssinit.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prinit.c 5
/src/nspr/Debug/pr/src/malloc/../../../../pr/src/malloc/prmem.c 11
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prlog.c 8
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/unix.c 9
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prtime.c 8
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prprf.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerror.c 6
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptthread.c 6
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptsynch.c 21
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/priometh.c 6
/src/nspr/Debug/pr/src/md/../../../../pr/src/md/prosdep.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prenv.c 4
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/linux.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/pratom.c 1
/src/nspr/Debug/pr/src/memory/../../../../pr/src/memory/prseg.c 1
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptmisc.c 2
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prtpd.c 5
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prlayer.c 6
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prinrval.c 6
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prcmon.c 2
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/unix_errors.c 5
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptio.c 15
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prfdcach.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prnetdb.c 9
/src/nspr/Debug/pr/src/linking/../../../../pr/src/linking/prlink.c 9
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prdtoa.c 1
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prmwait.c 1
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prrwlock.c 10
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerr.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerrortable.c 2
/src/nss/out/Debug/../../lib/certdb/certdb.c 27
/src/nss/out/Debug/../../lib/certdb/crl.c 1
/src/nss/out/Debug/../../lib/util/secport.c 26
/src/nspr/Debug/lib/ds/../../../lib/ds/plhash.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prlog2.c 1
/src/nss/out/Debug/../../lib/util/secitem.c 15
/src/nss/out/Debug/../../lib/certhigh/ocsp.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11load.c 6
/src/nss/out/Debug/../../lib/pk11wrap/pk11util.c 28
/src/nss/out/Debug/../../lib/pk11wrap/pk11list.c 6
/src/nss/out/Debug/../../lib/util/nssrwlk.c 7
/src/nss/out/Debug/../../lib/pk11wrap/pk11pars.c 34
/src/nss/out/Debug/../../lib/util/utilpars.c 40
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strcase.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11slot.c 66
/src/nspr/Debug/lib/ds/../../../lib/ds/plarena.c 7
/src/nss/out/Debug/../../lib/pk11wrap/pk11skey.c 63
/src/nss/out/Debug/../../lib/pk11wrap/pk11obj.c 37
/src/nss/out/Debug/../../lib/dev/devtoken.c 19
/src/nss/out/Debug/../../lib/dev/devslot.c 9
/src/nss/out/Debug/../../lib/pk11wrap/dev3hack.c 10
/src/nss/out/Debug/../../lib/pk11wrap/pk11err.c 1
/src/nss/out/Debug/../../lib/pki/tdcache.c 17
/src/nss/out/Debug/../../lib/base/arena.c 16
/src/nss/out/Debug/../../lib/base/error.c 6
/src/nss/out/Debug/../../lib/base/libc.c 3
/src/nss/out/Debug/../../lib/base/hash.c 10
/src/nss/out/Debug/../../lib/pki/pkibase.c 28
/src/nss/out/Debug/../../lib/dev/devutil.c 25
/src/nss/out/Debug/../../lib/base/tracker.c 6
/src/nss/out/Debug/../../lib/base/list.c 17
/src/nss/out/Debug/../../lib/pki/certificate.c 20
/src/nss/out/Debug/../../lib/pki/pki3hack.c 20
/src/nss/out/Debug/../../lib/util/quickder.c 13
/src/nss/out/Debug/../../lib/util/secasn1u.c 3
/src/nss/out/Debug/../../lib/certdb/certxutl.c 5
/src/nss/out/Debug/../../lib/util/secoid.c 16
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strpbrk.c 1
/src/nss/out/Debug/../../lib/certdb/alg1485.c 13
/src/nss/out/Debug/../../lib/certdb/secname.c 2
/src/nss/out/Debug/../../lib/util/utf8.c 4
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strlen.c 1
/src/nss/out/Debug/../../lib/certdb/certv3.c 5
/src/nss/out/Debug/../../lib/certdb/xconst.c 1
/src/nss/out/Debug/../../lib/certdb/genname.c 4
/src/nss/out/Debug/../../lib/pk11wrap/pk11cxt.c 24
/src/nss/out/Debug/../../lib/pk11wrap/pk11mech.c 10
/src/nss/out/Debug/../../lib/base/utf8.c 3
/src/nss/out/Debug/../../lib/pk11wrap/pk11auth.c 9
/src/nss/out/Debug/../../lib/dev/ckhelper.c 4
/src/nss/out/Debug/../../lib/pki/cryptocontext.c 5
/src/nss/out/Debug/../../lib/pki/pkistore.c 18
/src/nss/out/Debug/../../lib/pki/trustdomain.c 15
/src/nss/out/Debug/../../lib/cryptohi/sechash.c 9
/src/nss/out/Debug/../../lib/certdb/polcyxtn.c 3
/src/nss/out/Debug/../../lib/certdb/xbsconst.c 1
/src/nss/out/Debug/../../lib/util/dersubr.c 3
/src/nss/out/Debug/../../lib/certdb/stanpcertdb.c 4
/src/nss/out/Debug/../../lib/pki/certdecode.c 2
/src/nss/out/Debug/../../lib/util/errstrs.c 2
/src/nss/out/Debug/../../lib/nss/nssoptions.c 2
/src/nss/out/Debug/../../lib/pk11wrap/debug_module.c 1
/src/nss/out/Debug/../../lib/pk11wrap/pk11sdr.c 1
/src/nss/out/Debug/../../lib/ssl/sslsnce.c 34
/src/nss/out/Debug/../../lib/ssl/sslnonce.c 23
/src/nss/out/Debug/../../lib/ssl/ssl3con.c 221
/src/nss/out/Debug/../../lib/ssl/sslerrstrs.c 2
/src/nspr/Debug/pr/src/memory/../../../../pr/src/memory/prshma.c 1
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/uxshm.c 1
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prmmap.c 4
/src/nss/out/Debug/../../lib/ssl/sslmutex.c 9
/src/nss/out/Debug/../../lib/ssl/unix_err.c 1
/src/nss/out/Debug/../../fuzz/tls_server_config.cc 8
/src/nss/out/Debug/../../lib/ssl/ssltrace.c 3
/src/nss/out/Debug/../../lib/freebl/det_rng.c 1
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/pripv6.c 4
/src/nss/out/Debug/../../lib/ssl/sslsock.c 47
/src/nss/out/Debug/../../lib/ssl/sslinit.c 2
/src/nss/out/Debug/../../lib/ssl/sslspec.c 13
/src/nss/out/Debug/../../lib/ssl/ssl3ext.c 28
/src/nss/out/Debug/../../lib/ssl/dtlscon.c 38
/src/nss/out/Debug/../../lib/ssl/sslsecur.c 10
/src/nss/out/Debug/../../lib/ssl/sslencode.c 25
/src/nss/out/Debug/../../lib/ssl/ssl3gthr.c 6
/src/nss/out/Debug/../../lib/ssl/ssl3exthandle.c 4
/src/nss/out/Debug/../../lib/ssl/tls13con.c 122
/src/nss/out/Debug/../../lib/ssl/tls13subcerts.c 11
/src/nss/out/Debug/../../lib/cryptohi/seckey.c 30
/src/nss/out/Debug/../../lib/ssl/tls13ech.c 31
/src/nss/out/Debug/../../lib/certhigh/certhigh.c 6
/src/nss/out/Debug/../../lib/ssl/sslprimitive.c 4
/src/nss/out/Debug/../../lib/ssl/tls13psk.c 5
/src/nss/out/Debug/../../lib/pk11wrap/pk11hpke.c 27
/src/nss/out/Debug/../../lib/ssl/sslcert.c 8
/src/nss/out/Debug/../../lib/ssl/tls13replay.c 5
/src/nss/out/Debug/../../lib/ssl/sslbloom.c 6
/src/nss/out/Debug/../../lib/base/item.c 2
/src/nss/out/Debug/../../lib/ssl/ssldef.c 3
/src/nss/out/Debug/../../fuzz/tls_socket.h 1
/src/nss/out/Debug/../../cpputil/dummy_io.h 1
/src/nss/out/Debug/../../cpputil/dummy_io.cc 1
/src/nss/out/Debug/../../fuzz/tls_common.cc 3
/src/nss/out/Debug/../../lib/ssl/dtls13con.c 20
/src/nss/out/Debug/../../lib/ssl/sslerr.c 1
/src/nss/out/Debug/../../lib/ssl/tls13hkdf.c 4
/src/nss/out/Debug/../../lib/pk11wrap/pk11kea.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11akey.c 14
/src/nss/out/Debug/../../lib/util/secasn1e.c 25
/src/nss/out/Debug/../../lib/ssl/sslgrp.c 5
/src/nss/out/Debug/../../lib/ssl/ssl3ecc.c 11
/src/nss/out/Debug/../../lib/pk11wrap/pk11cert.c 6
/src/nss/out/Debug/../../lib/util/secalgid.c 2
/src/nss/out/Debug/../../lib/cryptohi/secsign.c 2
/src/nss/out/Debug/../../lib/cryptohi/secvfy.c 16
/src/nss/out/Debug/../../lib/util/secdig.c 3
/src/nss/out/Debug/../../lib/util/derenc.c 4
/src/nss/out/Debug/../../lib/cryptohi/dsautil.c 6
/src/nss/out/Debug/../../lib/ssl/tls13exthandle.c 9
/src/nss/out/Debug/../../lib/ssl/tls13hashstate.c 2
/src/nss/out/Debug/../../lib/ssl/selfencrypt.c 6
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/praton.c 4
/src/nss/out/Debug/../../lib/certhigh/certvfy.c 1
/src/nss/out/Debug/../../lib/util/pkcs1sig.c 2
/src/nss/out/Debug/../../lib/util/sectime.c 1
/src/nss/out/Debug/../../lib/util/dertime.c 3

Fuzzer: /src/nss/out/Debug/../../fuzz/mpi_sub_target.cc

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 34 22.8%
gold [1:9] 0 0.0%
yellow [10:29] 1 0.67%
greenyellow [30:49] 0 0.0%
lawngreen 50+ 114 76.5%
All colors 149 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
20580 92835 20 :

['SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'CERT_DestroyCertificate', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl3_HandleExtensions', 'tls13_IsPostHandshake', 'tls13_SendPostHandshakeCertificate', 'ssl_Trace', 'SECITEM_FreeItem_Util', 'CERT_DestroyCertificateList', 'SECKEY_DestroyPrivateKey', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PR_Assert', 'PORT_Free_Util', 'PK11_CloneContext', 'ssl3_ConsumeHandshakeVariable']

20580 92835 tls13_HandleCertificateRequest call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:3022
16674 123218 24 :

['SECKEY_ExtractPublicKey', 'PORT_SetError_Util', 'ssl_SignatureSchemeToAuthType', 'ssl_ConsumeSignatureScheme', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl_SetAuthKeyBits', 'tls13_IsVerifyingWithDelegatedCredential', 'PORT_GetError_Util', 'ssl_VerifySignedHashesWithPubKey', 'ssl_CheckSignatureSchemeConsistency', 'ssl_SignatureSchemeToHashType', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_ComputeHandshakeHashes', 'tls13_FatalError', 'SECKEY_DestroyPublicKey', 'tls13_AddContextToHashes', 'PR_Assert', 'ssl_HashHandshakeMessage', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'tls13_VerifyDelegatedCredential']

16674 123218 tls13_HandleCertificateVerify call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:5142
16664 16664 1 :

['sftk_CreateNewSlot']

16664 17628 NSC_CreateObject call site: 00000 /src/nss/out/Debug/../../lib/softoken/pkcs11.c:4842
16543 36030 18 :

['PR_WaitCondVar', 'PR_NotifyAllCondVar', 'PR_GetCurrentThread', 'nssToken_Remove', 'nssToken_Destroy', 'PK11_InitToken', 'nssToken_GetDefaultSession', 'PR_Unlock', 'nssToken_NotifyCertsNotVisible', 'PK11Slot_GetNSSToken', 'PR_Lock', 'nssTrustDomain_UpdateCachedTokenCerts', 'nssSession_EnterMonitor', 'nssSession_ExitMonitor', 'PK11_GetSlotInfo', 'PR_IntervalNow', 'token_status_checked', 'nssToken_Refresh']

16543 36030 nssSlot_IsTokenPresent call site: 00000 /src/nss/out/Debug/../../lib/dev/devslot.c:130
14748 88475 20 :

['ssl3_CleanupPeerCerts', 'SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'ssl_Time', 'dtls_ReceivedFirstMessageInFlight', 'SECITEM_CompareItem_Util', 'ssl_CipherSpecReleaseByEpoch', 'ssl3_HandleNoCertificate', 'SECKEY_UpdateCertPQG', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PORT_NewArena_Util', 'PR_Assert', 'tls13_HandleCertificateEntry', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'ssl3_AuthCertificate', 'PORT_ArenaAlloc_Util']

14748 88475 tls13_HandleCertificate call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:4058
13440 49820 18 :

['SECKEY_GetPublicKeyType', 'PK11_PubDeriveWithKDF', 'SECKEY_CreateECPrivateKey', 'PK11_FreeSymKey', 'SECKEY_PublicKeyStrengthInBits', 'PORT_SetError_Util', 'PK11_WrapSymKey', 'PK11_KeyGen', 'ssl_MapLowLevelError', 'ssl_GetWrappingKey', 'SECKEY_PublicKeyStrength', 'PK11_GetBestKeyLength', 'SECKEY_DestroyPrivateKey', 'PK11_PubWrapSymKey', 'ssl_UnwrapSymWrappingKey', 'SECKEY_DestroyPublicKey', 'ssl_SetWrappingKey', 'PR_Assert']

13440 50754 ssl3_GetWrappingKey call site: 00000 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:6049
11713 11713 2 :

['tls13_WriteServerEchSignal', 'tls13_WriteServerEchHrrSignal']

11713 11713 ssl_ConstructServerHello call site: 00000 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:10011
11366 15619 7 :

['tls13_ComputeEarlySecretsWithPsk', 'CERT_DupCertificate', 'tls13_RecoverWrappedSharedSecret', 'ssl_FindServerCert', 'tls13_RestoreCipherInfo', 'SECITEM_CompareItem_Util', 'ssl3_RegisterExtensionSender']

34068 135314 tls13_HandleClientHelloPart2 call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2253
11250 120798 25 :

['PK11_FreeSymKey', 'ssl_UncacheSessionID', 'SECITEM_CopyItem_Util', 'ssl3_ConsumeHandshakeNumber', 'ssl_Time', 'CERT_DupCertificate', 'PORT_SetError_Util', 'ssl_FreeSID', 'ssl_PrintBuf', 'tls13_HkdfExpandLabel', 'tls13_IsPostHandshake', 'ssl3_HandleExtensions', 'tls13_GetHash', 'ssl3_ConsumeHandshake', 'tls13_GetHashSize', 'ssl3_NewSessionID', 'getpid', 'ssl3_SetSIDSessionTicket', 'tls13_FatalError', 'PR_ntohl', 'PR_Assert', 'ssl3_FillInCachedSID', 'ssl_CacheSessionID', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable']

11250 120798 tls13_HandleNewSessionTicket call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:6149
10815 25482 10 :

['SECITEM_FreeItem_Util', 'PK11_ConcatSymKeys', 'PK11_FreeSymKey', 'getpid', 'tls13_HandleKEMKey', 'PORT_SetError_Util', 'tls13_FatalError', 'PR_Assert', 'PORT_GetError_Util', 'ssl_Trace']

10815 25482 tls13_HandleClientKeyShare call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2663
9446 9446 3 :

['VFY_Update', 'VFY_End', 'VFY_Begin']

9446 9446 vfy_SingleShot call site: 00000 /src/nss/out/Debug/../../lib/cryptohi/secvfy.c:955
8356 18110 8 :

['ssl_TicketTimeValid', 'ssl_UncacheSessionID', 'ssl3_SetupCipherSuite', 'ssl_FreeSID', 'tls13_RecoverWrappedSharedSecret', 'PR_Assert', 'PORT_GetError_Util', 'SSL_AtomicIncrementLong']

16930 46400 tls13_SetupClientHello call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:572

Runtime coverage analysis

Covered functions
2495
Functions that are reachable but not covered
13
Reachable functions
61
Percentage of reachable functions covered
78.69%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/mpi_sub_target.cc 1
/src/nss/out/Debug/../../lib/freebl/mpi/mpi.c 41
/src/nss/out/Debug/../../fuzz/mpi_helper.cc 3

Fuzzer: /src/nss/out/Debug/../../fuzz/mpi_add_target.cc

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 34 22.8%
gold [1:9] 0 0.0%
yellow [10:29] 1 0.67%
greenyellow [30:49] 0 0.0%
lawngreen 50+ 114 76.5%
All colors 149 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
20580 92835 20 :

['SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'CERT_DestroyCertificate', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl3_HandleExtensions', 'tls13_IsPostHandshake', 'tls13_SendPostHandshakeCertificate', 'ssl_Trace', 'SECITEM_FreeItem_Util', 'CERT_DestroyCertificateList', 'SECKEY_DestroyPrivateKey', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PR_Assert', 'PORT_Free_Util', 'PK11_CloneContext', 'ssl3_ConsumeHandshakeVariable']

20580 92835 tls13_HandleCertificateRequest call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:3022
16674 123218 24 :

['SECKEY_ExtractPublicKey', 'PORT_SetError_Util', 'ssl_SignatureSchemeToAuthType', 'ssl_ConsumeSignatureScheme', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl_SetAuthKeyBits', 'tls13_IsVerifyingWithDelegatedCredential', 'PORT_GetError_Util', 'ssl_VerifySignedHashesWithPubKey', 'ssl_CheckSignatureSchemeConsistency', 'ssl_SignatureSchemeToHashType', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_ComputeHandshakeHashes', 'tls13_FatalError', 'SECKEY_DestroyPublicKey', 'tls13_AddContextToHashes', 'PR_Assert', 'ssl_HashHandshakeMessage', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'tls13_VerifyDelegatedCredential']

16674 123218 tls13_HandleCertificateVerify call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:5142
16664 16664 1 :

['sftk_CreateNewSlot']

16664 17628 NSC_CreateObject call site: 00000 /src/nss/out/Debug/../../lib/softoken/pkcs11.c:4842
16543 36030 18 :

['PR_WaitCondVar', 'PR_NotifyAllCondVar', 'PR_GetCurrentThread', 'nssToken_Remove', 'nssToken_Destroy', 'PK11_InitToken', 'nssToken_GetDefaultSession', 'PR_Unlock', 'nssToken_NotifyCertsNotVisible', 'PK11Slot_GetNSSToken', 'PR_Lock', 'nssTrustDomain_UpdateCachedTokenCerts', 'nssSession_EnterMonitor', 'nssSession_ExitMonitor', 'PK11_GetSlotInfo', 'PR_IntervalNow', 'token_status_checked', 'nssToken_Refresh']

16543 36030 nssSlot_IsTokenPresent call site: 00000 /src/nss/out/Debug/../../lib/dev/devslot.c:130
14748 88475 20 :

['ssl3_CleanupPeerCerts', 'SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'ssl_Time', 'dtls_ReceivedFirstMessageInFlight', 'SECITEM_CompareItem_Util', 'ssl_CipherSpecReleaseByEpoch', 'ssl3_HandleNoCertificate', 'SECKEY_UpdateCertPQG', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PORT_NewArena_Util', 'PR_Assert', 'tls13_HandleCertificateEntry', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'ssl3_AuthCertificate', 'PORT_ArenaAlloc_Util']

14748 88475 tls13_HandleCertificate call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:4058
13440 49820 18 :

['SECKEY_GetPublicKeyType', 'PK11_PubDeriveWithKDF', 'SECKEY_CreateECPrivateKey', 'PK11_FreeSymKey', 'SECKEY_PublicKeyStrengthInBits', 'PORT_SetError_Util', 'PK11_WrapSymKey', 'PK11_KeyGen', 'ssl_MapLowLevelError', 'ssl_GetWrappingKey', 'SECKEY_PublicKeyStrength', 'PK11_GetBestKeyLength', 'SECKEY_DestroyPrivateKey', 'PK11_PubWrapSymKey', 'ssl_UnwrapSymWrappingKey', 'SECKEY_DestroyPublicKey', 'ssl_SetWrappingKey', 'PR_Assert']

13440 50754 ssl3_GetWrappingKey call site: 00000 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:6049
11713 11713 2 :

['tls13_WriteServerEchSignal', 'tls13_WriteServerEchHrrSignal']

11713 11713 ssl_ConstructServerHello call site: 00000 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:10011
11366 15619 7 :

['tls13_ComputeEarlySecretsWithPsk', 'CERT_DupCertificate', 'tls13_RecoverWrappedSharedSecret', 'ssl_FindServerCert', 'tls13_RestoreCipherInfo', 'SECITEM_CompareItem_Util', 'ssl3_RegisterExtensionSender']

34068 135314 tls13_HandleClientHelloPart2 call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2253
11250 120798 25 :

['PK11_FreeSymKey', 'ssl_UncacheSessionID', 'SECITEM_CopyItem_Util', 'ssl3_ConsumeHandshakeNumber', 'ssl_Time', 'CERT_DupCertificate', 'PORT_SetError_Util', 'ssl_FreeSID', 'ssl_PrintBuf', 'tls13_HkdfExpandLabel', 'tls13_IsPostHandshake', 'ssl3_HandleExtensions', 'tls13_GetHash', 'ssl3_ConsumeHandshake', 'tls13_GetHashSize', 'ssl3_NewSessionID', 'getpid', 'ssl3_SetSIDSessionTicket', 'tls13_FatalError', 'PR_ntohl', 'PR_Assert', 'ssl3_FillInCachedSID', 'ssl_CacheSessionID', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable']

11250 120798 tls13_HandleNewSessionTicket call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:6149
10815 25482 10 :

['SECITEM_FreeItem_Util', 'PK11_ConcatSymKeys', 'PK11_FreeSymKey', 'getpid', 'tls13_HandleKEMKey', 'PORT_SetError_Util', 'tls13_FatalError', 'PR_Assert', 'PORT_GetError_Util', 'ssl_Trace']

10815 25482 tls13_HandleClientKeyShare call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2663
9446 9446 3 :

['VFY_Update', 'VFY_End', 'VFY_Begin']

9446 9446 vfy_SingleShot call site: 00000 /src/nss/out/Debug/../../lib/cryptohi/secvfy.c:955
8356 18110 8 :

['ssl_TicketTimeValid', 'ssl_UncacheSessionID', 'ssl3_SetupCipherSuite', 'ssl_FreeSID', 'tls13_RecoverWrappedSharedSecret', 'PR_Assert', 'PORT_GetError_Util', 'SSL_AtomicIncrementLong']

16930 46400 tls13_SetupClientHello call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:572

Runtime coverage analysis

Covered functions
2495
Functions that are reachable but not covered
13
Reachable functions
61
Percentage of reachable functions covered
78.69%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/mpi_add_target.cc 1
/src/nss/out/Debug/../../lib/freebl/mpi/mpi.c 41
/src/nss/out/Debug/../../fuzz/mpi_helper.cc 3

Fuzzer: /src/nss/out/Debug/../../fuzz/mpi_mod_target.cc

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 42 20.3%
gold [1:9] 1 0.48%
yellow [10:29] 4 1.94%
greenyellow [30:49] 2 0.97%
lawngreen 50+ 157 76.2%
All colors 206 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
20580 92835 20 :

['SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'CERT_DestroyCertificate', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl3_HandleExtensions', 'tls13_IsPostHandshake', 'tls13_SendPostHandshakeCertificate', 'ssl_Trace', 'SECITEM_FreeItem_Util', 'CERT_DestroyCertificateList', 'SECKEY_DestroyPrivateKey', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PR_Assert', 'PORT_Free_Util', 'PK11_CloneContext', 'ssl3_ConsumeHandshakeVariable']

20580 92835 tls13_HandleCertificateRequest call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:3022
16674 123218 24 :

['SECKEY_ExtractPublicKey', 'PORT_SetError_Util', 'ssl_SignatureSchemeToAuthType', 'ssl_ConsumeSignatureScheme', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl_SetAuthKeyBits', 'tls13_IsVerifyingWithDelegatedCredential', 'PORT_GetError_Util', 'ssl_VerifySignedHashesWithPubKey', 'ssl_CheckSignatureSchemeConsistency', 'ssl_SignatureSchemeToHashType', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_ComputeHandshakeHashes', 'tls13_FatalError', 'SECKEY_DestroyPublicKey', 'tls13_AddContextToHashes', 'PR_Assert', 'ssl_HashHandshakeMessage', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'tls13_VerifyDelegatedCredential']

16674 123218 tls13_HandleCertificateVerify call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:5142
16664 16664 1 :

['sftk_CreateNewSlot']

16664 17628 NSC_CreateObject call site: 00000 /src/nss/out/Debug/../../lib/softoken/pkcs11.c:4842
16543 36030 18 :

['PR_WaitCondVar', 'PR_NotifyAllCondVar', 'PR_GetCurrentThread', 'nssToken_Remove', 'nssToken_Destroy', 'PK11_InitToken', 'nssToken_GetDefaultSession', 'PR_Unlock', 'nssToken_NotifyCertsNotVisible', 'PK11Slot_GetNSSToken', 'PR_Lock', 'nssTrustDomain_UpdateCachedTokenCerts', 'nssSession_EnterMonitor', 'nssSession_ExitMonitor', 'PK11_GetSlotInfo', 'PR_IntervalNow', 'token_status_checked', 'nssToken_Refresh']

16543 36030 nssSlot_IsTokenPresent call site: 00000 /src/nss/out/Debug/../../lib/dev/devslot.c:130
14748 88475 20 :

['ssl3_CleanupPeerCerts', 'SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'ssl_Time', 'dtls_ReceivedFirstMessageInFlight', 'SECITEM_CompareItem_Util', 'ssl_CipherSpecReleaseByEpoch', 'ssl3_HandleNoCertificate', 'SECKEY_UpdateCertPQG', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PORT_NewArena_Util', 'PR_Assert', 'tls13_HandleCertificateEntry', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'ssl3_AuthCertificate', 'PORT_ArenaAlloc_Util']

14748 88475 tls13_HandleCertificate call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:4058
13440 49820 18 :

['SECKEY_GetPublicKeyType', 'PK11_PubDeriveWithKDF', 'SECKEY_CreateECPrivateKey', 'PK11_FreeSymKey', 'SECKEY_PublicKeyStrengthInBits', 'PORT_SetError_Util', 'PK11_WrapSymKey', 'PK11_KeyGen', 'ssl_MapLowLevelError', 'ssl_GetWrappingKey', 'SECKEY_PublicKeyStrength', 'PK11_GetBestKeyLength', 'SECKEY_DestroyPrivateKey', 'PK11_PubWrapSymKey', 'ssl_UnwrapSymWrappingKey', 'SECKEY_DestroyPublicKey', 'ssl_SetWrappingKey', 'PR_Assert']

13440 50754 ssl3_GetWrappingKey call site: 00000 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:6049
11713 11713 2 :

['tls13_WriteServerEchSignal', 'tls13_WriteServerEchHrrSignal']

11713 11713 ssl_ConstructServerHello call site: 00000 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:10011
11366 15619 7 :

['tls13_ComputeEarlySecretsWithPsk', 'CERT_DupCertificate', 'tls13_RecoverWrappedSharedSecret', 'ssl_FindServerCert', 'tls13_RestoreCipherInfo', 'SECITEM_CompareItem_Util', 'ssl3_RegisterExtensionSender']

34068 135314 tls13_HandleClientHelloPart2 call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2253
11250 120798 25 :

['PK11_FreeSymKey', 'ssl_UncacheSessionID', 'SECITEM_CopyItem_Util', 'ssl3_ConsumeHandshakeNumber', 'ssl_Time', 'CERT_DupCertificate', 'PORT_SetError_Util', 'ssl_FreeSID', 'ssl_PrintBuf', 'tls13_HkdfExpandLabel', 'tls13_IsPostHandshake', 'ssl3_HandleExtensions', 'tls13_GetHash', 'ssl3_ConsumeHandshake', 'tls13_GetHashSize', 'ssl3_NewSessionID', 'getpid', 'ssl3_SetSIDSessionTicket', 'tls13_FatalError', 'PR_ntohl', 'PR_Assert', 'ssl3_FillInCachedSID', 'ssl_CacheSessionID', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable']

11250 120798 tls13_HandleNewSessionTicket call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:6149
10815 25482 10 :

['SECITEM_FreeItem_Util', 'PK11_ConcatSymKeys', 'PK11_FreeSymKey', 'getpid', 'tls13_HandleKEMKey', 'PORT_SetError_Util', 'tls13_FatalError', 'PR_Assert', 'PORT_GetError_Util', 'ssl_Trace']

10815 25482 tls13_HandleClientKeyShare call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2663
9446 9446 3 :

['VFY_Update', 'VFY_End', 'VFY_Begin']

9446 9446 vfy_SingleShot call site: 00000 /src/nss/out/Debug/../../lib/cryptohi/secvfy.c:955
8356 18110 8 :

['ssl_TicketTimeValid', 'ssl_UncacheSessionID', 'ssl3_SetupCipherSuite', 'ssl_FreeSID', 'tls13_RecoverWrappedSharedSecret', 'PR_Assert', 'PORT_GetError_Util', 'SSL_AtomicIncrementLong']

16930 46400 tls13_SetupClientHello call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:572

Runtime coverage analysis

Covered functions
2495
Functions that are reachable but not covered
14
Reachable functions
75
Percentage of reachable functions covered
81.33%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/mpi_mod_target.cc 1
/src/nss/out/Debug/../../lib/freebl/mpi/mpi.c 48
/src/nss/out/Debug/../../fuzz/mpi_helper.cc 3
/src/nss/out/Debug/../../lib/freebl/mpi/mp_comba.c 4

Fuzzer: tls-server-no_fuzzer_mode

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 7221 65.4%
gold [1:9] 1383 12.5%
yellow [10:29] 261 2.36%
greenyellow [30:49] 65 0.58%
lawngreen 50+ 2106 19.0%
All colors 11036 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
40908 123218 24 :

['SECKEY_ExtractPublicKey', 'PORT_SetError_Util', 'ssl_SignatureSchemeToAuthType', 'ssl_ConsumeSignatureScheme', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl_SetAuthKeyBits', 'tls13_IsVerifyingWithDelegatedCredential', 'PORT_GetError_Util', 'ssl_VerifySignedHashesWithPubKey', 'ssl_CheckSignatureSchemeConsistency', 'ssl_SignatureSchemeToHashType', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_ComputeHandshakeHashes', 'tls13_FatalError', 'SECKEY_DestroyPublicKey', 'tls13_AddContextToHashes', 'PR_Assert', 'ssl_HashHandshakeMessage', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'tls13_VerifyDelegatedCredential']

40908 123218 tls13_HandleCertificateVerify call site: 10522 /src/nss/out/Debug/../../lib/ssl/tls13con.c:5142
40227 54690 18 :

['PR_EnterMonitor', 'ssl3_SendNewSessionTicket', 'ssl3_HandshakeFailure', 'ssl3_SendNextProto', 'ssl3_FinishHandshake', 'PR_GetCurrentThread', 'ssl3_SendChangeCipherSpecs', 'PR_ExitMonitor', 'ssl3_IllegalParameter', 'ssl3_ExtensionNegotiated', 'ssl3_KEASupportsTickets', 'PR_Assert', 'ssl_HashHandshakeMessage', 'ssl3_SendFinished', 'ssl3_ComputeTLSFinished', 'NSS_SecureMemcmp', 'dtls_ReceivedFirstMessageInFlight', 'ssl3_ComputeHandshakeHashes']

40227 60234 ssl3_HandleFinished call site: 10008 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:12275
38038 64816 12 :

['PORT_ZFree_Util', 'PK11_SaveContextAlloc', 'PORT_SetError_Util', 'ssl_GetMacDefByAlg', 'ssl_MapLowLevelError', 'ssl_PrintBuf', 'PK11_DigestOp', 'PR_Assert', 'PK11_DigestBegin', 'PK11_DigestFinal', 'PK11_DigestKey', 'PK11_RestoreContext']

38038 64816 ssl3_ComputeHandshakeHashes call site: 08165 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:4856
27886 48927 19 :

['PR_EnterMonitor', 'ssl3_FlushHandshake', 'PORT_SetError_Util', 'tls13_ShouldRequestClientAuth', 'tls13_SendKeyUpdate', 'tls13_SetCipherSpec', 'ssl_Trace', 'ssl_CipherSpecReleaseByEpoch', 'PK11_DestroyContext', 'tls13_ComputeFinalSecrets', 'getpid', 'tls13_SetHsState', 'PR_ExitMonitor', 'tls13_FinishHandshake', 'dtls_StartTimer', 'tls13_FatalError', 'tls13_SendNewSessionTicket', 'PR_Assert', 'dtls_ReceivedFirstMessageInFlight']

27886 48927 tls13_ServerHandleFinished call site: 10756 /src/nss/out/Debug/../../lib/ssl/tls13con.c:5645
26884 92835 20 :

['SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'CERT_DestroyCertificate', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl3_HandleExtensions', 'tls13_IsPostHandshake', 'tls13_SendPostHandshakeCertificate', 'ssl_Trace', 'SECITEM_FreeItem_Util', 'CERT_DestroyCertificateList', 'SECKEY_DestroyPrivateKey', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PR_Assert', 'PORT_Free_Util', 'PK11_CloneContext', 'ssl3_ConsumeHandshakeVariable']

26884 92835 tls13_HandleCertificateRequest call site: 10435 /src/nss/out/Debug/../../lib/ssl/tls13con.c:3022
25862 88475 20 :

['ssl3_CleanupPeerCerts', 'SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'ssl_Time', 'dtls_ReceivedFirstMessageInFlight', 'SECITEM_CompareItem_Util', 'ssl_CipherSpecReleaseByEpoch', 'ssl3_HandleNoCertificate', 'SECKEY_UpdateCertPQG', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PORT_NewArena_Util', 'PR_Assert', 'tls13_HandleCertificateEntry', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'ssl3_AuthCertificate', 'PORT_ArenaAlloc_Util']

25862 88475 tls13_HandleCertificate call site: 10284 /src/nss/out/Debug/../../lib/ssl/tls13con.c:4058
20980 120798 25 :

['PK11_FreeSymKey', 'ssl_UncacheSessionID', 'SECITEM_CopyItem_Util', 'ssl3_ConsumeHandshakeNumber', 'ssl_Time', 'CERT_DupCertificate', 'PORT_SetError_Util', 'ssl_FreeSID', 'ssl_PrintBuf', 'tls13_HkdfExpandLabel', 'tls13_IsPostHandshake', 'ssl3_HandleExtensions', 'tls13_GetHash', 'ssl3_ConsumeHandshake', 'tls13_GetHashSize', 'ssl3_NewSessionID', 'getpid', 'ssl3_SetSIDSessionTicket', 'tls13_FatalError', 'PR_ntohl', 'PR_Assert', 'ssl3_FillInCachedSID', 'ssl_CacheSessionID', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable']

20980 120798 tls13_HandleNewSessionTicket call site: 10689 /src/nss/out/Debug/../../lib/ssl/tls13con.c:6149
18432 50334 13 :

['SECITEM_FreeItem_Util', 'getpid', 'PORT_SetError_Util', 'tls13_OpenClientHelloInner', 'ssl3_MoveRemoteExtensions', 'tls13_UnencodeChInner', 'tls13_ServerMakeChOuterAAD', 'tls13_FatalError', 'tls13_GetMatchingEchConfigs', 'ssl_PrintBuf', 'NSS_SecureMemcmp', 'ssl3_RegisterExtensionSender', 'ssl_Trace']

18432 50334 tls13_MaybeAcceptEch call site: 06400 /src/nss/out/Debug/../../lib/ssl/tls13ech.c:2688
17472 36030 18 :

['PR_WaitCondVar', 'PR_NotifyAllCondVar', 'PR_GetCurrentThread', 'nssToken_Remove', 'nssToken_Destroy', 'PK11_InitToken', 'nssToken_GetDefaultSession', 'PR_Unlock', 'nssToken_NotifyCertsNotVisible', 'PK11Slot_GetNSSToken', 'PR_Lock', 'nssTrustDomain_UpdateCachedTokenCerts', 'nssSession_EnterMonitor', 'nssSession_ExitMonitor', 'PK11_GetSlotInfo', 'PR_IntervalNow', 'token_status_checked', 'nssToken_Refresh']

17472 36030 nssSlot_IsTokenPresent call site: 00844 /src/nss/out/Debug/../../lib/dev/devslot.c:130
16664 16664 1 :

['sftk_CreateNewSlot']

16664 17628 NSC_CreateObject call site: 00000 /src/nss/out/Debug/../../lib/softoken/pkcs11.c:4842
16106 33352 12 :

['SECITEM_FreeItem_Util', 'ssl3_SendChangeCipherSpecs', 'SECITEM_CopyItem_Util', 'CERT_DupCertificate', 'ssl3_UnwrapMasterSecretServer', 'ssl3_SendServerHello', 'ssl_FindServerCert', 'PR_Assert', 'ssl3_InitPendingCipherSpecs', 'ssl3_FreeSniNameArray', 'ssl3_SendFinished', 'ssl_LookupNamedGroup']

16108 84872 ssl3_HandleClientHelloPart2 call site: 08109 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:9516
15059 34280 10 :

['ssl3_ComputeHandshakeHash', 'ssl_ConsumeSignatureScheme', 'PR_Assert', 'PORT_GetError_Util', 'ssl_HashHandshakeMessage', 'ssl3_VerifySignedHashes', 'ssl_SignatureSchemeToHashType', 'ssl_CheckSignatureSchemeConsistency', 'ssl3_ComputeHandshakeHashes', 'ssl3_ConsumeHandshakeVariable']

15059 41773 ssl3_HandleCertificateVerify call site: 09885 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:10526

Runtime coverage analysis

Covered functions
2027
Functions that are reachable but not covered
846
Reachable functions
2001
Percentage of reachable functions covered
57.72%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/tls_server_target.cc 4
/src/nss/out/Debug/../../fuzz/shared.h 1
/src/nss/out/Debug/../../lib/nss/nssinit.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prinit.c 5
/src/nspr/Debug/pr/src/malloc/../../../../pr/src/malloc/prmem.c 11
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prlog.c 8
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/unix.c 9
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prtime.c 8
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prprf.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerror.c 6
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptthread.c 6
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptsynch.c 21
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/priometh.c 6
/src/nspr/Debug/pr/src/md/../../../../pr/src/md/prosdep.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prenv.c 4
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/linux.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/pratom.c 1
/src/nspr/Debug/pr/src/memory/../../../../pr/src/memory/prseg.c 1
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptmisc.c 2
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prtpd.c 5
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prlayer.c 6
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prinrval.c 6
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prcmon.c 2
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/unix_errors.c 5
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptio.c 15
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prfdcach.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prnetdb.c 9
/src/nspr/Debug/pr/src/linking/../../../../pr/src/linking/prlink.c 9
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prdtoa.c 1
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prmwait.c 1
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prrwlock.c 10
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerr.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerrortable.c 2
/src/nss/out/Debug/../../lib/certdb/certdb.c 27
/src/nss/out/Debug/../../lib/certdb/crl.c 1
/src/nss/out/Debug/../../lib/util/secport.c 26
/src/nspr/Debug/lib/ds/../../../lib/ds/plhash.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prlog2.c 1
/src/nss/out/Debug/../../lib/util/secitem.c 15
/src/nss/out/Debug/../../lib/certhigh/ocsp.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11load.c 6
/src/nss/out/Debug/../../lib/pk11wrap/pk11util.c 28
/src/nss/out/Debug/../../lib/pk11wrap/pk11list.c 6
/src/nss/out/Debug/../../lib/util/nssrwlk.c 7
/src/nss/out/Debug/../../lib/pk11wrap/pk11pars.c 34
/src/nss/out/Debug/../../lib/util/utilpars.c 40
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strcase.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11slot.c 66
/src/nspr/Debug/lib/ds/../../../lib/ds/plarena.c 7
/src/nss/out/Debug/../../lib/pk11wrap/pk11skey.c 63
/src/nss/out/Debug/../../lib/pk11wrap/pk11obj.c 37
/src/nss/out/Debug/../../lib/dev/devtoken.c 19
/src/nss/out/Debug/../../lib/dev/devslot.c 9
/src/nss/out/Debug/../../lib/pk11wrap/dev3hack.c 10
/src/nss/out/Debug/../../lib/pk11wrap/pk11err.c 1
/src/nss/out/Debug/../../lib/pki/tdcache.c 17
/src/nss/out/Debug/../../lib/base/arena.c 16
/src/nss/out/Debug/../../lib/base/error.c 6
/src/nss/out/Debug/../../lib/base/libc.c 3
/src/nss/out/Debug/../../lib/base/hash.c 10
/src/nss/out/Debug/../../lib/pki/pkibase.c 28
/src/nss/out/Debug/../../lib/dev/devutil.c 25
/src/nss/out/Debug/../../lib/base/tracker.c 6
/src/nss/out/Debug/../../lib/base/list.c 17
/src/nss/out/Debug/../../lib/pki/certificate.c 20
/src/nss/out/Debug/../../lib/pki/pki3hack.c 20
/src/nss/out/Debug/../../lib/util/quickder.c 13
/src/nss/out/Debug/../../lib/util/secasn1u.c 3
/src/nss/out/Debug/../../lib/certdb/certxutl.c 5
/src/nss/out/Debug/../../lib/util/secoid.c 16
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strpbrk.c 1
/src/nss/out/Debug/../../lib/certdb/alg1485.c 13
/src/nss/out/Debug/../../lib/certdb/secname.c 2
/src/nss/out/Debug/../../lib/util/utf8.c 4
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strlen.c 1
/src/nss/out/Debug/../../lib/certdb/certv3.c 5
/src/nss/out/Debug/../../lib/certdb/xconst.c 1
/src/nss/out/Debug/../../lib/certdb/genname.c 4
/src/nss/out/Debug/../../lib/pk11wrap/pk11cxt.c 24
/src/nss/out/Debug/../../lib/pk11wrap/pk11mech.c 10
/src/nss/out/Debug/../../lib/base/utf8.c 3
/src/nss/out/Debug/../../lib/pk11wrap/pk11auth.c 9
/src/nss/out/Debug/../../lib/dev/ckhelper.c 4
/src/nss/out/Debug/../../lib/pki/cryptocontext.c 5
/src/nss/out/Debug/../../lib/pki/pkistore.c 18
/src/nss/out/Debug/../../lib/pki/trustdomain.c 15
/src/nss/out/Debug/../../lib/cryptohi/sechash.c 9
/src/nss/out/Debug/../../lib/certdb/polcyxtn.c 3
/src/nss/out/Debug/../../lib/certdb/xbsconst.c 1
/src/nss/out/Debug/../../lib/util/dersubr.c 3
/src/nss/out/Debug/../../lib/certdb/stanpcertdb.c 4
/src/nss/out/Debug/../../lib/pki/certdecode.c 2
/src/nss/out/Debug/../../lib/util/errstrs.c 2
/src/nss/out/Debug/../../lib/nss/nssoptions.c 2
/src/nss/out/Debug/../../lib/pk11wrap/debug_module.c 1
/src/nss/out/Debug/../../lib/pk11wrap/pk11sdr.c 1
/src/nss/out/Debug/../../lib/ssl/sslsnce.c 34
/src/nss/out/Debug/../../lib/ssl/sslnonce.c 23
/src/nss/out/Debug/../../lib/ssl/ssl3con.c 221
/src/nss/out/Debug/../../lib/ssl/sslerrstrs.c 2
/src/nspr/Debug/pr/src/memory/../../../../pr/src/memory/prshma.c 1
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/uxshm.c 1
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prmmap.c 4
/src/nss/out/Debug/../../lib/ssl/sslmutex.c 9
/src/nss/out/Debug/../../lib/ssl/unix_err.c 1
/src/nss/out/Debug/../../fuzz/tls_server_config.cc 8
/src/nss/out/Debug/../../lib/ssl/ssltrace.c 3
/src/nss/out/Debug/../../lib/freebl/det_rng.c 1
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/pripv6.c 4
/src/nss/out/Debug/../../lib/ssl/sslsock.c 47
/src/nss/out/Debug/../../lib/ssl/sslinit.c 2
/src/nss/out/Debug/../../lib/ssl/sslspec.c 13
/src/nss/out/Debug/../../lib/ssl/ssl3ext.c 28
/src/nss/out/Debug/../../lib/ssl/dtlscon.c 38
/src/nss/out/Debug/../../lib/ssl/sslsecur.c 10
/src/nss/out/Debug/../../lib/ssl/sslencode.c 25
/src/nss/out/Debug/../../lib/ssl/ssl3gthr.c 6
/src/nss/out/Debug/../../lib/ssl/ssl3exthandle.c 4
/src/nss/out/Debug/../../lib/ssl/tls13con.c 122
/src/nss/out/Debug/../../lib/ssl/tls13subcerts.c 11
/src/nss/out/Debug/../../lib/cryptohi/seckey.c 30
/src/nss/out/Debug/../../lib/ssl/tls13ech.c 31
/src/nss/out/Debug/../../lib/certhigh/certhigh.c 6
/src/nss/out/Debug/../../lib/ssl/sslprimitive.c 4
/src/nss/out/Debug/../../lib/ssl/tls13psk.c 5
/src/nss/out/Debug/../../lib/pk11wrap/pk11hpke.c 27
/src/nss/out/Debug/../../lib/ssl/sslcert.c 8
/src/nss/out/Debug/../../lib/ssl/tls13replay.c 5
/src/nss/out/Debug/../../lib/ssl/sslbloom.c 6
/src/nss/out/Debug/../../lib/base/item.c 2
/src/nss/out/Debug/../../lib/ssl/ssldef.c 3
/src/nss/out/Debug/../../fuzz/tls_socket.h 1
/src/nss/out/Debug/../../cpputil/dummy_io.h 1
/src/nss/out/Debug/../../cpputil/dummy_io.cc 1
/src/nss/out/Debug/../../fuzz/tls_common.cc 3
/src/nss/out/Debug/../../lib/ssl/dtls13con.c 20
/src/nss/out/Debug/../../lib/ssl/sslerr.c 1
/src/nss/out/Debug/../../lib/ssl/tls13hkdf.c 4
/src/nss/out/Debug/../../lib/pk11wrap/pk11kea.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11akey.c 14
/src/nss/out/Debug/../../lib/util/secasn1e.c 25
/src/nss/out/Debug/../../lib/ssl/sslgrp.c 5
/src/nss/out/Debug/../../lib/ssl/ssl3ecc.c 11
/src/nss/out/Debug/../../lib/pk11wrap/pk11cert.c 6
/src/nss/out/Debug/../../lib/util/secalgid.c 2
/src/nss/out/Debug/../../lib/cryptohi/secsign.c 2
/src/nss/out/Debug/../../lib/cryptohi/secvfy.c 16
/src/nss/out/Debug/../../lib/util/secdig.c 3
/src/nss/out/Debug/../../lib/util/derenc.c 4
/src/nss/out/Debug/../../lib/cryptohi/dsautil.c 6
/src/nss/out/Debug/../../lib/ssl/tls13exthandle.c 9
/src/nss/out/Debug/../../lib/ssl/tls13hashstate.c 2
/src/nss/out/Debug/../../lib/ssl/selfencrypt.c 6
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/praton.c 4
/src/nss/out/Debug/../../lib/certhigh/certvfy.c 1
/src/nss/out/Debug/../../lib/util/pkcs1sig.c 2
/src/nss/out/Debug/../../lib/util/sectime.c 1
/src/nss/out/Debug/../../lib/util/dertime.c 3

Fuzzer: tls-server

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 6681 61.9%
gold [1:9] 1397 12.9%
yellow [10:29] 472 4.37%
greenyellow [30:49] 141 1.30%
lawngreen 50+ 2094 19.4%
All colors 10785 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
40908 123218 24 :

['SECKEY_ExtractPublicKey', 'PORT_SetError_Util', 'ssl_SignatureSchemeToAuthType', 'ssl_ConsumeSignatureScheme', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl_SetAuthKeyBits', 'tls13_IsVerifyingWithDelegatedCredential', 'PORT_GetError_Util', 'ssl_VerifySignedHashesWithPubKey', 'ssl_CheckSignatureSchemeConsistency', 'ssl_SignatureSchemeToHashType', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_ComputeHandshakeHashes', 'tls13_FatalError', 'SECKEY_DestroyPublicKey', 'tls13_AddContextToHashes', 'PR_Assert', 'ssl_HashHandshakeMessage', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'tls13_VerifyDelegatedCredential']

40908 123218 tls13_HandleCertificateVerify call site: 10271 /src/nss/out/Debug/../../lib/ssl/tls13con.c:5142
38038 64816 12 :

['PORT_ZFree_Util', 'PK11_SaveContextAlloc', 'PORT_SetError_Util', 'ssl_GetMacDefByAlg', 'ssl_MapLowLevelError', 'ssl_PrintBuf', 'PK11_DigestOp', 'PR_Assert', 'PK11_DigestBegin', 'PK11_DigestFinal', 'PK11_DigestKey', 'PK11_RestoreContext']

38038 64816 ssl3_ComputeHandshakeHashes call site: 07922 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:4856
26884 92835 20 :

['SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'CERT_DestroyCertificate', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl3_HandleExtensions', 'tls13_IsPostHandshake', 'tls13_SendPostHandshakeCertificate', 'ssl_Trace', 'SECITEM_FreeItem_Util', 'CERT_DestroyCertificateList', 'SECKEY_DestroyPrivateKey', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PR_Assert', 'PORT_Free_Util', 'PK11_CloneContext', 'ssl3_ConsumeHandshakeVariable']

26884 92835 tls13_HandleCertificateRequest call site: 10184 /src/nss/out/Debug/../../lib/ssl/tls13con.c:3022
17472 36030 18 :

['PR_WaitCondVar', 'PR_NotifyAllCondVar', 'PR_GetCurrentThread', 'nssToken_Remove', 'nssToken_Destroy', 'PK11_InitToken', 'nssToken_GetDefaultSession', 'PR_Unlock', 'nssToken_NotifyCertsNotVisible', 'PK11Slot_GetNSSToken', 'PR_Lock', 'nssTrustDomain_UpdateCachedTokenCerts', 'nssSession_EnterMonitor', 'nssSession_ExitMonitor', 'PK11_GetSlotInfo', 'PR_IntervalNow', 'token_status_checked', 'nssToken_Refresh']

17472 36030 nssSlot_IsTokenPresent call site: 00844 /src/nss/out/Debug/../../lib/dev/devslot.c:130
16664 16664 1 :

['sftk_CreateNewSlot']

16664 17628 NSC_CreateObject call site: 00000 /src/nss/out/Debug/../../lib/softoken/pkcs11.c:4842
15059 34280 10 :

['ssl3_ComputeHandshakeHash', 'ssl_ConsumeSignatureScheme', 'PR_Assert', 'PORT_GetError_Util', 'ssl_HashHandshakeMessage', 'ssl3_VerifySignedHashes', 'ssl_SignatureSchemeToHashType', 'ssl_CheckSignatureSchemeConsistency', 'ssl3_ComputeHandshakeHashes', 'ssl3_ConsumeHandshakeVariable']

15059 41773 ssl3_HandleCertificateVerify call site: 09636 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:10526
13440 49820 18 :

['SECKEY_GetPublicKeyType', 'PK11_PubDeriveWithKDF', 'SECKEY_CreateECPrivateKey', 'PK11_FreeSymKey', 'SECKEY_PublicKeyStrengthInBits', 'PORT_SetError_Util', 'PK11_WrapSymKey', 'PK11_KeyGen', 'ssl_MapLowLevelError', 'ssl_GetWrappingKey', 'SECKEY_PublicKeyStrength', 'PK11_GetBestKeyLength', 'SECKEY_DestroyPrivateKey', 'PK11_PubWrapSymKey', 'ssl_UnwrapSymWrappingKey', 'SECKEY_DestroyPublicKey', 'ssl_SetWrappingKey', 'PR_Assert']

13440 50754 ssl3_GetWrappingKey call site: 07184 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:6049
11366 15619 7 :

['tls13_ComputeEarlySecretsWithPsk', 'CERT_DupCertificate', 'tls13_RecoverWrappedSharedSecret', 'ssl_FindServerCert', 'tls13_RestoreCipherInfo', 'SECITEM_CompareItem_Util', 'ssl3_RegisterExtensionSender']

34068 135314 tls13_HandleClientHelloPart2 call site: 07132 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2253
11250 120798 25 :

['PK11_FreeSymKey', 'ssl_UncacheSessionID', 'SECITEM_CopyItem_Util', 'ssl3_ConsumeHandshakeNumber', 'ssl_Time', 'CERT_DupCertificate', 'PORT_SetError_Util', 'ssl_FreeSID', 'ssl_PrintBuf', 'tls13_HkdfExpandLabel', 'tls13_IsPostHandshake', 'ssl3_HandleExtensions', 'tls13_GetHash', 'ssl3_ConsumeHandshake', 'tls13_GetHashSize', 'ssl3_NewSessionID', 'getpid', 'ssl3_SetSIDSessionTicket', 'tls13_FatalError', 'PR_ntohl', 'PR_Assert', 'ssl3_FillInCachedSID', 'ssl_CacheSessionID', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable']

11250 120798 tls13_HandleNewSessionTicket call site: 10438 /src/nss/out/Debug/../../lib/ssl/tls13con.c:6149
10815 25482 10 :

['SECITEM_FreeItem_Util', 'PK11_ConcatSymKeys', 'PK11_FreeSymKey', 'getpid', 'tls13_HandleKEMKey', 'PORT_SetError_Util', 'tls13_FatalError', 'PR_Assert', 'PORT_GetError_Util', 'ssl_Trace']

10815 25482 tls13_HandleClientKeyShare call site: 07457 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2663
9446 9446 3 :

['VFY_Update', 'VFY_End', 'VFY_Begin']

9446 9446 vfy_SingleShot call site: 00000 /src/nss/out/Debug/../../lib/cryptohi/secvfy.c:955
9113 9113 2 :

['findOIDinOIDSeqByTagNum', 'cert_IsIPsecOID']

10115 11965 cert_ComputeCertType call site: 02035 /src/nss/out/Debug/../../lib/certdb/certdb.c:508

Runtime coverage analysis

Covered functions
2080
Functions that are reachable but not covered
767
Reachable functions
1971
Percentage of reachable functions covered
61.09%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/tls_server_target.cc 4
/src/nss/out/Debug/../../fuzz/shared.h 1
/src/nss/out/Debug/../../lib/nss/nssinit.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prinit.c 5
/src/nspr/Debug/pr/src/malloc/../../../../pr/src/malloc/prmem.c 11
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prlog.c 8
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/unix.c 9
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prtime.c 8
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prprf.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerror.c 6
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptthread.c 6
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptsynch.c 21
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/priometh.c 6
/src/nspr/Debug/pr/src/md/../../../../pr/src/md/prosdep.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prenv.c 4
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/linux.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/pratom.c 1
/src/nspr/Debug/pr/src/memory/../../../../pr/src/memory/prseg.c 1
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptmisc.c 2
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prtpd.c 5
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prlayer.c 6
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prinrval.c 6
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prcmon.c 2
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/unix_errors.c 5
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptio.c 15
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prfdcach.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prnetdb.c 9
/src/nspr/Debug/pr/src/linking/../../../../pr/src/linking/prlink.c 9
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prdtoa.c 1
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prmwait.c 1
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prrwlock.c 10
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerr.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerrortable.c 2
/src/nss/out/Debug/../../lib/certdb/certdb.c 27
/src/nss/out/Debug/../../lib/certdb/crl.c 1
/src/nss/out/Debug/../../lib/util/secport.c 26
/src/nspr/Debug/lib/ds/../../../lib/ds/plhash.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prlog2.c 1
/src/nss/out/Debug/../../lib/util/secitem.c 15
/src/nss/out/Debug/../../lib/certhigh/ocsp.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11load.c 6
/src/nss/out/Debug/../../lib/pk11wrap/pk11util.c 28
/src/nss/out/Debug/../../lib/pk11wrap/pk11list.c 6
/src/nss/out/Debug/../../lib/util/nssrwlk.c 7
/src/nss/out/Debug/../../lib/pk11wrap/pk11pars.c 34
/src/nss/out/Debug/../../lib/util/utilpars.c 40
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strcase.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11slot.c 66
/src/nspr/Debug/lib/ds/../../../lib/ds/plarena.c 7
/src/nss/out/Debug/../../lib/pk11wrap/pk11skey.c 63
/src/nss/out/Debug/../../lib/pk11wrap/pk11obj.c 34
/src/nss/out/Debug/../../lib/dev/devtoken.c 19
/src/nss/out/Debug/../../lib/dev/devslot.c 9
/src/nss/out/Debug/../../lib/pk11wrap/dev3hack.c 10
/src/nss/out/Debug/../../lib/pk11wrap/pk11err.c 1
/src/nss/out/Debug/../../lib/pki/tdcache.c 17
/src/nss/out/Debug/../../lib/base/arena.c 16
/src/nss/out/Debug/../../lib/base/error.c 6
/src/nss/out/Debug/../../lib/base/libc.c 3
/src/nss/out/Debug/../../lib/base/hash.c 10
/src/nss/out/Debug/../../lib/pki/pkibase.c 28
/src/nss/out/Debug/../../lib/dev/devutil.c 25
/src/nss/out/Debug/../../lib/base/tracker.c 6
/src/nss/out/Debug/../../lib/base/list.c 17
/src/nss/out/Debug/../../lib/pki/certificate.c 20
/src/nss/out/Debug/../../lib/pki/pki3hack.c 20
/src/nss/out/Debug/../../lib/util/quickder.c 13
/src/nss/out/Debug/../../lib/util/secasn1u.c 3
/src/nss/out/Debug/../../lib/certdb/certxutl.c 5
/src/nss/out/Debug/../../lib/util/secoid.c 16
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strpbrk.c 1
/src/nss/out/Debug/../../lib/certdb/alg1485.c 13
/src/nss/out/Debug/../../lib/certdb/secname.c 2
/src/nss/out/Debug/../../lib/util/utf8.c 4
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strlen.c 1
/src/nss/out/Debug/../../lib/certdb/certv3.c 5
/src/nss/out/Debug/../../lib/certdb/xconst.c 1
/src/nss/out/Debug/../../lib/certdb/genname.c 4
/src/nss/out/Debug/../../lib/pk11wrap/pk11cxt.c 20
/src/nss/out/Debug/../../lib/pk11wrap/pk11mech.c 10
/src/nss/out/Debug/../../lib/base/utf8.c 3
/src/nss/out/Debug/../../lib/pk11wrap/pk11auth.c 9
/src/nss/out/Debug/../../lib/dev/ckhelper.c 4
/src/nss/out/Debug/../../lib/pki/cryptocontext.c 5
/src/nss/out/Debug/../../lib/pki/pkistore.c 18
/src/nss/out/Debug/../../lib/pki/trustdomain.c 15
/src/nss/out/Debug/../../lib/cryptohi/sechash.c 9
/src/nss/out/Debug/../../lib/certdb/polcyxtn.c 3
/src/nss/out/Debug/../../lib/certdb/xbsconst.c 1
/src/nss/out/Debug/../../lib/util/dersubr.c 3
/src/nss/out/Debug/../../lib/certdb/stanpcertdb.c 4
/src/nss/out/Debug/../../lib/pki/certdecode.c 2
/src/nss/out/Debug/../../lib/util/errstrs.c 2
/src/nss/out/Debug/../../lib/nss/nssoptions.c 2
/src/nss/out/Debug/../../lib/pk11wrap/debug_module.c 1
/src/nss/out/Debug/../../lib/pk11wrap/pk11sdr.c 1
/src/nss/out/Debug/../../lib/ssl/sslsnce.c 34
/src/nss/out/Debug/../../lib/ssl/sslnonce.c 23
/src/nss/out/Debug/../../lib/ssl/ssl3con.c 211
/src/nss/out/Debug/../../lib/ssl/sslerrstrs.c 2
/src/nspr/Debug/pr/src/memory/../../../../pr/src/memory/prshma.c 1
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/uxshm.c 1
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prmmap.c 4
/src/nss/out/Debug/../../lib/ssl/sslmutex.c 9
/src/nss/out/Debug/../../lib/ssl/unix_err.c 1
/src/nss/out/Debug/../../fuzz/tls_server_config.cc 8
/src/nss/out/Debug/../../lib/ssl/ssltrace.c 3
/src/nss/out/Debug/../../lib/freebl/det_rng.c 1
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/pripv6.c 4
/src/nss/out/Debug/../../lib/ssl/sslsock.c 47
/src/nss/out/Debug/../../lib/ssl/sslinit.c 2
/src/nss/out/Debug/../../lib/ssl/sslspec.c 13
/src/nss/out/Debug/../../lib/ssl/ssl3ext.c 28
/src/nss/out/Debug/../../lib/ssl/dtlscon.c 38
/src/nss/out/Debug/../../lib/ssl/sslsecur.c 10
/src/nss/out/Debug/../../lib/ssl/sslencode.c 25
/src/nss/out/Debug/../../lib/ssl/ssl3gthr.c 6
/src/nss/out/Debug/../../lib/ssl/ssl3exthandle.c 4
/src/nss/out/Debug/../../lib/ssl/tls13con.c 116
/src/nss/out/Debug/../../lib/ssl/tls13subcerts.c 11
/src/nss/out/Debug/../../lib/cryptohi/seckey.c 30
/src/nss/out/Debug/../../lib/ssl/tls13ech.c 31
/src/nss/out/Debug/../../lib/certhigh/certhigh.c 6
/src/nss/out/Debug/../../lib/ssl/sslprimitive.c 3
/src/nss/out/Debug/../../lib/ssl/tls13psk.c 5
/src/nss/out/Debug/../../lib/pk11wrap/pk11hpke.c 24
/src/nss/out/Debug/../../lib/ssl/sslcert.c 8
/src/nss/out/Debug/../../lib/ssl/tls13replay.c 5
/src/nss/out/Debug/../../lib/ssl/sslbloom.c 6
/src/nss/out/Debug/../../lib/base/item.c 2
/src/nss/out/Debug/../../lib/ssl/ssldef.c 3
/src/nss/out/Debug/../../fuzz/tls_socket.h 1
/src/nss/out/Debug/../../cpputil/dummy_io.h 1
/src/nss/out/Debug/../../cpputil/dummy_io.cc 1
/src/nss/out/Debug/../../fuzz/tls_common.cc 3
/src/nss/out/Debug/../../lib/ssl/dtls13con.c 19
/src/nss/out/Debug/../../lib/ssl/sslerr.c 1
/src/nss/out/Debug/../../lib/ssl/tls13hkdf.c 4
/src/nss/out/Debug/../../lib/pk11wrap/pk11kea.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11akey.c 14
/src/nss/out/Debug/../../lib/util/secasn1e.c 25
/src/nss/out/Debug/../../lib/ssl/sslgrp.c 5
/src/nss/out/Debug/../../lib/ssl/ssl3ecc.c 11
/src/nss/out/Debug/../../lib/pk11wrap/pk11cert.c 6
/src/nss/out/Debug/../../lib/util/secalgid.c 2
/src/nss/out/Debug/../../lib/cryptohi/secsign.c 2
/src/nss/out/Debug/../../lib/cryptohi/secvfy.c 16
/src/nss/out/Debug/../../lib/util/secdig.c 3
/src/nss/out/Debug/../../lib/util/derenc.c 4
/src/nss/out/Debug/../../lib/cryptohi/dsautil.c 6
/src/nss/out/Debug/../../lib/ssl/tls13exthandle.c 9
/src/nss/out/Debug/../../lib/ssl/tls13hashstate.c 2
/src/nss/out/Debug/../../lib/ssl/selfencrypt.c 5
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/praton.c 4
/src/nss/out/Debug/../../lib/certhigh/certvfy.c 1
/src/nss/out/Debug/../../lib/util/pkcs1sig.c 2
/src/nss/out/Debug/../../lib/util/sectime.c 1
/src/nss/out/Debug/../../lib/util/dertime.c 3

Fuzzer: /src/nss/out/Debug/../../fuzz/quickder_target.cc

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 273 46.3%
gold [1:9] 147 24.9%
yellow [10:29] 8 1.35%
greenyellow [30:49] 0 0.0%
lawngreen 50+ 161 27.3%
All colors 589 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
20580 92835 20 :

['SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'CERT_DestroyCertificate', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl3_HandleExtensions', 'tls13_IsPostHandshake', 'tls13_SendPostHandshakeCertificate', 'ssl_Trace', 'SECITEM_FreeItem_Util', 'CERT_DestroyCertificateList', 'SECKEY_DestroyPrivateKey', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PR_Assert', 'PORT_Free_Util', 'PK11_CloneContext', 'ssl3_ConsumeHandshakeVariable']

20580 92835 tls13_HandleCertificateRequest call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:3022
16674 123218 24 :

['SECKEY_ExtractPublicKey', 'PORT_SetError_Util', 'ssl_SignatureSchemeToAuthType', 'ssl_ConsumeSignatureScheme', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl_SetAuthKeyBits', 'tls13_IsVerifyingWithDelegatedCredential', 'PORT_GetError_Util', 'ssl_VerifySignedHashesWithPubKey', 'ssl_CheckSignatureSchemeConsistency', 'ssl_SignatureSchemeToHashType', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_ComputeHandshakeHashes', 'tls13_FatalError', 'SECKEY_DestroyPublicKey', 'tls13_AddContextToHashes', 'PR_Assert', 'ssl_HashHandshakeMessage', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'tls13_VerifyDelegatedCredential']

16674 123218 tls13_HandleCertificateVerify call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:5142
16664 16664 1 :

['sftk_CreateNewSlot']

16664 17628 NSC_CreateObject call site: 00000 /src/nss/out/Debug/../../lib/softoken/pkcs11.c:4842
16543 36030 18 :

['PR_WaitCondVar', 'PR_NotifyAllCondVar', 'PR_GetCurrentThread', 'nssToken_Remove', 'nssToken_Destroy', 'PK11_InitToken', 'nssToken_GetDefaultSession', 'PR_Unlock', 'nssToken_NotifyCertsNotVisible', 'PK11Slot_GetNSSToken', 'PR_Lock', 'nssTrustDomain_UpdateCachedTokenCerts', 'nssSession_EnterMonitor', 'nssSession_ExitMonitor', 'PK11_GetSlotInfo', 'PR_IntervalNow', 'token_status_checked', 'nssToken_Refresh']

16543 36030 nssSlot_IsTokenPresent call site: 00000 /src/nss/out/Debug/../../lib/dev/devslot.c:130
14748 88475 20 :

['ssl3_CleanupPeerCerts', 'SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'ssl_Time', 'dtls_ReceivedFirstMessageInFlight', 'SECITEM_CompareItem_Util', 'ssl_CipherSpecReleaseByEpoch', 'ssl3_HandleNoCertificate', 'SECKEY_UpdateCertPQG', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PORT_NewArena_Util', 'PR_Assert', 'tls13_HandleCertificateEntry', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'ssl3_AuthCertificate', 'PORT_ArenaAlloc_Util']

14748 88475 tls13_HandleCertificate call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:4058
13440 49820 18 :

['SECKEY_GetPublicKeyType', 'PK11_PubDeriveWithKDF', 'SECKEY_CreateECPrivateKey', 'PK11_FreeSymKey', 'SECKEY_PublicKeyStrengthInBits', 'PORT_SetError_Util', 'PK11_WrapSymKey', 'PK11_KeyGen', 'ssl_MapLowLevelError', 'ssl_GetWrappingKey', 'SECKEY_PublicKeyStrength', 'PK11_GetBestKeyLength', 'SECKEY_DestroyPrivateKey', 'PK11_PubWrapSymKey', 'ssl_UnwrapSymWrappingKey', 'SECKEY_DestroyPublicKey', 'ssl_SetWrappingKey', 'PR_Assert']

13440 50754 ssl3_GetWrappingKey call site: 00000 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:6049
11713 11713 2 :

['tls13_WriteServerEchSignal', 'tls13_WriteServerEchHrrSignal']

11713 11713 ssl_ConstructServerHello call site: 00000 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:10011
11366 15619 7 :

['tls13_ComputeEarlySecretsWithPsk', 'CERT_DupCertificate', 'tls13_RecoverWrappedSharedSecret', 'ssl_FindServerCert', 'tls13_RestoreCipherInfo', 'SECITEM_CompareItem_Util', 'ssl3_RegisterExtensionSender']

34068 135314 tls13_HandleClientHelloPart2 call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2253
11250 120798 25 :

['PK11_FreeSymKey', 'ssl_UncacheSessionID', 'SECITEM_CopyItem_Util', 'ssl3_ConsumeHandshakeNumber', 'ssl_Time', 'CERT_DupCertificate', 'PORT_SetError_Util', 'ssl_FreeSID', 'ssl_PrintBuf', 'tls13_HkdfExpandLabel', 'tls13_IsPostHandshake', 'ssl3_HandleExtensions', 'tls13_GetHash', 'ssl3_ConsumeHandshake', 'tls13_GetHashSize', 'ssl3_NewSessionID', 'getpid', 'ssl3_SetSIDSessionTicket', 'tls13_FatalError', 'PR_ntohl', 'PR_Assert', 'ssl3_FillInCachedSID', 'ssl_CacheSessionID', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable']

11250 120798 tls13_HandleNewSessionTicket call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:6149
10815 25482 10 :

['SECITEM_FreeItem_Util', 'PK11_ConcatSymKeys', 'PK11_FreeSymKey', 'getpid', 'tls13_HandleKEMKey', 'PORT_SetError_Util', 'tls13_FatalError', 'PR_Assert', 'PORT_GetError_Util', 'ssl_Trace']

10815 25482 tls13_HandleClientKeyShare call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2663
9446 9446 3 :

['VFY_Update', 'VFY_End', 'VFY_Begin']

9446 9446 vfy_SingleShot call site: 00000 /src/nss/out/Debug/../../lib/cryptohi/secvfy.c:955
8356 18110 8 :

['ssl_TicketTimeValid', 'ssl_UncacheSessionID', 'ssl3_SetupCipherSuite', 'ssl_FreeSID', 'tls13_RecoverWrappedSharedSecret', 'PR_Assert', 'PORT_GetError_Util', 'SSL_AtomicIncrementLong']

16930 46400 tls13_SetupClientHello call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:572

Runtime coverage analysis

Covered functions
2495
Functions that are reachable but not covered
75
Reachable functions
189
Percentage of reachable functions covered
60.32%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/quickder_target.cc 1
/src/nss/out/Debug/../../lib/util/secport.c 6
/src/nspr/Debug/lib/ds/../../../lib/ds/plarena.c 5
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prlog2.c 1
/src/nss/out/Debug/../../lib/util/quickder.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerror.c 4
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptthread.c 6
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prinit.c 4
/src/nspr/Debug/pr/src/malloc/../../../../pr/src/malloc/prmem.c 11
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prlog.c 8
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/unix.c 4
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prtime.c 5
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prprf.c 12
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptsynch.c 17
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/priometh.c 2
/src/nspr/Debug/pr/src/md/../../../../pr/src/md/prosdep.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prenv.c 3
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/linux.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/pratom.c 1
/src/nspr/Debug/pr/src/memory/../../../../pr/src/memory/prseg.c 1
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptmisc.c 2
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prtpd.c 3
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prlayer.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prinrval.c 4
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prcmon.c 2
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/unix_errors.c 2
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptio.c 11
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prfdcach.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prnetdb.c 1
/src/nspr/Debug/pr/src/linking/../../../../pr/src/linking/prlink.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prdtoa.c 1
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prmwait.c 1
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prrwlock.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerr.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerrortable.c 1
/src/nss/out/Debug/../../lib/util/secasn1u.c 1

Fuzzer: tls-client-no_fuzzer_mode

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 7297 66.6%
gold [1:9] 426 3.88%
yellow [10:29] 62 0.56%
greenyellow [30:49] 22 0.20%
lawngreen 50+ 3149 28.7%
All colors 10956 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
27324 92835 20 :

['SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'CERT_DestroyCertificate', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl3_HandleExtensions', 'tls13_IsPostHandshake', 'tls13_SendPostHandshakeCertificate', 'ssl_Trace', 'SECITEM_FreeItem_Util', 'CERT_DestroyCertificateList', 'SECKEY_DestroyPrivateKey', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PR_Assert', 'PORT_Free_Util', 'PK11_CloneContext', 'ssl3_ConsumeHandshakeVariable']

27324 92835 tls13_HandleCertificateRequest call site: 10351 /src/nss/out/Debug/../../lib/ssl/tls13con.c:3022
26723 120798 25 :

['PK11_FreeSymKey', 'ssl_UncacheSessionID', 'SECITEM_CopyItem_Util', 'ssl3_ConsumeHandshakeNumber', 'ssl_Time', 'CERT_DupCertificate', 'PORT_SetError_Util', 'ssl_FreeSID', 'ssl_PrintBuf', 'tls13_HkdfExpandLabel', 'tls13_IsPostHandshake', 'ssl3_HandleExtensions', 'tls13_GetHash', 'ssl3_ConsumeHandshake', 'tls13_GetHashSize', 'ssl3_NewSessionID', 'getpid', 'ssl3_SetSIDSessionTicket', 'tls13_FatalError', 'PR_ntohl', 'PR_Assert', 'ssl3_FillInCachedSID', 'ssl_CacheSessionID', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable']

26723 120798 tls13_HandleNewSessionTicket call site: 10605 /src/nss/out/Debug/../../lib/ssl/tls13con.c:6149
24621 54690 18 :

['PR_EnterMonitor', 'ssl3_SendNewSessionTicket', 'ssl3_HandshakeFailure', 'ssl3_SendNextProto', 'ssl3_FinishHandshake', 'PR_GetCurrentThread', 'ssl3_SendChangeCipherSpecs', 'PR_ExitMonitor', 'ssl3_IllegalParameter', 'ssl3_ExtensionNegotiated', 'ssl3_KEASupportsTickets', 'PR_Assert', 'ssl_HashHandshakeMessage', 'ssl3_SendFinished', 'ssl3_ComputeTLSFinished', 'NSS_SecureMemcmp', 'dtls_ReceivedFirstMessageInFlight', 'ssl3_ComputeHandshakeHashes']

24621 60234 ssl3_HandleFinished call site: 09924 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:12275
20531 123218 24 :

['SECKEY_ExtractPublicKey', 'PORT_SetError_Util', 'ssl_SignatureSchemeToAuthType', 'ssl_ConsumeSignatureScheme', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl_SetAuthKeyBits', 'tls13_IsVerifyingWithDelegatedCredential', 'PORT_GetError_Util', 'ssl_VerifySignedHashesWithPubKey', 'ssl_CheckSignatureSchemeConsistency', 'ssl_SignatureSchemeToHashType', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_ComputeHandshakeHashes', 'tls13_FatalError', 'SECKEY_DestroyPublicKey', 'tls13_AddContextToHashes', 'PR_Assert', 'ssl_HashHandshakeMessage', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'tls13_VerifyDelegatedCredential']

20531 123218 tls13_HandleCertificateVerify call site: 10438 /src/nss/out/Debug/../../lib/ssl/tls13con.c:5142
20405 88475 20 :

['ssl3_CleanupPeerCerts', 'SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'ssl_Time', 'dtls_ReceivedFirstMessageInFlight', 'SECITEM_CompareItem_Util', 'ssl_CipherSpecReleaseByEpoch', 'ssl3_HandleNoCertificate', 'SECKEY_UpdateCertPQG', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PORT_NewArena_Util', 'PR_Assert', 'tls13_HandleCertificateEntry', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'ssl3_AuthCertificate', 'PORT_ArenaAlloc_Util']

20405 88475 tls13_HandleCertificate call site: 10200 /src/nss/out/Debug/../../lib/ssl/tls13con.c:4058
17472 36030 18 :

['PR_WaitCondVar', 'PR_NotifyAllCondVar', 'PR_GetCurrentThread', 'nssToken_Remove', 'nssToken_Destroy', 'PK11_InitToken', 'nssToken_GetDefaultSession', 'PR_Unlock', 'nssToken_NotifyCertsNotVisible', 'PK11Slot_GetNSSToken', 'PR_Lock', 'nssTrustDomain_UpdateCachedTokenCerts', 'nssSession_EnterMonitor', 'nssSession_ExitMonitor', 'PK11_GetSlotInfo', 'PR_IntervalNow', 'token_status_checked', 'nssToken_Refresh']

17472 36030 nssSlot_IsTokenPresent call site: 00843 /src/nss/out/Debug/../../lib/dev/devslot.c:130
16664 16664 1 :

['sftk_CreateNewSlot']

16664 17628 NSC_CreateObject call site: 00000 /src/nss/out/Debug/../../lib/softoken/pkcs11.c:4842
8356 18110 8 :

['ssl_TicketTimeValid', 'ssl_UncacheSessionID', 'ssl3_SetupCipherSuite', 'ssl_FreeSID', 'tls13_RecoverWrappedSharedSecret', 'PR_Assert', 'PORT_GetError_Util', 'SSL_AtomicIncrementLong']

16930 46400 tls13_SetupClientHello call site: 08571 /src/nss/out/Debug/../../lib/ssl/tls13con.c:572
8082 8082 1 :

['dtls_HandleHelloVerifyRequest']

8082 8082 ssl3_HandlePostHelloHandshakeMessage call site: 09024 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:12734
7878 21616 9 :

['PK11_ConcatSymKeys', 'PK11_FreeSymKey', 'getpid', 'PORT_SetError_Util', 'tls13_FatalError', 'PR_Assert', 'PORT_GetError_Util', 'ssl_Trace', 'tls13_HandleKEMCiphertext']

7878 23692 tls13_HandleServerKeyShare call site: 08939 /src/nss/out/Debug/../../lib/ssl/tls13con.c:3510
7705 14580 7 :

['getpid', 'ssl_HashPostHandshakeMessage', 'PORT_SetError_Util', 'tls13_VerifyFinished', 'ssl_HashHandshakeMessage', 'tls13_ComputeHandshakeHashes', 'ssl_Trace']

7705 14580 tls13_CommonHandleFinished call site: 10673 /src/nss/out/Debug/../../lib/ssl/tls13con.c:5572
7501 7506 3 :

['PR_Assert', 'tls13_RandomGreaseValue', 'ssl3_ExtensionAdvertised']

7501 7506 tls13_MaybeGreaseExtensionType call site: 05229 /src/nss/out/Debug/../../lib/ssl/tls13con.c:7175

Runtime coverage analysis

Covered functions
1930
Functions that are reachable but not covered
863
Reachable functions
1981
Percentage of reachable functions covered
56.44%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/tls_client_target.cc 6
/src/nss/out/Debug/../../fuzz/shared.h 1
/src/nss/out/Debug/../../lib/nss/nssinit.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prinit.c 5
/src/nspr/Debug/pr/src/malloc/../../../../pr/src/malloc/prmem.c 11
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prlog.c 8
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/unix.c 5
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prtime.c 8
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prprf.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerror.c 5
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptthread.c 6
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptsynch.c 21
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/priometh.c 4
/src/nspr/Debug/pr/src/md/../../../../pr/src/md/prosdep.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prenv.c 4
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/linux.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/pratom.c 1
/src/nspr/Debug/pr/src/memory/../../../../pr/src/memory/prseg.c 1
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptmisc.c 2
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prtpd.c 5
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prlayer.c 6
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prinrval.c 6
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prcmon.c 2
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/unix_errors.c 2
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptio.c 12
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prfdcach.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prnetdb.c 9
/src/nspr/Debug/pr/src/linking/../../../../pr/src/linking/prlink.c 9
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prdtoa.c 1
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prmwait.c 1
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prrwlock.c 10
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerr.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerrortable.c 2
/src/nss/out/Debug/../../lib/certdb/certdb.c 27
/src/nss/out/Debug/../../lib/certdb/crl.c 1
/src/nss/out/Debug/../../lib/util/secport.c 26
/src/nspr/Debug/lib/ds/../../../lib/ds/plhash.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prlog2.c 1
/src/nss/out/Debug/../../lib/util/secitem.c 15
/src/nss/out/Debug/../../lib/certhigh/ocsp.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11load.c 6
/src/nss/out/Debug/../../lib/pk11wrap/pk11util.c 28
/src/nss/out/Debug/../../lib/pk11wrap/pk11list.c 6
/src/nss/out/Debug/../../lib/util/nssrwlk.c 7
/src/nss/out/Debug/../../lib/pk11wrap/pk11pars.c 34
/src/nss/out/Debug/../../lib/util/utilpars.c 40
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strcase.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11slot.c 66
/src/nspr/Debug/lib/ds/../../../lib/ds/plarena.c 7
/src/nss/out/Debug/../../lib/pk11wrap/pk11skey.c 63
/src/nss/out/Debug/../../lib/pk11wrap/pk11obj.c 37
/src/nss/out/Debug/../../lib/dev/devtoken.c 19
/src/nss/out/Debug/../../lib/dev/devslot.c 9
/src/nss/out/Debug/../../lib/pk11wrap/dev3hack.c 10
/src/nss/out/Debug/../../lib/pk11wrap/pk11err.c 1
/src/nss/out/Debug/../../lib/pki/tdcache.c 17
/src/nss/out/Debug/../../lib/base/arena.c 16
/src/nss/out/Debug/../../lib/base/error.c 6
/src/nss/out/Debug/../../lib/base/libc.c 3
/src/nss/out/Debug/../../lib/base/hash.c 10
/src/nss/out/Debug/../../lib/pki/pkibase.c 28
/src/nss/out/Debug/../../lib/dev/devutil.c 25
/src/nss/out/Debug/../../lib/base/tracker.c 6
/src/nss/out/Debug/../../lib/base/list.c 17
/src/nss/out/Debug/../../lib/pki/certificate.c 20
/src/nss/out/Debug/../../lib/pki/pki3hack.c 20
/src/nss/out/Debug/../../lib/util/quickder.c 13
/src/nss/out/Debug/../../lib/util/secasn1u.c 3
/src/nss/out/Debug/../../lib/certdb/certxutl.c 5
/src/nss/out/Debug/../../lib/util/secoid.c 16
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strpbrk.c 1
/src/nss/out/Debug/../../lib/certdb/alg1485.c 13
/src/nss/out/Debug/../../lib/certdb/secname.c 2
/src/nss/out/Debug/../../lib/util/utf8.c 4
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strlen.c 1
/src/nss/out/Debug/../../lib/certdb/certv3.c 5
/src/nss/out/Debug/../../lib/certdb/xconst.c 1
/src/nss/out/Debug/../../lib/certdb/genname.c 4
/src/nss/out/Debug/../../lib/pk11wrap/pk11cxt.c 24
/src/nss/out/Debug/../../lib/pk11wrap/pk11mech.c 10
/src/nss/out/Debug/../../lib/base/utf8.c 3
/src/nss/out/Debug/../../lib/pk11wrap/pk11auth.c 9
/src/nss/out/Debug/../../lib/dev/ckhelper.c 4
/src/nss/out/Debug/../../lib/pki/cryptocontext.c 5
/src/nss/out/Debug/../../lib/pki/pkistore.c 18
/src/nss/out/Debug/../../lib/pki/trustdomain.c 15
/src/nss/out/Debug/../../lib/cryptohi/sechash.c 9
/src/nss/out/Debug/../../lib/certdb/polcyxtn.c 3
/src/nss/out/Debug/../../lib/certdb/xbsconst.c 1
/src/nss/out/Debug/../../lib/util/dersubr.c 3
/src/nss/out/Debug/../../lib/certdb/stanpcertdb.c 4
/src/nss/out/Debug/../../lib/pki/certdecode.c 2
/src/nss/out/Debug/../../lib/util/errstrs.c 2
/src/nss/out/Debug/../../lib/nss/nssoptions.c 2
/src/nss/out/Debug/../../lib/pk11wrap/debug_module.c 1
/src/nss/out/Debug/../../lib/pk11wrap/pk11sdr.c 1
/src/nss/out/Debug/../../fuzz/tls_common.cc 5
/src/nss/out/Debug/../../lib/ssl/sslsock.c 52
/src/nss/out/Debug/../../fuzz/tls_client_config.cc 9
/src/nss/out/Debug/../../lib/freebl/det_rng.c 1
/src/nss/out/Debug/../../fuzz/tls_socket.h 1
/src/nss/out/Debug/../../cpputil/dummy_io.h 1
/src/nss/out/Debug/../../cpputil/dummy_io.cc 1
/src/nss/out/Debug/../../lib/ssl/sslinit.c 2
/src/nss/out/Debug/../../lib/ssl/sslerrstrs.c 2
/src/nss/out/Debug/../../lib/ssl/ssl3con.c 221
/src/nss/out/Debug/../../lib/ssl/sslspec.c 13
/src/nss/out/Debug/../../lib/ssl/ssltrace.c 3
/src/nss/out/Debug/../../lib/ssl/ssl3ext.c 28
/src/nss/out/Debug/../../lib/ssl/dtlscon.c 38
/src/nss/out/Debug/../../lib/ssl/sslsecur.c 12
/src/nss/out/Debug/../../lib/ssl/sslencode.c 25
/src/nss/out/Debug/../../lib/ssl/ssl3gthr.c 6
/src/nss/out/Debug/../../lib/ssl/ssl3exthandle.c 4
/src/nss/out/Debug/../../lib/ssl/tls13con.c 122
/src/nss/out/Debug/../../lib/ssl/tls13subcerts.c 11
/src/nss/out/Debug/../../lib/cryptohi/seckey.c 30
/src/nss/out/Debug/../../lib/ssl/tls13ech.c 31
/src/nss/out/Debug/../../lib/ssl/sslnonce.c 23
/src/nss/out/Debug/../../lib/certhigh/certhigh.c 6
/src/nss/out/Debug/../../lib/ssl/sslprimitive.c 4
/src/nss/out/Debug/../../lib/ssl/tls13psk.c 5
/src/nss/out/Debug/../../lib/pk11wrap/pk11hpke.c 27
/src/nss/out/Debug/../../lib/ssl/sslcert.c 8
/src/nss/out/Debug/../../lib/ssl/tls13replay.c 5
/src/nss/out/Debug/../../lib/ssl/sslbloom.c 6
/src/nss/out/Debug/../../lib/base/item.c 2
/src/nss/out/Debug/../../lib/ssl/ssldef.c 3
/src/nss/out/Debug/../../lib/ssl/sslauth.c 1
/src/nss/out/Debug/../../lib/ssl/sslsnce.c 28
/src/nss/out/Debug/../../lib/ssl/sslmutex.c 4
/src/nss/out/Debug/../../lib/ssl/unix_err.c 1
/src/nss/out/Debug/../../lib/ssl/dtls13con.c 20
/src/nss/out/Debug/../../lib/ssl/sslerr.c 1
/src/nss/out/Debug/../../lib/ssl/tls13hkdf.c 4
/src/nss/out/Debug/../../lib/pk11wrap/pk11kea.c 2
/src/nss/out/Debug/../../lib/pk11wrap/pk11akey.c 14
/src/nss/out/Debug/../../lib/util/secasn1e.c 25
/src/nss/out/Debug/../../lib/ssl/sslgrp.c 5
/src/nss/out/Debug/../../lib/ssl/ssl3ecc.c 11
/src/nss/out/Debug/../../lib/pk11wrap/pk11cert.c 6
/src/nss/out/Debug/../../lib/util/secalgid.c 2
/src/nss/out/Debug/../../lib/cryptohi/secsign.c 2
/src/nss/out/Debug/../../lib/cryptohi/secvfy.c 16
/src/nss/out/Debug/../../lib/util/secdig.c 3
/src/nss/out/Debug/../../lib/util/derenc.c 4
/src/nss/out/Debug/../../lib/cryptohi/dsautil.c 6
/src/nss/out/Debug/../../lib/ssl/tls13exthandle.c 9
/src/nss/out/Debug/../../lib/ssl/tls13hashstate.c 2
/src/nss/out/Debug/../../lib/ssl/selfencrypt.c 6
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/praton.c 4
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/pripv6.c 3
/src/nss/out/Debug/../../lib/certhigh/certvfy.c 1
/src/nss/out/Debug/../../lib/util/pkcs1sig.c 2
/src/nss/out/Debug/../../lib/util/sectime.c 1
/src/nss/out/Debug/../../lib/util/dertime.c 3

Fuzzer: /src/nss/out/Debug/../../fuzz/certDN_target.cc

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is
Color Runtime hitcount Callsite count Percentage
red 0 373 40.3%
gold [1:9] 159 17.1%
yellow [10:29] 9 0.97%
greenyellow [30:49] 0 0.0%
lawngreen 50+ 384 41.5%
All colors 925 100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
20580 92835 20 :

['SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'CERT_DestroyCertificate', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl3_HandleExtensions', 'tls13_IsPostHandshake', 'tls13_SendPostHandshakeCertificate', 'ssl_Trace', 'SECITEM_FreeItem_Util', 'CERT_DestroyCertificateList', 'SECKEY_DestroyPrivateKey', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PR_Assert', 'PORT_Free_Util', 'PK11_CloneContext', 'ssl3_ConsumeHandshakeVariable']

20580 92835 tls13_HandleCertificateRequest call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:3022
16674 123218 24 :

['SECKEY_ExtractPublicKey', 'PORT_SetError_Util', 'ssl_SignatureSchemeToAuthType', 'ssl_ConsumeSignatureScheme', 'ssl_MapLowLevelError', 'ssl3_BeginHandleCertificateRequest', 'ssl_SetAuthKeyBits', 'tls13_IsVerifyingWithDelegatedCredential', 'PORT_GetError_Util', 'ssl_VerifySignedHashesWithPubKey', 'ssl_CheckSignatureSchemeConsistency', 'ssl_SignatureSchemeToHashType', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_ComputeHandshakeHashes', 'tls13_FatalError', 'SECKEY_DestroyPublicKey', 'tls13_AddContextToHashes', 'PR_Assert', 'ssl_HashHandshakeMessage', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'tls13_VerifyDelegatedCredential']

16674 123218 tls13_HandleCertificateVerify call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:5142
16664 16664 1 :

['sftk_CreateNewSlot']

16664 17628 NSC_CreateObject call site: 00000 /src/nss/out/Debug/../../lib/softoken/pkcs11.c:4842
16543 36030 18 :

['PR_WaitCondVar', 'PR_NotifyAllCondVar', 'PR_GetCurrentThread', 'nssToken_Remove', 'nssToken_Destroy', 'PK11_InitToken', 'nssToken_GetDefaultSession', 'PR_Unlock', 'nssToken_NotifyCertsNotVisible', 'PK11Slot_GetNSSToken', 'PR_Lock', 'nssTrustDomain_UpdateCachedTokenCerts', 'nssSession_EnterMonitor', 'nssSession_ExitMonitor', 'PK11_GetSlotInfo', 'PR_IntervalNow', 'token_status_checked', 'nssToken_Refresh']

16543 36030 nssSlot_IsTokenPresent call site: 00000 /src/nss/out/Debug/../../lib/dev/devslot.c:130
14748 88475 20 :

['ssl3_CleanupPeerCerts', 'SECITEM_CopyItem_Util', 'PORT_SetError_Util', 'ssl_Time', 'dtls_ReceivedFirstMessageInFlight', 'SECITEM_CompareItem_Util', 'ssl_CipherSpecReleaseByEpoch', 'ssl3_HandleNoCertificate', 'SECKEY_UpdateCertPQG', 'getpid', 'tls13_SetHsState', 'ssl_HashPostHandshakeMessage', 'tls13_FatalError', 'PORT_NewArena_Util', 'PR_Assert', 'tls13_HandleCertificateEntry', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable', 'ssl3_AuthCertificate', 'PORT_ArenaAlloc_Util']

14748 88475 tls13_HandleCertificate call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:4058
13440 49820 18 :

['SECKEY_GetPublicKeyType', 'PK11_PubDeriveWithKDF', 'SECKEY_CreateECPrivateKey', 'PK11_FreeSymKey', 'SECKEY_PublicKeyStrengthInBits', 'PORT_SetError_Util', 'PK11_WrapSymKey', 'PK11_KeyGen', 'ssl_MapLowLevelError', 'ssl_GetWrappingKey', 'SECKEY_PublicKeyStrength', 'PK11_GetBestKeyLength', 'SECKEY_DestroyPrivateKey', 'PK11_PubWrapSymKey', 'ssl_UnwrapSymWrappingKey', 'SECKEY_DestroyPublicKey', 'ssl_SetWrappingKey', 'PR_Assert']

13440 50754 ssl3_GetWrappingKey call site: 00000 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:6049
11713 11713 2 :

['tls13_WriteServerEchSignal', 'tls13_WriteServerEchHrrSignal']

11713 11713 ssl_ConstructServerHello call site: 00000 /src/nss/out/Debug/../../lib/ssl/ssl3con.c:10011
11366 15619 7 :

['tls13_ComputeEarlySecretsWithPsk', 'CERT_DupCertificate', 'tls13_RecoverWrappedSharedSecret', 'ssl_FindServerCert', 'tls13_RestoreCipherInfo', 'SECITEM_CompareItem_Util', 'ssl3_RegisterExtensionSender']

34068 135314 tls13_HandleClientHelloPart2 call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2253
11250 120798 25 :

['PK11_FreeSymKey', 'ssl_UncacheSessionID', 'SECITEM_CopyItem_Util', 'ssl3_ConsumeHandshakeNumber', 'ssl_Time', 'CERT_DupCertificate', 'PORT_SetError_Util', 'ssl_FreeSID', 'ssl_PrintBuf', 'tls13_HkdfExpandLabel', 'tls13_IsPostHandshake', 'ssl3_HandleExtensions', 'tls13_GetHash', 'ssl3_ConsumeHandshake', 'tls13_GetHashSize', 'ssl3_NewSessionID', 'getpid', 'ssl3_SetSIDSessionTicket', 'tls13_FatalError', 'PR_ntohl', 'PR_Assert', 'ssl3_FillInCachedSID', 'ssl_CacheSessionID', 'ssl_Trace', 'ssl3_ConsumeHandshakeVariable']

11250 120798 tls13_HandleNewSessionTicket call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:6149
10815 25482 10 :

['SECITEM_FreeItem_Util', 'PK11_ConcatSymKeys', 'PK11_FreeSymKey', 'getpid', 'tls13_HandleKEMKey', 'PORT_SetError_Util', 'tls13_FatalError', 'PR_Assert', 'PORT_GetError_Util', 'ssl_Trace']

10815 25482 tls13_HandleClientKeyShare call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:2663
9446 9446 3 :

['VFY_Update', 'VFY_End', 'VFY_Begin']

9446 9446 vfy_SingleShot call site: 00000 /src/nss/out/Debug/../../lib/cryptohi/secvfy.c:955
8356 18110 8 :

['ssl_TicketTimeValid', 'ssl_UncacheSessionID', 'ssl3_SetupCipherSuite', 'ssl_FreeSID', 'tls13_RecoverWrappedSharedSecret', 'PR_Assert', 'PORT_GetError_Util', 'SSL_AtomicIncrementLong']

16930 46400 tls13_SetupClientHello call site: 00000 /src/nss/out/Debug/../../lib/ssl/tls13con.c:572

Runtime coverage analysis

Covered functions
2495
Functions that are reachable but not covered
87
Reachable functions
300
Percentage of reachable functions covered
71.0%
NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.
Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.
Function name source code lines source lines hit percentage hit

Files reached

filename functions hit
/src/nss/out/Debug/../../fuzz/certDN_target.cc 1
/src/nss/out/Debug/../../lib/util/secoid.c 8
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prenv.c 3
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prinit.c 4
/src/nspr/Debug/pr/src/malloc/../../../../pr/src/malloc/prmem.c 11
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prlog.c 8
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/unix.c 4
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prtime.c 5
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prprf.c 13
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerror.c 4
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptthread.c 6
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptsynch.c 19
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/priometh.c 2
/src/nspr/Debug/pr/src/md/../../../../pr/src/md/prosdep.c 2
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/linux.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/pratom.c 1
/src/nspr/Debug/pr/src/memory/../../../../pr/src/memory/prseg.c 1
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptmisc.c 2
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prtpd.c 3
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prlayer.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prinrval.c 4
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prcmon.c 2
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/unix_errors.c 2
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptio.c 11
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prfdcach.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prnetdb.c 1
/src/nspr/Debug/pr/src/linking/../../../../pr/src/linking/prlink.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prdtoa.c 1
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prmwait.c 1
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prrwlock.c 2
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerr.c 1
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerrortable.c 1
/src/nss/out/Debug/../../lib/util/secport.c 23
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strpbrk.c 1
/src/nss/out/Debug/../../lib/util/nssrwlk.c 4
/src/nspr/Debug/lib/ds/../../../lib/ds/plarena.c 8
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prlog2.c 1
/src/nspr/Debug/lib/ds/../../../lib/ds/plhash.c 7
/src/nss/out/Debug/../../lib/util/secitem.c 6
/src/nss/out/Debug/../../lib/certdb/alg1485.c 29
/src/nss/out/Debug/../../lib/certdb/secname.c 12
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strcase.c 2
/src/nss/out/Debug/../../lib/util/oidstring.c 1
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strlen.c 1
/src/nss/out/Debug/../../lib/util/utf8.c 4
/src/nss/out/Debug/../../lib/util/dersubr.c 2
/src/nss/out/Debug/../../lib/util/quickder.c 13
/src/nss/out/Debug/../../lib/util/secasn1u.c 1
/src/nss/out/Debug/../../lib/certdb/certdb.c 1

Analyses and suggestions

Fuzz engine guidance

This sections provides heuristics that can be used as input to a fuzz engine when running a given fuzz target. The current focus is on providing input that is usable by libFuzzer.

/src/nss/out/Debug/../../fuzz/mpi_submod_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['s_mp_norm', 's_mp_cmp_d', 's_mp_div_2d', 'mp_copy', 'mp_sub', 'mp_div', 's_mp_mul_2d', 'mp_mul_d']

/src/nss/out/Debug/../../fuzz/mpi_addmod_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['s_mp_norm', 's_mp_cmp_d', 's_mp_div_2d', 'mp_copy', 's_mp_cmp', 'mp_div', 's_mp_mul_2d', 'mp_mul_d']

/src/nss/out/Debug/../../fuzz/mpi_invmod_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['mp_exptmod_safe_i', 's_mp_mulg', 'mp_sqr', 's_mpi_getProcessorLineSize', 'mp_mod', 'mpp_pprime_ext_random', 'mp_isodd', 'mp_cmp', 'mp_copy', 's_mp_grow']

/src/nss/out/Debug/../../fuzz/mpi_div_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['s_mp_norm', 's_mp_cmp_d', 's_mp_div_2d', 's_mp_cmp', 's_mp_mul_2d', 'mp_mul_d', 'mp_add_d', 'mp_toradix']

/src/nss/out/Debug/../../fuzz/quickder_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['PR_Malloc', 'PR_CallOnce', 'PR_GetCurrentThread', 'PR_NewMonitor', 'PR_GetEnvSecure', 'PR_Now', '_PR_InitThreads', '_PR_InitLinker', '_PR_InitLog', 'pt_SetMethods']

/src/nss/out/Debug/../../fuzz/certDN_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['DecodeItem', 'PR_CallOnce', 'PR_GetEnvSecure', 'PORT_ArenaUnmark_Util', '_PR_InitThreads', 'pt_PostNotifies', '_PR_InitLinker', 'PR_Now', 'PR_Malloc', '_PR_InitLog']

/src/nss/out/Debug/../../fuzz/tls_server_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['ssl_LookupCipherSuiteCfg', 'DER_UTCTimeToTime_Util', 'ssl3_RecordKeyLog', 'ssl3_HandlePostHelloHandshakeMessage', 'ssl3_GetWrappingKey', 'PK11_PubUnwrapSymKeyWithMechanism', 'ssl3_HandleHandshakeMessage', 'nss_Init', 'ssl3_GenerateRSAPMS', 'pk11_PubDeriveECKeyWithKDF']

/src/nss/out/Debug/../../fuzz/mpi_addmod_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['mp_mod', 'mp_copy', 's_mp_div_d', 's_mp_div_2d', 'mp_div', 's_mp_alloc', 'mp_mul_d', 'mp_add_d']

/src/nss/out/Debug/../../fuzz/mpi_sqrmod_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['check_equal(bignum_st*, mp_int*, unsigned long)', 'mp_mod', 'mp_copy', 's_mp_div_d', 's_mp_div_2d', 'mp_sqr', 'mp_div', 's_mp_alloc', 'mp_mul_d']

/src/nss/out/Debug/../../fuzz/mpi_invmod_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['mp_exptmod_safe_i', 'mpp_pprime_ext_random', 's_mpi_getProcessorLineSize', 'mp_mulmod', 'mp_copy', 's_mp_div_d', 's_mp_div_2d', 'mp_read_unsigned_octets']

/src/nss/out/Debug/../../fuzz/mpi_sqr_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['s_mp_cmp', 'mp_copy', 's_mp_div_d', 'mp_sqr', 's_mp_div_2d', 's_mp_mulg', 's_mp_alloc', 'mp_mul_d']

/src/nss/out/Debug/../../fuzz/mpi_sqrmod_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['LLVMFuzzerTestOneInput', 's_mp_div_2d', 'mp_copy', 's_mp_cmp_d', 's_mp_mul_2d', 'mp_mul_d', 'mp_add_d']

/src/nss/out/Debug/../../fuzz/mpi_expmod_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['mp_exptmod_safe_i', 's_mpi_getProcessorLineSize', 'get_modulus(unsigned char const*, unsigned long, bignum_ctx*)', 'mp_exptmod', 'mp_copy', 's_mp_div_d', 's_mp_div_2d', 'mp_div']

/src/nss/out/Debug/../../fuzz/mpi_mulmod_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['mp_mod', 'mp_copy', 's_mp_div_d', 's_mp_div_2d', 'mp_div', 's_mp_alloc', 'mp_mul_d', 'mp_add_d']

/src/nss/out/Debug/../../fuzz/mpi_mulmod_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['s_mp_norm', 'mp_div', 's_mp_cmp_d', 's_mp_div_2d', 'mp_copy', 's_mp_mul_2d', 's_mp_mulg', 'mp_mul_d']

/src/nss/out/Debug/../../fuzz/tls_client_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['DER_UTCTimeToTime_Util', 'ssl3_SendChangeCipherSpecsInt', 'ssl3_RecordKeyLog', 'dtls_ReceivedFirstMessageInFlight', 'ssl3_HandlePostHelloHandshakeMessage', 'ssl3_HandleFinished', 'PK11_KeyGenWithTemplate', 'pk11_PubDeriveECKeyWithKDF', 'nss_Init', 'SECKEY_ECParamsToBasePointOrderLen']

/src/nss/out/Debug/../../fuzz/mpi_div_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['parse_input(unsigned char const*, unsigned long, bignum_st*, bignum_st*, mp_int*, mp_int*)', 'mp_copy', 's_mp_div_d', 'mp_cmp', 's_mp_div_2d', 's_mp_mulg', 'mp_add', 's_mp_alloc', 'mp_mul_d']

/src/nss/out/Debug/../../fuzz/pkcs8_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['nss_Init', 'NSSUTIL_ArgHasFlag', 'secoid_FindXOidByTag', 'nssCertificate_Destroy', 'SECMOD_LoadModule', 'pk11_SetInternalKeySlotIfFirst', 'PK11_HashBuf', 'PK11_Authenticate', 'nssToken_GetSlot']

/src/nss/out/Debug/../../fuzz/pkcs8_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['nss_Init', 'NSSUTIL_ArgHasFlag', 'secoid_FindXOidByTag', 'nssCertificate_Destroy', 'SECMOD_LoadModule', 'pk11_SetInternalKeySlotIfFirst', 'PK11_HashBuf', 'PK11_Authenticate', 'nssToken_GetSlot']

/src/nss/out/Debug/../../fuzz/mpi_sub_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['s_mp_div_2d', 'mp_copy', 'mp_cmp', 's_mp_mul_2d', 's_mp_cmp_d', 'mp_sub', 'mp_mul_d', 'mp_add_d']

/src/nss/out/Debug/../../fuzz/mpi_mod_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['s_mp_norm', 's_mp_cmp_d', 's_mp_div_2d', 'mp_sub', 's_mp_mul_2d', 'mp_div', 'mp_mul_d', 'mp_add_d']

/src/nss/out/Debug/../../fuzz/mpi_add_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['s_mp_div_2d', 'mp_copy', 'mp_cmp', 's_mp_mul_2d', 's_mp_cmp_d', 'mp_mul_d', 'mp_add_d']

/src/nss/out/Debug/../../fuzz/mpi_sqr_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['s_mp_div_2d', 'mp_copy', 's_mp_cmp_d', 's_mp_mul_2d', 's_mp_cmp', 's_mp_mulg', 'mp_mul_d', 'mp_add_d']

/src/nss/out/Debug/../../fuzz/mpi_expmod_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['mp_exptmod_safe_i', 's_mpi_getProcessorLineSize', 's_mp_cmp_d', 'mp_exch', 's_mp_div_2d', 'mp_copy', 's_mp_norm', 'mp_add', 'mp_div']

/src/nss/out/Debug/../../fuzz/tls_client_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['ssl3_RecordKeyLog', 'sslBuffer_InsertNumber', 'pk11_PubDeriveECKeyWithKDF', 'PK11_GetWrapKey', 'nss_Init', 'sslRead_ReadVariable', 'ssl3_SendChangeCipherSpecsInt', 'seckey_UpdateCertPQGChain', 'tls13_CommonHandleFinished', 'SECKEY_ECParamsToBasePointOrderLen']

/src/nss/out/Debug/../../fuzz/mpi_submod_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['mp_mod', 'mp_copy', 's_mp_div_d', 's_mp_div_2d', 'mp_sub', 'mp_div', 's_mp_alloc', 'mp_mul_d']

/src/nss/out/Debug/../../fuzz/tls_client_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['DER_UTCTimeToTime_Util', 'ssl3_RecordKeyLog', 'ssl3_HandlePostHelloHandshakeMessage', 'PK11_GetWrapKey', 'PK11_KeyGenWithTemplate', 'pk11_PubDeriveECKeyWithKDF', 'nss_Init', 'dtls_ReceivedFirstMessageInFlight', 'ssl3_SendChangeCipherSpecsInt', 'seckey_UpdateCertPQGChain']

/src/nss/out/Debug/../../fuzz/tls_server_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['ssl3_ServerCallSNICallback', 'ssl_LookupCipherSuiteCfg', 'DER_UTCTimeToTime_Util', 'ssl_IsValidDHEShare', 'ssl3_HandlePostHelloHandshakeMessage', 'PK11_PubUnwrapSymKeyWithMechanism', 'ssl3_HandleHandshakeMessage', 'nss_Init', 'ssl3_GenerateRSAPMS', 'PR_RWLock_Wlock']

/src/nss/out/Debug/../../fuzz/mpi_sub_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['mp_cmp', 'mp_copy', 's_mp_div_d', 'mp_sub', 's_mp_div_2d', 'mp_add', 's_mp_alloc', 'mp_mul_d']

/src/nss/out/Debug/../../fuzz/mpi_add_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['mp_cmp', 'mp_copy', 's_mp_div_d', 'mp_add', 's_mp_div_2d', 'mp_sub', 's_mp_alloc', 'mp_mul_d']

/src/nss/out/Debug/../../fuzz/mpi_mod_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['parse_input(unsigned char const*, unsigned long, bignum_st*, bignum_st*, mp_int*, mp_int*)', 'mp_copy', 's_mp_div_d', 'mp_cmp', 's_mp_div_2d', 'mp_div', 's_mp_mulg', 'mp_sub']

/src/nss/out/Debug/../../fuzz/tls_server_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['ssl_LookupCipherSuiteCfg', 'tls13_ComputeFinished', 'ssl3_HandleHandshakeMessage', 'tls13_CommonHandleFinished', 'nss_Init', 'ssl3_GenerateRSAPMS', 'PR_RWLock_Wlock', 'tls13_SelectServerCert', 'tls13_HandleCertificateVerify', 'ssl3_HandleFinished']

/src/nss/out/Debug/../../fuzz/tls_server_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['ssl_LookupCipherSuiteCfg', 'tls13_ComputeFinished', 'ssl3_HandleHandshakeMessage', 'nss_Init', 'ssl3_GenerateRSAPMS', 'pk11_PubDeriveECKeyWithKDF', 'DER_UTCTimeToTime_Util', 'nssCertificate_BuildChain', 'tls13_MaybeAcceptEch', 'tls13_HandleCertificateRequest']

/src/nss/out/Debug/../../fuzz/quickder_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['PR_Malloc', 'PR_CallOnce', '_PR_InitThreads', '_PR_InitLinker', 'pt_TestAbort', '_PR_InitLog', 'PR_smprintf_free', 'PR_Realloc', 'PR_vsmprintf', 'PR_Now']

/src/nss/out/Debug/../../fuzz/tls_client_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['ssl3_HandleFinished', 'tls13_ComputeHandshakeSecrets', 'sslBuffer_InsertNumber', 'ssl3_SendChangeCipherSpecsInt', 'pk11_PubDeriveECKeyWithKDF', 'nss_Init', 'SECKEY_ECParamsToBasePointOrderLen', 'sslRead_ReadVariable', 'seckey_UpdateCertPQGChain', 'tls13_CommonHandleFinished']

/src/nss/out/Debug/../../fuzz/certDN_target.cc

Dictionary

Use this with the libFuzzer -dict=DICT.file flag


Fuzzer function priority

Use one of these functions as input to libfuzzer with flag: -focus_function name

-focus_function=['PR_CallOnce', '_PR_InitThreads', '_PR_InitLinker', 'pt_TestAbort', 'PR_Malloc', '_PR_InitLog', 'PR_DestroyCondVar', 'PR_smprintf_free', 'PR_Realloc', 'PR_vsmprintf']

Runtime coverage analysis

This section shows analysis of runtime coverage data.

For futher technical details on how this section is generated, please see the Glossary .

Complex functions with low coverage

Func name Function total lines Lines covered at runtime percentage covered Reached by fuzzers
_PR_Getfd 61 28 45.90% ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc']
_PR_InitLog 61 6 9.836% ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc']
PR_NewMonitor 42 21 50.0% ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc']
pt_PostNotifyToCvar 34 17 50.0% ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc']
dosprintf 294 92 31.29% ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc']
BuildArgArray 215 26 12.09% ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc']
fill_n 79 26 32.91% ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc']
CERT_CreateName 44 23 52.27% ['certDN', '/src/nss/out/Debug/../../fuzz/certDN_target.cc']
sec_port_ucs2_utf8_conversion_function 104 57 54.80% ['certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc']
PL_HashTableEnumerateEntries 32 15 46.87% ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
PR_PopIOLayer 31 17 54.83% []
_MD_unix_map_default_error 202 9 4.455% ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc']
PR_NormalizeTime 79 33 41.77% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
ApplySecOffset 60 7 11.66% ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc']
PR_NewRWLock 48 22 45.83% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
nssItem_Create 38 20 52.63% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
nssPointerTracker_add 31 14 45.16% ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
CERT_KeyUsageAndTypeForCertUsage 102 26 25.49% []
CERT_CheckKeyUsage 39 7 17.94% []
InitCRLCache 51 21 41.17% ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
cert_ExtractDNEmailAddrs 40 20 50.0% []
CERT_GetConstrainedCertificateNames 51 21 41.17% []
CERT_GetSSLCACerts 41 19 46.34% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
CERT_TrustFlagsForCACertUsage 50 17 34.0% []
cert_CheckLeafTrust 113 8 7.079% []
cert_VerifyCertWithFlags 93 46 49.46% []
checkKeyParams 94 31 32.97% []
cert_VerifyCertChainOld 285 109 38.24% []
HASH_GetHashTypeByOidTag 42 21 50.0% ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
seckey_GetKeyType 48 12 25.0% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
SECKEY_ECParamsToBasePointOrderLen 117 37 31.62% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
SECKEY_CopyPublicKey 95 42 44.21% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
seckey_UpdateCertPQGChain 76 29 38.15% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
SEC_GetSignatureAlgorithmOidTag 73 40 54.79% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
sec_GetEncAlgFromSigAlg 40 20 50.0% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
sec_DecodeSigAlg 158 33 20.88% []
nssSlot_IsTokenPresent 121 12 9.917% ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
nssToken_FindObjectsByTemplate 43 20 46.51% ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
find_objects 106 45 42.45% ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
Camellia_CreateContext 34 16 47.05% []
ec_SignDigestWithSeed 146 23 15.75% []
construct_ecgroup 69 34 49.27% []
ec_secp256r1_pt_mul 53 29 54.71% []
GCM_CreateContext 52 25 48.07% []
rijndael_invkey_expansion 38 19 50.0% []
rsa_FormatBlock 31 12 38.70% []
NSS_RegisterShutdown 48 20 41.66% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
nss_Init 152 63 41.44% ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
PK11_ExtractPublicKey 227 80 35.24% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
PK11_MakePrivKey 59 21 35.59% ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
PK11_GetPrivateModulusLen 33 16 48.48% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
pk11_get_Decoded_ECPoint 44 22 50.0% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
pk11_get_EC_PointLenInBytes 98 23 23.46% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
PK11_DigestOp 48 23 47.91% ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
PK11_DigestFinal 47 22 46.80% ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
pk11_context_init 90 43 47.77% ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
PK11_MapError 74 15 20.27% ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
secmod_ModuleInit 79 21 26.58% ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
secmod_LoadPKCS11Module 157 75 47.77% ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
PK11_GetKeyType 222 91 40.99% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
PK11_GetKeyGenWithSize 220 47 21.36% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
pk11_ParamFromIVWithLen 139 26 18.70% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
PK11_GetAttributes 56 30 53.57% ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
PK11_SignatureLen 45 23 51.11% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
SECMOD_LoadModule 123 65 52.84% ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
secmod_parseCryptoPolicy 62 6 9.677% ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
PK11_ImportPrivateKeyInfoAndReturnKey 104 47 45.19% ['/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc']
PK11_SymKeysToSameSlot 32 17 53.12% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
PK11_PubDerive 167 46 27.54% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
PK11_InitToken 142 57 40.14% ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
PK11_TokenExists 34 16 47.05% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
pk11_ReadProfileList 47 25 53.19% ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
pk11_IsPresentCertLoad 54 8 14.81% ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
STAN_GetNSSCertificate 74 11 14.86% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
fill_CERTCertificateFields 115 32 27.82% ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
nssPKIObject_Create 41 20 48.78% ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
nssPKIObjectCollection_Traverse 36 6 16.66% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
nssCertificateStore_Create 50 20 40.0% ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
nssTrustDomain_InitializeCache 43 22 51.16% ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
SFTK_SlotReInit 59 25 42.37% []
nsc_CommonInitialize 78 35 44.87% []
NSC_GetTokenInfo 72 39 54.16% []
NSC_CopyObject 63 31 49.20% []
NSC_SetAttributeValue 73 39 53.42% []
sftk_emailhack 69 24 34.78% []
sftk_handlePrivateKeyObject 180 93 51.66% []
sftk_RegisterSlot 42 23 54.76% []
sftk_getParameters 48 17 35.41% []
sftk_CryptInit 566 167 29.50% []
NSC_Decrypt 53 27 50.94% []
NSC_SignInit 364 128 35.16% []
NSC_VerifyInit 212 94 44.33% []
NSC_GenerateKey 232 105 45.25% []
NSC_GenerateKeyPair 564 178 31.56% []
NSC_WrapKey 101 43 42.57% []
NSC_DeriveKey 1331 466 35.01% []
sftk_InitCBCMac 144 18 12.5% []
sftk_MACUpdate 50 17 34.0% []
nsc_SetupBulkKeyGen 72 18 25.0% []
sftk_PairwiseConsistencyCheck 259 76 29.34% []
sftk_MultipleAttribute2SecItem 70 16 22.85% []
sftk_modifyType 63 26 41.26% []
sftk_AttributeToFlags 50 24 48.0% []
sftk_VerifyDH_Prime 65 29 44.61% []
sftk_MAC_InitRaw 59 31 52.54% []
dtls_NextUnackedRange 42 12 28.57% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
ssl3_SendAlertForCertError 39 13 33.33% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
ssl3_InitHandshakeHashes 83 39 46.98% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
ssl3_ComputeHandshakeHashes 171 58 33.91% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
ssl3_ServerCallSNICallback 111 14 12.61% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
ssl3_EncodeFilteredSigAlgs 36 14 38.88% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
ssl3_SendCertificateStatus 34 16 47.05% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
ssl3_RecordKeyLog 37 9 24.32% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
ssl3_ApplyNSSPolicy 34 9 26.47% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
ssl3_HandleClientHelloPart2 206 51 24.75% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
ssl3_HandleCertificateVerify 80 25 31.25% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
ssl3_HandleServerNameXtn 56 10 17.85% []
ssl3_ServerHandleAppProtoXtn 32 16 50.0% []
ssl3_ServerHandleUseSRTPXtn 50 11 22.0% []
SSL_AuthCertificate 38 20 52.63% []
SSL_ConfigServerCert 39 21 53.84% []
ssl_MakeKeyPairForCert 45 23 51.11% []
ssl_PopulateDelegatedCredential 44 9 20.45% []
ssl_SecureRecv 52 25 48.07% []
ServerSessionIDLookup 69 21 30.43% []
SSL_OptionSet 205 47 22.92% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
ssl3_GetEffectiveVersionPolicy 32 15 46.87% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
ssl_SetDefaultsFromEnvironment 84 36 42.85% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
tls13_CopyEchConfigs 44 9 20.45% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
contents_length 91 41 45.05% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
der_encode 122 51 41.80% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
DER_SetUInteger 33 18 54.54% []
SEC_ASN1DecoderUpdate_Util 149 70 46.97% ['/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc']
sec_asn1d_prepare_for_contents 278 108 38.84% ['/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc']
sec_asn1d_parse_leaf 60 27 45.0% ['/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc']
sec_asn1d_next_in_sequence 93 45 48.38% ['/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc']
sec_asn1e_write_header 103 44 42.71% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
sec_asn1e_contents_length 175 78 44.57% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
sec_asn1e_init_state_based_on_template 120 64 53.33% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
sec_asn1e_allocate_item 34 15 44.11% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
nssutil_ReadSecmodDB 204 46 22.54% []
NSSUTIL_ArgDecodeNumber 38 20 52.63% ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
_NSSUTIL_EvaluateConfigDir 52 22 42.30% []
pr_inet_aton 83 12 14.45% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
StringToV6Addr 118 16 13.55% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
nssUTF8_Create 49 15 30.61% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
SEED_cbc_encrypt 67 32 47.76% []
gcmHash_Update 38 18 47.36% []
gcm_InitCounter 62 31 50.0% []
GCM_EncryptAEAD 55 29 52.72% []
GCM_DecryptAEAD 56 30 53.57% []
PK11_CipherOp 78 30 38.46% []
PK11_AEADRawOp 60 30 50.0% ['dtls-client-no_fuzzer_mode', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-client-no_fuzzer_mode']
pk11_Finalize 70 23 32.85% ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
NSC_EncryptUpdate 62 28 45.16% []
NSC_DecryptUpdate 49 20 40.81% []
sftk_MAC_Finish 42 23 54.76% []
ssl3_SendClientHello 295 127 43.05% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
ssl3_BeginHandleCertificateRequest 35 15 42.85% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
ssl_SignatureSchemeFromPssSpki 38 19 50.0% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
ssl3_AppendCipherSuites 48 23 47.91% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
ssl3_ClientAuthCallbackOutcome 48 20 41.66% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
ssl3_HandleServerHelloPart2 118 52 44.06% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
ssl3_HandleNewSessionTicket 44 15 34.09% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
ssl_LookupSID 35 10 28.57% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
tls13_ClientAllow0Rtt 33 10 30.30% []
tls13_MaybeGreaseEch 117 18 15.38% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
tls13_ClientSendPreSharedKeyXtn 71 11 15.49% []
tls13_ClientSendSupportedVersionsXtn 49 26 53.06% []
tls13_ClientSendDelegatedCredentialsXtn 40 5 12.5% []
ChaCha20Poly1305_Encrypt 45 15 33.33% []
ChaCha20Poly1305_Decrypt 51 22 43.13% []
pk11_GenerateIV 84 43 51.19% ['dtls-client-no_fuzzer_mode', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-client-no_fuzzer_mode']
PK11_GetObjectHandle 36 13 36.11% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
pk11_HandUnwrap 69 25 36.23% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
ssl_MacBuffer 32 17 53.12% ['dtls-client-no_fuzzer_mode', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-client-no_fuzzer_mode']
tls13_CreateKeyShare 46 22 47.82% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
tls13_HandleClientHelloPart2 247 116 46.96% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
tls13_ConstructHelloRetryRequest 38 20 52.63% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
tls13_MaybeSendHelloRetry 48 22 45.83% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
tls13_NegotiateAuthentication 31 12 38.70% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
tls13_CanNegotiateZeroRtt 40 6 15.0% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
tls13_SendCertificateRequest 65 26 40.0% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
tls13_HandleCertificateRequest 107 16 14.95% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
tls13_SendEncryptedServerSequence 54 29 53.70% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
tls13_HandleCertificateDecode 105 8 7.619% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
tls13_HandleCertificate 106 30 28.30% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
tls13_HandleEncryptedExtensions 72 13 18.05% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
tls13_HandleCertificateVerify 112 19 16.96% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
tls13_ServerHandleFinished 81 37 45.67% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
tls13_HandleNewSessionTicket 113 14 12.38% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
tls13_HandleEndOfEarlyData 32 8 25.0% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
tls13_MaybeSetDelegatedCredential 37 15 40.54% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
ssl3_EmplaceExtension 37 17 45.94% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
tls13_SetupClientHello 79 31 39.24% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
tls13_HandleServerHelloPart2 91 41 45.05% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
tls13_MaybeDo0RTTHandshake 47 5 10.63% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
tls13_ReinjectHandshakeTranscript 36 17 47.22% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
tls13_ClientSetupEch 67 11 16.41% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
tls13_MaybeHandleEchSignal 73 11 15.06% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
ssl3_SendApplicationData 75 38 50.66% []
ssl_SecureSend 101 34 33.66% []
tls13_SendKeyUpdate 49 25 51.02% ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode']
PR_Sleep 31 8 25.80% []

Files and Directories in report

This section shows which files and directories are considered in this report. The main reason for showing this is fuzz introspector may include more code in the reasoning than is desired. This section helps identify if too many files/directories are included, e.g. third party code, which may be irrelevant for the threat model. In the event too much is included, fuzz introspector supports a configuration file that can exclude data from the report. See the following link for more information on how to create a config file: link

Files in report

Source file Reached by Covered by
[] []
/src/nss/out/Debug/../../lib/certdb/genname.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prnetdb.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/freebl/verified/Hacl_Chacha20_Vec128.c [] []
/src/nss/out/Debug/../../lib/softoken/jpakesftk.c [] []
/src/nss/out/Debug/../../lib/cryptohi/secvfy.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/ssl/tls13psk.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/deprecated/alg2268.c [] []
/src/nss/out/Debug/../../lib/freebl/ecl/ecp_25519.c [] []
/src/nss/out/Debug/../../lib/util/utilmod.c [] []
/src/nss/out/Debug/../../lib/freebl/rijndael.c [] []
/src/nspr/Debug/lib/ds/../../../lib/ds/plarena.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/freebl/ecl/ecp_secp384r1.c [] []
/src/nss/out/Debug/../../cpputil/cpputil.h [] []
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strlen.c ['certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/util/pkcs1sig.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/softoken/lowkey.c [] []
/src/nss/out/Debug/../../lib/base/error.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/pk11wrap/pk11kea.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/jpake.c [] []
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strcat.c [] []
/src/nss/out/Debug/../../fuzz/tls_client_config.cc ['dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/dev/devtoken.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/softoken/pkcs11.c [] []
/src/nss/out/Debug/../../lib/freebl/sha512.c [] []
/src/nss/out/Debug/../../lib/freebl/deprecated/seed.c [] []
/src/nss/out/Debug/../../lib/dev/ckhelper.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/certdb/certdb.c ['certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/freebl/verified/Hacl_Chacha20Poly1305_128.c [] []
/src/nss/out/Debug/../../fuzz/quickder_target.cc ['quickder', '/src/nss/out/Debug/../../fuzz/quickder_target.cc'] []
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerror.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../fuzz/mpi_div_target.cc ['mpi-div', '/src/nss/out/Debug/../../fuzz/mpi_div_target.cc'] []
/src/nss/out/Debug/../../lib/softoken/kem.c [] []
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/uxshm.c ['dtls-server', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server'] []
/src/nss/out/Debug/../../lib/freebl/gcm-x86.c [] []
/src/nss/out/Debug/../../lib/certhigh/ocsp.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/pk11wrap/pk11mech.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/certhigh/xcrldist.c [] []
/src/nss/out/Debug/../../cpputil/dummy_io.cc ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prmwait.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../fuzz/mpi_sub_target.cc ['mpi-sub', '/src/nss/out/Debug/../../fuzz/mpi_sub_target.cc'] []
/src/nss/out/Debug/../../lib/freebl/ecl/ecl_gf.c [] []
/src/nss/out/Debug/../../lib/softoken/fipstest.c [] []
/src/nss/out/Debug/../../lib/freebl/cts.c [] []
/src/nss/out/Debug/../../lib/freebl/verified/Hacl_Curve25519_51.c [] []
/src/nss/out/Debug/../../lib/freebl/cmac.c [] []
/src/nss/out/Debug/../../lib/cryptohi/sechash.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/ecl/ecl_mult.c [] []
/src/nss/out/Debug/../../lib/certhigh/certvfypkix.c [] []
/src/nss/out/Debug/../../lib/util/secoid.c ['certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/freebl/secmpi.c [] []
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prstdio.c [] []
/src/nss/out/Debug/../../lib/pki/pki3hack.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../cpputil/tls_parser.h [] []
/src/nss/out/Debug/../../lib/pki/certificate.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/pk11wrap/pk11pbe.c [] []
/src/nss/out/Debug/../../lib/freebl/ecl/ecp_secp384r1_wrap.c [] []
/src/nss/out/Debug/../../lib/certhigh/certreq.c [] []
/src/nss/out/Debug/../../lib/softoken/lowpbe.c [] []
/src/nss/out/Debug/../../lib/freebl/verified/karamel/include/krml/lowstar_endianness.h [] []
/src/nss/out/Debug/../../lib/freebl/ecl/ecp_mont.c [] []
/src/nss/out/Debug/../../lib/softoken/kbkdf.c [] []
/src/nss/out/Debug/../../lib/softoken/sftkdhverify.c [] []
/src/nspr/Debug/pr/src/memory/../../../../pr/src/memory/prseg.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/usr/local/bin/../include/c++/v1/stdexcept [] []
/src/nss/out/Debug/../../fuzz/mpi_invmod_target.cc ['mpi-invmod', '/src/nss/out/Debug/../../fuzz/mpi_invmod_target.cc'] []
/src/nss/out/Debug/../../lib/freebl/kyber-pqcrystals-ref.c [] []
/src/nss/out/Debug/../../fuzz/shared.h ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nspr/Debug/pr/src/memory/../../../../pr/src/memory/prshma.c ['dtls-server', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server'] []
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prdtoa.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/ssl/ssldef.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/ssl/sslcon.c [] []
/src/nss/out/Debug/../../cpputil/dummy_io.h ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/sha_fast.h [] []
/src/nss/out/Debug/../../lib/freebl/dh.c [] []
/src/nss/out/Debug/../../lib/freebl/verified/Hacl_P384.c [] []
/src/nss/out/Debug/../../lib/freebl/verified/internal/Hacl_Bignum_Base.h [] []
/src/nss/out/Debug/../../lib/util/secalgid.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../fuzz/shared.cc [] []
/usr/include/x86_64-linux-gnu/bits/uintn-identity.h [] []
/src/nss/out/Debug/../../lib/softoken/padbuf.c [] []
/src/nss/out/Debug/../../lib/freebl/aeskeywrap.c [] []
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/linux.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerrortable.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/pk11wrap/pk11pars.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/mpi/mpmontg.c ['mpi-invmod', '/src/nss/out/Debug/../../fuzz/mpi_invmod_target.cc', '/src/nss/out/Debug/../../fuzz/mpi_expmod_target.cc', 'mpi-expmod'] []
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prtpd.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../fuzz/tls_mutators.cc [] []
/src/nss/out/Debug/../../lib/ssl/ssl3gthr.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/util/quickder.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/base/libc.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/blinit.c [] []
/src/nss/out/Debug/../../lib/base/item.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prlog.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../fuzz/tls_server_target.cc ['dtls-server', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server'] []
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/pratom.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/freebl/ecl/ecp_aff.c [] []
/src/nss/out/Debug/../../fuzz/mpi_helper.cc ['mpi-submod', 'mpi-addmod', 'mpi-invmod', 'mpi-div', '/src/nss/out/Debug/../../fuzz/mpi_addmod_target.cc', '/src/nss/out/Debug/../../fuzz/mpi_sqrmod_target.cc', '/src/nss/out/Debug/../../fuzz/mpi_invmod_target.cc', '/src/nss/out/Debug/../../fuzz/mpi_sqr_target.cc', 'mpi-sqrmod', '/src/nss/out/Debug/../../fuzz/mpi_expmod_target.cc', '/src/nss/out/Debug/../../fuzz/mpi_mulmod_target.cc', 'mpi-mulmod', '/src/nss/out/Debug/../../fuzz/mpi_div_target.cc', 'mpi-sub', 'mpi-mod', 'mpi-add', 'mpi-sqr', 'mpi-expmod', '/src/nss/out/Debug/../../fuzz/mpi_submod_target.cc', '/src/nss/out/Debug/../../fuzz/mpi_sub_target.cc', '/src/nss/out/Debug/../../fuzz/mpi_add_target.cc', '/src/nss/out/Debug/../../fuzz/mpi_mod_target.cc'] []
/src/nss/out/Debug/../../lib/freebl/verified/karamel/krmllib/dist/minimal/fstar_uint128_gcc64.h [] []
/src/nss/out/Debug/../../lib/freebl/verified/Hacl_P521.c [] []
/src/nss/out/Debug/../../lib/pki/pkibase.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/ssl/sslcert.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/cryptohi/dsautil.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/util/utf8.c ['certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/freebl/md2.c [] []
/src/nss/out/Debug/../../lib/base/tracker.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/pki/certdecode.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/pk11wrap/pk11list.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/pk11wrap/debug_module.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/mpi/mpcpucache.c ['mpi-invmod', '/src/nss/out/Debug/../../fuzz/mpi_invmod_target.cc', '/src/nss/out/Debug/../../fuzz/mpi_expmod_target.cc', 'mpi-expmod'] []
/src/nss/out/Debug/../../lib/ssl/dtls13con.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../fuzz/mpi_sqrmod_target.cc ['/src/nss/out/Debug/../../fuzz/mpi_sqrmod_target.cc', 'mpi-sqrmod'] []
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptmisc.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/pki/tdcache.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/verified/Hacl_P256.c [] []
/src/nss/out/Debug/../../lib/nss/nssoptions.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/ecl/curve25519_64.c [] []
/src/nss/out/Debug/../../lib/certhigh/certhigh.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/softoken/sftkpars.c [] []
/src/nss/out/Debug/../../lib/util/templates.c [] []
/src/nss/out/Debug/../../lib/freebl/verified/internal/Hacl_Bignum25519_51.h [] []
/src/nss/out/Debug/../../cpputil/tls_parser.cc [] []
/src/nss/out/Debug/../../lib/freebl/aes-x86.c [] []
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptio.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/ssl/sslerrstrs.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/ssl/sslenum.c [] []
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/uxproces.c [] []
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prcmon.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/ssl/ssltrace.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/ssl/tls13exthandle.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/cryptohi/seckey.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/pk11wrap/pk11err.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/ecdecode.c [] []
/src/nss/out/Debug/../../lib/cryptohi/secsign.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/util/dertime.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nspr/Debug/pr/src/linking/../../../../pr/src/linking/prlink.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/ssl/tls13hashstate.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/kyber.c [] []
/src/nss/out/Debug/../../lib/ssl/ssl3ecc.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../fuzz/tls_socket.h ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prfdcach.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../fuzz/certDN_target.cc ['certDN', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/freebl/verified/Hacl_Chacha20.c [] []
/src/nss/out/Debug/../../lib/freebl/ecl/ecl.c [] []
/src/nss/out/Debug/../../fuzz/mpi_sqr_target.cc ['/src/nss/out/Debug/../../fuzz/mpi_sqr_target.cc', 'mpi-sqr'] []
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prenv.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/dev/devutil.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../fuzz/tls_socket.cc [] []
/src/nss/out/Debug/../../lib/ssl/tls13ech.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/gcm.c [] []
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/praton.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/ecl/ecp_521.c [] []
/src/nss/out/Debug/../../lib/certdb/xauthkid.c [] []
/src/nss/out/Debug/../../lib/freebl/ecl/ecp_256.c [] []
/src/nss/out/Debug/../../lib/freebl/desblapi.c [] []
/src/nss/out/Debug/../../lib/util/nssb64e.c [] []
/src/nss/out/Debug/../../lib/ssl/sslmutex.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/ssl/unix_err.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/pki/cryptocontext.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/unix_errors.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prscanf.c [] []
/src/nss/out/Debug/../../lib/freebl/arcfour.c [] []
/src/nss/out/Debug/../../lib/pk11wrap/pk11load.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/softoken/pkcs11c.c [] []
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prlog2.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/freebl/verified/Hacl_Hash_SHA3.c [] []
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptthread.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/freebl/ecl/ecp_secp256r1.c [] []
/src/nss/out/Debug/../../lib/certhigh/certvfy.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/ecl/ecp_secp521r1_wrap.c [] []
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/unix.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../fuzz/mpi_mulmod_target.cc ['/src/nss/out/Debug/../../fuzz/mpi_mulmod_target.cc', 'mpi-mulmod'] []
/src/nss/out/Debug/../../fuzz/tls_server_config.cc ['dtls-server', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server'] []
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/pripv6.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/mpi/mpprime.c ['mpi-invmod', '/src/nss/out/Debug/../../fuzz/mpi_invmod_target.cc'] []
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prtime.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/pk11wrap/pk11pk12.c ['/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc'] []
/src/nss/out/Debug/../../lib/base/utf8.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/ptsynch.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/base/list.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/sqlite/sqlite3.c [] []
/src/nss/out/Debug/../../lib/ssl/sslnonce.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/util/secport.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/certdb/xconst.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/verified/karamel/krmllib/dist/minimal/FStar_UInt_8_16_32_64.h [] []
/src/nss/out/Debug/../../lib/ssl/sslerr.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/ecl/ecp_jm.c [] []
/src/nss/out/Debug/../../lib/softoken/sftkmessage.c [] []
/src/nss/out/Debug/../../lib/freebl/des.c [] []
/src/nss/out/Debug/../../lib/freebl/verified/Hacl_Chacha20_Vec256.c [] []
/src/nss/out/Debug/../../lib/freebl/dsa.c [] []
/src/nss/out/Debug/../../lib/softoken/sftkpwd.c [] []
/src/nss/out/Debug/../../lib/util/pkcs11uri.c [] []
/src/nss/out/Debug/../../fuzz/mpi_addmod_target.cc ['mpi-addmod', '/src/nss/out/Debug/../../fuzz/mpi_addmod_target.cc'] []
/src/nss/out/Debug/../../lib/base/arena.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/util/oidstring.c ['certDN', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/ssl/sslsock.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/util/secdig.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/mpi/mp_comba.c ['mpi-invmod', 'mpi-div', '/src/nss/out/Debug/../../fuzz/mpi_sqrmod_target.cc', '/src/nss/out/Debug/../../fuzz/mpi_invmod_target.cc', '/src/nss/out/Debug/../../fuzz/mpi_sqr_target.cc', 'mpi-sqrmod', '/src/nss/out/Debug/../../fuzz/mpi_expmod_target.cc', '/src/nss/out/Debug/../../fuzz/mpi_mulmod_target.cc', 'mpi-mulmod', '/src/nss/out/Debug/../../fuzz/mpi_div_target.cc', 'mpi-mod', 'mpi-sqr', 'mpi-expmod', '/src/nss/out/Debug/../../fuzz/mpi_mod_target.cc'] []
/src/nss/out/Debug/../../fuzz/asn1_mutators.cc [] []
/src/nss/out/Debug/../../lib/ssl/sslbloom.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/prrwlock.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/freebl/hmacct.c [] []
/src/nss/out/Debug/../../lib/freebl/det_rng.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/ssl/sslencode.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/ssl/sslsecur.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/verified/Hacl_Poly1305_128.c [] []
/src/nss/out/Debug/../../lib/base/hashops.c [] []
/src/nss/out/Debug/../../lib/freebl/tlsprfalg.c [] []
/src/nss/out/Debug/../../lib/util/utilpars.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/mpi/mplogic.c ['mpi-invmod', '/src/nss/out/Debug/../../fuzz/mpi_invmod_target.cc', '/src/nss/out/Debug/../../fuzz/mpi_expmod_target.cc', 'mpi-expmod'] []
/src/nss/out/Debug/../../lib/pk11wrap/pk11slot.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/softoken/tlsprf.c [] []
/src/nss/out/Debug/../../lib/freebl/ecl/ecp_jac.c [] []
/src/nss/out/Debug/../../lib/certdb/secname.c ['certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/pk11wrap/pk11hpke.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/ssl/tls13replay.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/pk11wrap/pk11skey.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/rsapkcs.c [] []
/src/nss/out/Debug/../../lib/pk11wrap/pk11pqg.c [] []
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strpbrk.c ['certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/util/nssrwlk.c ['certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/usr/include/x86_64-linux-gnu/bits/byteswap.h [] []
/src/nss/out/Debug/../../lib/certdb/stanpcertdb.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/ssl/ssl3ext.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/rsa.c [] []
/src/nss/out/Debug/../../lib/ssl/sslprimitive.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/verified/../Hacl_Hash_SHA2_shim.h [] []
/src/nss/out/Debug/../../lib/util/secasn1e.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prsystem.c [] []
/src/nss/out/Debug/../../lib/ssl/dtlscon.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nspr/Debug/pr/src/md/../../../../pr/src/md/prosdep.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/util/nssb64d.c [] []
/src/nss/out/Debug/../../cpputil/nss_scoped_ptrs.h [] []
/src/nss/out/Debug/../../lib/freebl/ecl/ecp_secp521r1.c [] []
/src/nss/out/Debug/../../lib/pk11wrap/pk11cert.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../fuzz/tls_client_target.cc ['dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/md5.c [] []
/src/nss/out/Debug/../../lib/pk11wrap/pk11util.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/verified/Hacl_Chacha20Poly1305_256.c [] []
/src/nss/out/Debug/../../lib/freebl/ec.c [] []
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prinrval.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/softoken/sftkdb.c [] []
/src/nss/out/Debug/../../lib/freebl/alghmac.c [] []
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prlayer.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/freebl/verified/Hacl_Poly1305_32.c [] []
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/pripc.c [] []
/src/nss/out/Debug/../../fuzz/mpi_add_target.cc ['mpi-add', '/src/nss/out/Debug/../../fuzz/mpi_add_target.cc'] []
/src/nss/out/Debug/../../fuzz/mpi_expmod_target.cc ['/src/nss/out/Debug/../../fuzz/mpi_expmod_target.cc', 'mpi-expmod'] []
/src/nss/out/Debug/../../lib/freebl/ecl/ecp_256_32.c [] []
/src/nss/out/Debug/../../lib/softoken/fipsaudt.c [] []
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/base64.c [] []
/src/nss/out/Debug/../../lib/pk11wrap/pk11obj.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/ssl/tls13hkdf.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/pki/pkistore.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/ssl/sslspec.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/camellia.c [] []
/src/nss/out/Debug/../../lib/pki/trustdomain.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/util/derenc.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nspr/Debug/lib/ds/../../../lib/ds/plhash.c ['certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/certdb/certv3.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/ssl/sslinit.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../fuzz/pkcs8_target.cc ['/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc'] []
/src/nss/out/Debug/../../lib/ssl/ssl3exthandle.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../fuzz/tls_common.cc ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prinit.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../fuzz/mpi_mod_target.cc ['mpi-mod', '/src/nss/out/Debug/../../fuzz/mpi_mod_target.cc'] []
/src/nss/out/Debug/../../lib/pkcs7/certread.c [] []
/src/nss/out/Debug/../../lib/ssl/sslauth.c ['dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/certhigh/crlv2.c [] []
/src/nss/out/Debug/../../lib/freebl/verified/Hacl_Poly1305_256.c [] []
/src/nss/out/Debug/../../fuzz/mpi_submod_target.cc ['mpi-submod', '/src/nss/out/Debug/../../fuzz/mpi_submod_target.cc'] []
/src/nss/out/Debug/../../lib/nss/nssinit.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/mpi/mpi_amd64.c ['mpi-invmod', '/src/nss/out/Debug/../../fuzz/mpi_invmod_target.cc', '/src/nss/out/Debug/../../fuzz/mpi_expmod_target.cc', 'mpi-expmod'] []
/src/nss/out/Debug/../../lib/util/errstrs.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/sha_fast.c [] []
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strcase.c ['certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/certdb/certxutl.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/mpi/mpi.c ['mpi-submod', 'mpi-addmod', 'mpi-invmod', 'mpi-div', '/src/nss/out/Debug/../../fuzz/mpi_addmod_target.cc', '/src/nss/out/Debug/../../fuzz/mpi_sqrmod_target.cc', '/src/nss/out/Debug/../../fuzz/mpi_invmod_target.cc', '/src/nss/out/Debug/../../fuzz/mpi_sqr_target.cc', 'mpi-sqrmod', '/src/nss/out/Debug/../../fuzz/mpi_expmod_target.cc', '/src/nss/out/Debug/../../fuzz/mpi_mulmod_target.cc', 'mpi-mulmod', '/src/nss/out/Debug/../../fuzz/mpi_div_target.cc', 'mpi-sub', 'mpi-mod', 'mpi-add', 'mpi-sqr', 'mpi-expmod', '/src/nss/out/Debug/../../fuzz/mpi_submod_target.cc', '/src/nss/out/Debug/../../fuzz/mpi_sub_target.cc', '/src/nss/out/Debug/../../fuzz/mpi_add_target.cc', '/src/nss/out/Debug/../../fuzz/mpi_mod_target.cc'] []
/src/nss/out/Debug/../../lib/softoken/fipstokn.c [] []
/src/nss/out/Debug/../../lib/pk11wrap/pk11auth.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/ssl/tls13con.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/softoken/sdb.c [] []
/src/nss/out/Debug/../../lib/util/portreg.c [] []
/src/nss/out/Debug/../../lib/util/sectime.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/pk11wrap/pk11nobj.c [] []
/src/nss/out/Debug/../../lib/util/secasn1u.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/freebl/sha3.c [] []
/src/nss/out/Debug/../../lib/util/dersubr.c ['certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/ssl/sslgrp.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/certdb/crl.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/softoken/sftkike.c [] []
/src/nss/out/Debug/../../cpputil/databuffer.h [] []
/src/nss/out/Debug/../../lib/freebl/rawhash.c [] []
/src/nss/out/Debug/../../lib/pk11wrap/pk11akey.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/ssl/tls13subcerts.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/certhigh/certhtml.c [] []
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prmapopt.c [] []
/src/nss/out/Debug/../../lib/util/secasn1d.c ['/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc'] []
/src/nss/out/Debug/../../lib/freebl/ctr.c [] []
/src/nss/out/Debug/../../lib/pk11wrap/pk11sdr.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/softoken/pkcs11u.c [] []
/src/nss/out/Debug/../../lib/freebl/chacha20poly1305.c [] []
/src/nss/out/Debug/../../lib/ssl/sslsnce.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/certdb/xbsconst.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prmmap.c ['dtls-server', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server'] []
/src/nss/out/Debug/../../lib/pk11wrap/pk11cxt.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../cpputil/dummy_io_fwd.cc [] []
/src/nspr/Debug/pr/src/malloc/../../../../pr/src/malloc/prmem.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/softoken/sftkhmac.c [] []
/src/nss/out/Debug/../../lib/dev/devslot.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/mpi/mp_gf2m.c [] []
/src/nss/out/Debug/../../cpputil/databuffer.cc [] []
/src/nss/out/Debug/../../lib/freebl/sha256-x86.c [] []
/src/nss/out/Debug/../../lib/ssl/tls13echv.c [] []
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/prerr.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/base/hash.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/util/secitem.c ['certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../fuzz/tls_server_certs.cc [] []
/src/nss/out/Debug/../../lib/certdb/alg1485.c ['certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/priometh.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/pk11wrap/dev3hack.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/ssl/ssl3con.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/strcpy.c [] []
/src/nss/out/Debug/../../lib/freebl/ecl/ec_naf.c [] []
/src/nss/out/Debug/../../lib/ssl/selfencrypt.c ['dtls-server', 'dtls-client-no_fuzzer_mode', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/verified/Hacl_Chacha20Poly1305_32.c [] []
/src/nss/out/Debug/../../lib/freebl/pqg.c [] []
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/prprf.c ['quickder', 'certDN', 'dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', '/src/nss/out/Debug/../../fuzz/quickder_target.cc', 'tls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/certDN_target.cc'] []
/src/nss/out/Debug/../../lib/certdb/polcyxtn.c ['dtls-server', 'dtls-client-no_fuzzer_mode', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', '/src/nss/out/Debug/../../fuzz/pkcs8_target.cc', 'tls-client', 'dtls-client', 'dtls-server-no_fuzzer_mode', 'tls-server-no_fuzzer_mode', 'tls-server', 'tls-client-no_fuzzer_mode'] []
/src/nss/out/Debug/../../lib/freebl/verified/Hacl_Ed25519.c [] []

Directories in report

Directory
/src/nss/out/Debug/../../lib/freebl/verified/../
/src/nss/out/Debug/../../cpputil/
/src/nss/out/Debug/../../lib/freebl/ecl/
/src/nspr/Debug/pr/src/md/../../../../pr/src/md/
/src/nss/out/Debug/../../lib/pki/
/src/nss/out/Debug/../../lib/freebl/
/src/nss/out/Debug/../../lib/ssl/
/src/nss/out/Debug/../../lib/freebl/verified/karamel/include/krml/
/src/nspr/Debug/lib/ds/../../../lib/ds/
/src/nss/out/Debug/../../lib/freebl/mpi/
/src/nss/out/Debug/../../lib/pkcs7/
/src/nss/out/Debug/../../lib/util/
/src/nss/out/Debug/../../lib/certhigh/
/src/nss/out/Debug/../../lib/softoken/
/src/nss/out/Debug/../../lib/freebl/deprecated/
/src/nspr/Debug/pr/src/memory/../../../../pr/src/memory/
/src/nss/out/Debug/../../lib/pk11wrap/
/src/nspr/Debug/pr/src/linking/../../../../pr/src/linking/
/src/nspr/Debug/pr/src/pthreads/../../../../pr/src/pthreads/
/src/nspr/Debug/pr/src/md/unix/../../../../../pr/src/md/unix/
/src/nss/out/Debug/../../lib/freebl/verified/internal/
/src/nss/out/Debug/../../lib/freebl/verified/karamel/krmllib/dist/minimal/
/src/nss/out/Debug/../../lib/sqlite/
/usr/local/bin/../include/c++/v1/
/src/nspr/Debug/pr/src/threads/../../../../pr/src/threads/
/src/nss/out/Debug/../../lib/certdb/
/src/nspr/Debug/lib/libc/src/../../../../lib/libc/src/
/src/nspr/Debug/pr/src/io/../../../../pr/src/io/
/src/nss/out/Debug/../../lib/dev/
/src/nss/out/Debug/../../lib/nss/
/src/nss/out/Debug/../../lib/freebl/verified/
/src/nspr/Debug/pr/src/malloc/../../../../pr/src/malloc/
/src/nspr/Debug/pr/src/misc/../../../../pr/src/misc/
/src/nss/out/Debug/../../lib/cryptohi/
/usr/include/x86_64-linux-gnu/bits/
/src/nss/out/Debug/../../fuzz/
/src/nss/out/Debug/../../lib/base/

Metadata section

This sections shows the raw data that is used to produce this report. This is mainly used for further processing and developer debugging.

Fuzzer Calltree file Program data file Coverage file
mpi-submod fuzzerLogFile-0-HLFyfi1Glk.data fuzzerLogFile-0-HLFyfi1Glk.data.yaml mpi-submod.covreport
mpi-addmod fuzzerLogFile-0-V1vXiS1Zmw.data fuzzerLogFile-0-V1vXiS1Zmw.data.yaml mpi-addmod.covreport
mpi-invmod fuzzerLogFile-0-6rtYpv5YXn.data fuzzerLogFile-0-6rtYpv5YXn.data.yaml mpi-invmod.covreport
mpi-div fuzzerLogFile-0-jVAtU1MtxF.data fuzzerLogFile-0-jVAtU1MtxF.data.yaml mpi-div.covreport
quickder fuzzerLogFile-0-kUnVkH25XK.data fuzzerLogFile-0-kUnVkH25XK.data.yaml quickder.covreport
certDN fuzzerLogFile-0-vQ4YVzDpgV.data fuzzerLogFile-0-vQ4YVzDpgV.data.yaml certDN.covreport
dtls-server fuzzerLogFile-0-hifYqy82hD.data fuzzerLogFile-0-hifYqy82hD.data.yaml dtls-server.covreport
/src/nss/out/Debug/../../fuzz/mpi_addmod_target.cc fuzzerLogFile-0-6Bs7DNz31c.data fuzzerLogFile-0-6Bs7DNz31c.data.yaml mpi-mod.covreport , mpi-addmod.covreport , mpi-mulmod.covreport , dtls-client-no_fuzzer_mode.covreport , tls-server-no_fuzzer_mode.covreport , mpi-invmod.covreport , tls-client-no_fuzzer_mode.covreport , mpi-add.covreport , mpi-sqrmod.covreport , certDN.covreport , mpi-div.covreport , quickder.covreport , mpi-submod.covreport , tls-server.covreport , dtls-server.covreport , dtls-server-no_fuzzer_mode.covreport , mpi-sub.covreport , mpi-expmod.covreport , dtls-client.covreport , mpi-sqr.covreport , tls-client.covreport
/src/nss/out/Debug/../../fuzz/mpi_sqrmod_target.cc fuzzerLogFile-0-wldvV0upLJ.data fuzzerLogFile-0-wldvV0upLJ.data.yaml mpi-mod.covreport , mpi-addmod.covreport , mpi-mulmod.covreport , dtls-client-no_fuzzer_mode.covreport , tls-server-no_fuzzer_mode.covreport , mpi-invmod.covreport , tls-client-no_fuzzer_mode.covreport , mpi-add.covreport , mpi-sqrmod.covreport , certDN.covreport , mpi-div.covreport , quickder.covreport , mpi-submod.covreport , tls-server.covreport , dtls-server.covreport , dtls-server-no_fuzzer_mode.covreport , mpi-sub.covreport , mpi-expmod.covreport , dtls-client.covreport , mpi-sqr.covreport , tls-client.covreport
/src/nss/out/Debug/../../fuzz/mpi_invmod_target.cc fuzzerLogFile-0-LHPFZbt76T.data fuzzerLogFile-0-LHPFZbt76T.data.yaml mpi-mod.covreport , mpi-addmod.covreport , mpi-mulmod.covreport , dtls-client-no_fuzzer_mode.covreport , tls-server-no_fuzzer_mode.covreport , mpi-invmod.covreport , tls-client-no_fuzzer_mode.covreport , mpi-add.covreport , mpi-sqrmod.covreport , certDN.covreport , mpi-div.covreport , quickder.covreport , mpi-submod.covreport , tls-server.covreport , dtls-server.covreport , dtls-server-no_fuzzer_mode.covreport , mpi-sub.covreport , mpi-expmod.covreport , dtls-client.covreport , mpi-sqr.covreport , tls-client.covreport
/src/nss/out/Debug/../../fuzz/mpi_sqr_target.cc fuzzerLogFile-0-UHqdAAVyEg.data fuzzerLogFile-0-UHqdAAVyEg.data.yaml mpi-mod.covreport , mpi-addmod.covreport , mpi-mulmod.covreport , dtls-client-no_fuzzer_mode.covreport , tls-server-no_fuzzer_mode.covreport , mpi-invmod.covreport , tls-client-no_fuzzer_mode.covreport , mpi-add.covreport , mpi-sqrmod.covreport , certDN.covreport , mpi-div.covreport , quickder.covreport , mpi-submod.covreport , tls-server.covreport , dtls-server.covreport , dtls-server-no_fuzzer_mode.covreport , mpi-sub.covreport , mpi-expmod.covreport , dtls-client.covreport , mpi-sqr.covreport , tls-client.covreport
mpi-sqrmod fuzzerLogFile-0-nEyVMMq0xR.data fuzzerLogFile-0-nEyVMMq0xR.data.yaml mpi-sqrmod.covreport
/src/nss/out/Debug/../../fuzz/mpi_expmod_target.cc fuzzerLogFile-0-mM3Tw1vur3.data fuzzerLogFile-0-mM3Tw1vur3.data.yaml mpi-mod.covreport , mpi-addmod.covreport , mpi-mulmod.covreport , dtls-client-no_fuzzer_mode.covreport , tls-server-no_fuzzer_mode.covreport , mpi-invmod.covreport , tls-client-no_fuzzer_mode.covreport , mpi-add.covreport , mpi-sqrmod.covreport , certDN.covreport , mpi-div.covreport , quickder.covreport , mpi-submod.covreport , tls-server.covreport , dtls-server.covreport , dtls-server-no_fuzzer_mode.covreport , mpi-sub.covreport , mpi-expmod.covreport , dtls-client.covreport , mpi-sqr.covreport , tls-client.covreport
/src/nss/out/Debug/../../fuzz/mpi_mulmod_target.cc fuzzerLogFile-0-ZwaXdYaqNO.data fuzzerLogFile-0-ZwaXdYaqNO.data.yaml mpi-mod.covreport , mpi-addmod.covreport , mpi-mulmod.covreport , dtls-client-no_fuzzer_mode.covreport , tls-server-no_fuzzer_mode.covreport , mpi-invmod.covreport , tls-client-no_fuzzer_mode.covreport , mpi-add.covreport , mpi-sqrmod.covreport , certDN.covreport , mpi-div.covreport , quickder.covreport , mpi-submod.covreport , tls-server.covreport , dtls-server.covreport , dtls-server-no_fuzzer_mode.covreport , mpi-sub.covreport , mpi-expmod.covreport , dtls-client.covreport , mpi-sqr.covreport , tls-client.covreport
mpi-mulmod fuzzerLogFile-0-GmeKDJXxKc.data fuzzerLogFile-0-GmeKDJXxKc.data.yaml mpi-mulmod.covreport
dtls-client-no_fuzzer_mode fuzzerLogFile-0-2HTHcmX2Of.data fuzzerLogFile-0-2HTHcmX2Of.data.yaml dtls-client-no_fuzzer_mode.covreport
/src/nss/out/Debug/../../fuzz/mpi_div_target.cc fuzzerLogFile-0-KWQxUo8Tt5.data fuzzerLogFile-0-KWQxUo8Tt5.data.yaml mpi-mod.covreport , mpi-addmod.covreport , mpi-mulmod.covreport , dtls-client-no_fuzzer_mode.covreport , tls-server-no_fuzzer_mode.covreport , mpi-invmod.covreport , tls-client-no_fuzzer_mode.covreport , mpi-add.covreport , mpi-sqrmod.covreport , certDN.covreport , mpi-div.covreport , quickder.covreport , mpi-submod.covreport , tls-server.covreport , dtls-server.covreport , dtls-server-no_fuzzer_mode.covreport , mpi-sub.covreport , mpi-expmod.covreport , dtls-client.covreport , mpi-sqr.covreport , tls-client.covreport
/src/nss/out/Debug/../../fuzz/pkcs8_target.cc fuzzerLogFile-0-h1jwThKqYk.data fuzzerLogFile-0-h1jwThKqYk.data.yaml mpi-mod.covreport , mpi-addmod.covreport , mpi-mulmod.covreport , dtls-client-no_fuzzer_mode.covreport , tls-server-no_fuzzer_mode.covreport , mpi-invmod.covreport , tls-client-no_fuzzer_mode.covreport , mpi-add.covreport , mpi-sqrmod.covreport , certDN.covreport , mpi-div.covreport , quickder.covreport , mpi-submod.covreport , tls-server.covreport , dtls-server.covreport , dtls-server-no_fuzzer_mode.covreport , mpi-sub.covreport , mpi-expmod.covreport , dtls-client.covreport , mpi-sqr.covreport , tls-client.covreport
/src/nss/out/Debug/../../fuzz/pkcs8_target.cc fuzzerLogFile-0-CQwmeDr9GR.data fuzzerLogFile-0-CQwmeDr9GR.data.yaml mpi-mod.covreport , mpi-addmod.covreport , mpi-mulmod.covreport , dtls-client-no_fuzzer_mode.covreport , tls-server-no_fuzzer_mode.covreport , mpi-invmod.covreport , tls-client-no_fuzzer_mode.covreport , mpi-add.covreport , mpi-sqrmod.covreport , certDN.covreport , mpi-div.covreport , quickder.covreport , mpi-submod.covreport , tls-server.covreport , dtls-server.covreport , dtls-server-no_fuzzer_mode.covreport , mpi-sub.covreport , mpi-expmod.covreport , dtls-client.covreport , mpi-sqr.covreport , tls-client.covreport
mpi-sub fuzzerLogFile-0-uXY41Uthx2.data fuzzerLogFile-0-uXY41Uthx2.data.yaml mpi-sub.covreport
mpi-mod fuzzerLogFile-0-hd17jBOTOo.data fuzzerLogFile-0-hd17jBOTOo.data.yaml mpi-mod.covreport
mpi-add fuzzerLogFile-0-hmGRBUJYPC.data fuzzerLogFile-0-hmGRBUJYPC.data.yaml mpi-add.covreport
mpi-sqr fuzzerLogFile-0-GPmHyQNEyf.data fuzzerLogFile-0-GPmHyQNEyf.data.yaml mpi-sqr.covreport
mpi-expmod fuzzerLogFile-0-wnu8Etokis.data fuzzerLogFile-0-wnu8Etokis.data.yaml mpi-expmod.covreport
tls-client fuzzerLogFile-0-EYvag5rmXL.data fuzzerLogFile-0-EYvag5rmXL.data.yaml tls-client.covreport
/src/nss/out/Debug/../../fuzz/mpi_submod_target.cc fuzzerLogFile-0-hWyXcNaSNj.data fuzzerLogFile-0-hWyXcNaSNj.data.yaml mpi-mod.covreport , mpi-addmod.covreport , mpi-mulmod.covreport , dtls-client-no_fuzzer_mode.covreport , tls-server-no_fuzzer_mode.covreport , mpi-invmod.covreport , tls-client-no_fuzzer_mode.covreport , mpi-add.covreport , mpi-sqrmod.covreport , certDN.covreport , mpi-div.covreport , quickder.covreport , mpi-submod.covreport , tls-server.covreport , dtls-server.covreport , dtls-server-no_fuzzer_mode.covreport , mpi-sub.covreport , mpi-expmod.covreport , dtls-client.covreport , mpi-sqr.covreport , tls-client.covreport
dtls-client fuzzerLogFile-0-fhZDmfhk7s.data fuzzerLogFile-0-fhZDmfhk7s.data.yaml dtls-client.covreport
dtls-server-no_fuzzer_mode fuzzerLogFile-0-zulnf0Z1nJ.data fuzzerLogFile-0-zulnf0Z1nJ.data.yaml dtls-server-no_fuzzer_mode.covreport
/src/nss/out/Debug/../../fuzz/mpi_sub_target.cc fuzzerLogFile-0-tqXpi8UR4i.data fuzzerLogFile-0-tqXpi8UR4i.data.yaml mpi-mod.covreport , mpi-addmod.covreport , mpi-mulmod.covreport , dtls-client-no_fuzzer_mode.covreport , tls-server-no_fuzzer_mode.covreport , mpi-invmod.covreport , tls-client-no_fuzzer_mode.covreport , mpi-add.covreport , mpi-sqrmod.covreport , certDN.covreport , mpi-div.covreport , quickder.covreport , mpi-submod.covreport , tls-server.covreport , dtls-server.covreport , dtls-server-no_fuzzer_mode.covreport , mpi-sub.covreport , mpi-expmod.covreport , dtls-client.covreport , mpi-sqr.covreport , tls-client.covreport
/src/nss/out/Debug/../../fuzz/mpi_add_target.cc fuzzerLogFile-0-Yuyv8SRUj2.data fuzzerLogFile-0-Yuyv8SRUj2.data.yaml mpi-mod.covreport , mpi-addmod.covreport , mpi-mulmod.covreport , dtls-client-no_fuzzer_mode.covreport , tls-server-no_fuzzer_mode.covreport , mpi-invmod.covreport , tls-client-no_fuzzer_mode.covreport , mpi-add.covreport , mpi-sqrmod.covreport , certDN.covreport , mpi-div.covreport , quickder.covreport , mpi-submod.covreport , tls-server.covreport , dtls-server.covreport , dtls-server-no_fuzzer_mode.covreport , mpi-sub.covreport , mpi-expmod.covreport , dtls-client.covreport , mpi-sqr.covreport , tls-client.covreport
/src/nss/out/Debug/../../fuzz/mpi_mod_target.cc fuzzerLogFile-0-0dIr1NFHCa.data fuzzerLogFile-0-0dIr1NFHCa.data.yaml mpi-mod.covreport , mpi-addmod.covreport , mpi-mulmod.covreport , dtls-client-no_fuzzer_mode.covreport , tls-server-no_fuzzer_mode.covreport , mpi-invmod.covreport , tls-client-no_fuzzer_mode.covreport , mpi-add.covreport , mpi-sqrmod.covreport , certDN.covreport , mpi-div.covreport , quickder.covreport , mpi-submod.covreport , tls-server.covreport , dtls-server.covreport , dtls-server-no_fuzzer_mode.covreport , mpi-sub.covreport , mpi-expmod.covreport , dtls-client.covreport , mpi-sqr.covreport , tls-client.covreport
tls-server-no_fuzzer_mode fuzzerLogFile-0-0i3q0pHoLR.data fuzzerLogFile-0-0i3q0pHoLR.data.yaml tls-server-no_fuzzer_mode.covreport
tls-server fuzzerLogFile-0-bHgooWBCbn.data fuzzerLogFile-0-bHgooWBCbn.data.yaml tls-server.covreport
/src/nss/out/Debug/../../fuzz/quickder_target.cc fuzzerLogFile-0-9SIMUNvqEd.data fuzzerLogFile-0-9SIMUNvqEd.data.yaml mpi-mod.covreport , mpi-addmod.covreport , mpi-mulmod.covreport , dtls-client-no_fuzzer_mode.covreport , tls-server-no_fuzzer_mode.covreport , mpi-invmod.covreport , tls-client-no_fuzzer_mode.covreport , mpi-add.covreport , mpi-sqrmod.covreport , certDN.covreport , mpi-div.covreport , quickder.covreport , mpi-submod.covreport , tls-server.covreport , dtls-server.covreport , dtls-server-no_fuzzer_mode.covreport , mpi-sub.covreport , mpi-expmod.covreport , dtls-client.covreport , mpi-sqr.covreport , tls-client.covreport
tls-client-no_fuzzer_mode fuzzerLogFile-0-xwn8RkeOom.data fuzzerLogFile-0-xwn8RkeOom.data.yaml tls-client-no_fuzzer_mode.covreport
/src/nss/out/Debug/../../fuzz/certDN_target.cc fuzzerLogFile-0-ziP47Xjzl5.data fuzzerLogFile-0-ziP47Xjzl5.data.yaml mpi-mod.covreport , mpi-addmod.covreport , mpi-mulmod.covreport , dtls-client-no_fuzzer_mode.covreport , tls-server-no_fuzzer_mode.covreport , mpi-invmod.covreport , tls-client-no_fuzzer_mode.covreport , mpi-add.covreport , mpi-sqrmod.covreport , certDN.covreport , mpi-div.covreport , quickder.covreport , mpi-submod.covreport , tls-server.covreport , dtls-server.covreport , dtls-server-no_fuzzer_mode.covreport , mpi-sub.covreport , mpi-expmod.covreport , dtls-client.covreport , mpi-sqr.covreport , tls-client.covreport