The followings are the branches where fuzzer fails to bypass.
| Unique non-covered Complexity | Unique Reachable Complexities | Unique Reachable Functions | All non-covered Complexity | All Reachable Complexity | Function Name | Function Callsite | Blocked Branch |
|---|---|---|---|---|---|---|---|
| 2031 | 2031 |
1 :
['perfetto::TracingServiceImpl::ReadBuffersIntoFile(unsigned long)'] |
2031 | 2064 | perfetto::TracingServiceImpl::DisableTracingNotifyConsumerAndFlushFile(perfetto::TracingServiceImpl::TracingSession*) | call site: 00000 | /work/build/../../src/perfetto/src/tracing/service/tracing_service_impl.cc:1864 |
| 728 | 810 |
17 :
['perfetto::base::FlatSet
|
817 | 903 | perfetto::CpuReader::Bundler::FinalizeAndRunSymbolizer() | call site: 00000 | /work/build/../../src/perfetto/src/traced/probes/ftrace/cpu_reader.cc:358 |
| 401 | 401 |
1 :
['ZSTD_decompressSequencesLong'] |
401 | 401 | ZSTD_decompressBlock_internal | call site: 00000 | /work/build/../../src/perfetto/buildtools/zstd/lib/decompress/zstd_decompress_block.c:2142 |
| 382 | 382 |
1 :
['HUF_decompress4X_hufOnly_wksp'] |
382 | 382 | ZSTD_decodeLiteralsBlock | call site: 00000 | /work/build/../../src/perfetto/buildtools/zstd/lib/decompress/zstd_decompress_block.c:196 |
| 366 | 366 |
1 :
['ZSTD_decompressSequencesSplitLitBuffer'] |
366 | 366 | ZSTD_decompressBlock_internal | call site: 00000 | /work/build/../../src/perfetto/buildtools/zstd/lib/decompress/zstd_decompress_block.c:2154 |
| 286 | 286 |
1 :
['perfetto::TracingServiceImpl::PeriodicFlushTask(unsigned long, bool)'] |
328 | 930 | perfetto::TracingServiceImpl::StartTracing(unsignedlong) | call site: 00000 | /work/build/../../src/perfetto/src/tracing/service/tracing_service_impl.cc:1340 |
| 271 | 271 |
2 :
['ERR_isError.43961', 'ZSTD_decompress_insertDictionary'] |
271 | 271 | ZSTD_decompressBegin_usingDict | call site: 00000 | /work/build/../../src/perfetto/buildtools/zstd/lib/decompress/zstd_decompress.c:1563 |
| 261 | 261 |
2 :
['HUF_decompress1X_usingDTable', 'HUF_decompress4X_usingDTable'] |
261 | 261 | ZSTD_decodeLiteralsBlock | call site: 00000 | /work/build/../../src/perfetto/buildtools/zstd/lib/decompress/zstd_decompress_block.c:184 |
| 238 | 238 |
5 :
['_ZNSt3__16get_ifB8nn180100INS_6vectorIjNS_9allocatorIjEEEEJN8perfetto15trace_processor6RowMap5RangeENS6_9BitVectorES4_EEEu13__add_pointerIKT_EPKNS_7variantIJDpT0_EEE', 'perfetto::trace_processor::RowMap::NoVariantMatched()', 'std::__1::vector
|
238 | 238 | perfetto::trace_processor::RowMap::Get(unsignedint)const | call site: 00000 | /work/build/../../src/perfetto/src/trace_processor/containers/row_map.h:220 |
| 218 | 220 |
5 :
['perfetto::trace_processor::RowMap::InsertIntoBitVector(perfetto::trace_processor::BitVector&, unsigned int)', 'perfetto::trace_processor::BitVector::~BitVector()', 'perfetto::trace_processor::BitVector::Resize(unsigned int, bool)', 'perfetto::trace_processor::BitVector::BitVector()', '_ZNSt3__17variantIJN8perfetto15trace_processor6RowMap5RangeENS2_9BitVectorENS_6vectorIjNS_9allocatorIjEEEEEEaSB8nn180100IS5_TnNS_9enable_ifIXnt9is_same_vIu14__remove_cvrefIT_ESA_EEiE4typeELi0ES5_Lm1ETnNSC_IXaa15is_assignable_vIRT1_SD_E18is_constructible_vISH_SD_EEiE4typeELi0EEERSA_OSD_'] |
218 | 220 | perfetto::trace_processor::RowMap::Insert(unsignedint) | call site: 00000 | /work/build/../../src/perfetto/src/trace_processor/containers/row_map.h:302 |
| 218 | 218 |
1 :
['perfetto::trace_processor::TrackEventParser::EventImporter::ParseCounterEvent()'] |
218 | 218 | perfetto::trace_processor::TrackEventParser::EventImporter::Import() | call site: 00000 | /work/build/../../src/perfetto/src/trace_processor/importers/proto/track_event_parser.cc:234 |
| 156 | 212 |
10 :
['unwindstack::MapInfo::offset() const', 'unwindstack::MapInfo::end() const', 'unwindstack::MapInfo::set_elf_start_offset(unsigned long)', 'unwindstack::Elf::IsValidElf(unwindstack::Memory*)', 'unwindstack::MapInfo::InitFileMemoryFromPreviousReadOnlyMap(unwindstack::MemoryFileAtOffset*)', 'unsigned long const& std::__1::max[abi:nn180100]
|
201 | 497 | unwindstack::MapInfo::CreateFileMemory() | call site: 00000 | /work/build/../../src/perfetto/buildtools/android-unwinding/libunwindstack/MapInfo.cpp:111 |
LLVMFuzzerTestOneInput
[function]
[call site]
00000
protozero::(anonymous namespace)::FuzzProtoDecoder(unsigned char const*, unsigned long)
[function]
[call site]
00001
protozero::ProtoDecoder::ProtoDecoder(void const*, unsigned long)
[function]
[call site]
00002
protozero::ProtoDecoder::ReadField()
[function]
[call site]
00003
protozero::(anonymous namespace)::ParseOneField(unsigned char const*, unsigned char const*)
[function]
[call site]
00004
protozero::proto_utils::ParseVarInt(unsigned char const*, unsigned char const*, unsigned long*)
[function]
[call site]
00005
PerfettoPbParseVarInt(unsigned char const*, unsigned char const*, unsigned long*)
[function]
[call site]
00006
protozero::proto_utils::ParseVarInt(unsigned char const*, unsigned char const*, unsigned long*)
[function]
[call site]
00007
protozero::proto_utils::ParseVarInt(unsigned char const*, unsigned char const*, unsigned long*)
[function]
[call site]
00008
void perfetto::base::ignore_result<char [29], unsigned char>(char const (&) [29], unsigned char const&)
[function]
[call site]
00009
void perfetto::base::ignore_result<char [38], unsigned int, unsigned int>(char const (&) [38], unsigned int const&, unsigned int const&)
[function]
[call site]
00010
void perfetto::base::ignore_result<char [48], unsigned int, unsigned long>(char const (&) [48], unsigned int const&, unsigned long const&)
[function]
[call site]
00011
protozero::Field::initialize(unsigned int, unsigned char, unsigned long, unsigned int)
[function]
[call site]
00012
protozero::Field::valid() const
[function]
[call site]
00013
protozero::Field::raw_int_value() const
[function]
[call site]
00014
protozero::TypedProtoDecoder<1, false>::TypedProtoDecoder(unsigned char const*, unsigned long)
[function]
[call site]
00015
protozero::TypedProtoDecoderBase::TypedProtoDecoderBase(protozero::Field*, unsigned int, unsigned int, unsigned char const*, unsigned long)
[function]
[call site]
00016
protozero::ProtoDecoder::ProtoDecoder(void const*, unsigned long)
[function]
[call site]
00017
protozero::TypedProtoDecoderBase::ParseAllFields()
[function]
[call site]
00018
protozero::(anonymous namespace)::ParseOneField(unsigned char const*, unsigned char const*)
[function]
[call site]
00019
protozero::Field::id() const
[function]
[call site]
00020
protozero::TypedProtoDecoderBase::ExpandHeapStorage()
[function]
[call site]
00021
perfetto::base::Basename(char const*)
[function]
[call site]
00022
perfetto::base::StrEnd(char const*)
[function]
[call site]
00023
perfetto::base::StrEnd(char const*)
[function]
[call site]
00024
perfetto::base::BasenameRecursive(char const*, char const*, char const*)
[function]
[call site]
00025
perfetto::base::BasenameRecursive(char const*, char const*, char const*)
[function]
[call site]
00026
__errno_location
[call site]
00027
strerror
[call site]
00028
perfetto::base::LogMessage(perfetto::base::LogLev, char const*, int, char const*, ...)
[function]
[call site]
00029
vsnprintf
[call site]
00030
snprintf
[call site]
00031
__cxa_guard_acquire
[call site]
00032
isatty
[call site]
00033
__cxa_guard_release
[call site]
00034
perfetto::base::StackString<10ul>::StackString(char const*, ...)
[function]
[call site]
00035
vsnprintf
[call site]
00036
strlen
[call site]
00037
perfetto::base::StackString<10ul>::len() const
[function]
[call site]
00038
perfetto::base::StackString<10ul>::c_str() const
[function]
[call site]
00039
perfetto::base::StackString<24ul>::StackString(char const*, ...)
[function]
[call site]
00040
perfetto::base::GetWallTimeMs()
[function]
[call site]
00041
perfetto::base::GetWallTimeNs()
[function]
[call site]
00042
perfetto::base::GetTimeInternalNs(int)
[function]
[call site]
00043
clock_gettime
[call site]
00044
perfetto::base::Basename(char const*)
[function]
[call site]
00045
__errno_location
[call site]
00046
strerror
[call site]
00047
perfetto::base::LogMessage(perfetto::base::LogLev, char const*, int, char const*, ...)
[function]
[call site]
00048
perfetto::base::StackString<32ul>::StackString(char const*, ...)
[function]
[call site]
00049
perfetto::base::StackString<32ul>::c_str() const
[function]
[call site]
00050
perfetto::base::StackString<24ul>::c_str() const
[function]
[call site]
00051
fprintf
[call site]
00052
perfetto::base::StackString<32ul>::c_str() const
[function]
[call site]
00053
perfetto::base::StackString<24ul>::c_str() const
[function]
[call site]
00054
fprintf
[call site]
00055
perfetto::base::StackString<32ul>::string_view() const
[function]
[call site]
00056
perfetto::base::StringView::StringView(char const*, unsigned long)
[function]
[call site]
00057
perfetto::base::StackString<24ul>::string_view() const
[function]
[call site]
00058
perfetto::base::StringView::StringView(char const*, unsigned long)
[function]
[call site]
00059
perfetto::base::LogRingBuffer::Append(perfetto::base::StringView, perfetto::base::StringView, perfetto::base::StringView)
[function]
[call site]
00060
perfetto::base::StringView::size() const
[function]
[call site]
00061
perfetto::base::StringView::data() const
[function]
[call site]
00062
perfetto::base::StringView::size() const
[function]
[call site]
00063
perfetto::base::StringView::data() const
[function]
[call site]
00064
perfetto::base::StringView::size() const
[function]
[call site]
00065
perfetto::base::StringView::data() const
[function]
[call site]
00066
snprintf
[call site]
00067
perfetto::base::MaybeSerializeLastLogsForCrashReporting()
[function]
[call site]
00068
perfetto::base::SerializeCrashKeys(char*, unsigned long)
[function]
[call site]
00069
perfetto::base::CrashKey::ToString(char*, unsigned long)
[function]
[call site]
00070
perfetto::base::SprintfTrunc(char*, unsigned long, char const*, ...)
[function]
[call site]
00071
vsnprintf
[call site]
00072
perfetto::base::SprintfTrunc(char*, unsigned long, char const*, ...)
[function]
[call site]
00073
perfetto::base::LogRingBuffer::Read(char*, unsigned long)
[function]
[call site]
00074
fputs
[call site]
00075
fputs
[call site]
00076
fputs
[call site]
00077
perfetto::base::FromPosixTimespec(timespec const&)
[function]
[call site]
00078
perfetto::base::MaybeSerializeLastLogsForCrashReporting()
[function]
[call site]
00079
protozero::Field::valid() const
[function]
[call site]
00080
protozero::TypedProtoDecoderBase::ExpandHeapStorage()
[function]
[call site]
00081
protozero::TypedProtoDecoder<999, false>::TypedProtoDecoder(unsigned char const*, unsigned long)
[function]
[call site]
00082
protozero::TypedProtoDecoder<999, false>::~TypedProtoDecoder()
[function]
[call site]
00083
protozero::TypedProtoDecoderBase::~TypedProtoDecoderBase()
[function]
[call site]
00084
protozero::TypedProtoDecoder<1, false>::~TypedProtoDecoder()
[function]
[call site]
00085