The followings are the branches where fuzzer fails to bypass.
| Unique non-covered Complexity | Unique Reachable Complexities | Unique Reachable Functions | All non-covered Complexity | All Reachable Complexity | Function Name | Function Callsite | Blocked Branch |
|---|---|---|---|---|---|---|---|
| 2031 | 2031 |
1 :
['perfetto::TracingServiceImpl::ReadBuffersIntoFile(unsigned long)'] |
2031 | 2064 | perfetto::TracingServiceImpl::DisableTracingNotifyConsumerAndFlushFile(perfetto::TracingServiceImpl::TracingSession*) | call site: 00000 | /work/build/../../src/perfetto/src/tracing/service/tracing_service_impl.cc:1864 |
| 728 | 810 |
17 :
['perfetto::base::FlatSet
|
817 | 903 | perfetto::CpuReader::Bundler::FinalizeAndRunSymbolizer() | call site: 00000 | /work/build/../../src/perfetto/src/traced/probes/ftrace/cpu_reader.cc:358 |
| 401 | 401 |
1 :
['ZSTD_decompressSequencesLong'] |
401 | 401 | ZSTD_decompressBlock_internal | call site: 00000 | /work/build/../../src/perfetto/buildtools/zstd/lib/decompress/zstd_decompress_block.c:2142 |
| 382 | 382 |
1 :
['HUF_decompress4X_hufOnly_wksp'] |
382 | 382 | ZSTD_decodeLiteralsBlock | call site: 00000 | /work/build/../../src/perfetto/buildtools/zstd/lib/decompress/zstd_decompress_block.c:196 |
| 366 | 366 |
1 :
['ZSTD_decompressSequencesSplitLitBuffer'] |
366 | 366 | ZSTD_decompressBlock_internal | call site: 00000 | /work/build/../../src/perfetto/buildtools/zstd/lib/decompress/zstd_decompress_block.c:2154 |
| 286 | 286 |
1 :
['perfetto::TracingServiceImpl::PeriodicFlushTask(unsigned long, bool)'] |
328 | 930 | perfetto::TracingServiceImpl::StartTracing(unsignedlong) | call site: 00000 | /work/build/../../src/perfetto/src/tracing/service/tracing_service_impl.cc:1340 |
| 271 | 271 |
2 :
['ERR_isError.43961', 'ZSTD_decompress_insertDictionary'] |
271 | 271 | ZSTD_decompressBegin_usingDict | call site: 00000 | /work/build/../../src/perfetto/buildtools/zstd/lib/decompress/zstd_decompress.c:1563 |
| 261 | 261 |
2 :
['HUF_decompress1X_usingDTable', 'HUF_decompress4X_usingDTable'] |
261 | 261 | ZSTD_decodeLiteralsBlock | call site: 00000 | /work/build/../../src/perfetto/buildtools/zstd/lib/decompress/zstd_decompress_block.c:184 |
| 238 | 238 |
5 :
['_ZNSt3__16get_ifB8nn180100INS_6vectorIjNS_9allocatorIjEEEEJN8perfetto15trace_processor6RowMap5RangeENS6_9BitVectorES4_EEEu13__add_pointerIKT_EPKNS_7variantIJDpT0_EEE', 'perfetto::trace_processor::RowMap::NoVariantMatched()', 'std::__1::vector
|
238 | 238 | perfetto::trace_processor::RowMap::Get(unsignedint)const | call site: 00000 | /work/build/../../src/perfetto/src/trace_processor/containers/row_map.h:220 |
| 218 | 220 |
5 :
['perfetto::trace_processor::RowMap::InsertIntoBitVector(perfetto::trace_processor::BitVector&, unsigned int)', 'perfetto::trace_processor::BitVector::~BitVector()', 'perfetto::trace_processor::BitVector::Resize(unsigned int, bool)', 'perfetto::trace_processor::BitVector::BitVector()', '_ZNSt3__17variantIJN8perfetto15trace_processor6RowMap5RangeENS2_9BitVectorENS_6vectorIjNS_9allocatorIjEEEEEEaSB8nn180100IS5_TnNS_9enable_ifIXnt9is_same_vIu14__remove_cvrefIT_ESA_EEiE4typeELi0ES5_Lm1ETnNSC_IXaa15is_assignable_vIRT1_SD_E18is_constructible_vISH_SD_EEiE4typeELi0EEERSA_OSD_'] |
218 | 220 | perfetto::trace_processor::RowMap::Insert(unsignedint) | call site: 00000 | /work/build/../../src/perfetto/src/trace_processor/containers/row_map.h:302 |
| 218 | 218 |
1 :
['perfetto::trace_processor::TrackEventParser::EventImporter::ParseCounterEvent()'] |
218 | 218 | perfetto::trace_processor::TrackEventParser::EventImporter::Import() | call site: 00000 | /work/build/../../src/perfetto/src/trace_processor/importers/proto/track_event_parser.cc:234 |
| 156 | 212 |
10 :
['unwindstack::MapInfo::offset() const', 'unwindstack::MapInfo::end() const', 'unwindstack::MapInfo::set_elf_start_offset(unsigned long)', 'unwindstack::Elf::IsValidElf(unwindstack::Memory*)', 'unwindstack::MapInfo::InitFileMemoryFromPreviousReadOnlyMap(unwindstack::MemoryFileAtOffset*)', 'unsigned long const& std::__1::max[abi:nn180100]
|
201 | 497 | unwindstack::MapInfo::CreateFileMemory() | call site: 00000 | /work/build/../../src/perfetto/buildtools/android-unwinding/libunwindstack/MapInfo.cpp:111 |
LLVMFuzzerTestOneInput
[function]
[call site]
00000
protozero::(anonymous namespace)::FuzzMessageFilter(unsigned char const*, unsigned long)
[function]
[call site]
00001
protozero::MessageFilter::MessageFilter()
[function]
[call site]
00002
protozero::MessageFilter::Config::Config()
[function]
[call site]
00003
protozero::FilterBytecodeParser::FilterBytecodeParser()
[function]
[call site]
00004
protozero::StringFilter::StringFilter()
[function]
[call site]
00005
protozero::MessageFilter::MessageFilter(protozero::MessageFilter::Config)
[function]
[call site]
00006
protozero::MessageFilter::Config::Config(protozero::MessageFilter::Config&&)
[function]
[call site]
00007
protozero::FilterBytecodeParser::FilterBytecodeParser(protozero::FilterBytecodeParser&&)
[function]
[call site]
00008
protozero::StringFilter::StringFilter(protozero::StringFilter&&)
[function]
[call site]
00009
protozero::MessageTokenizer::MessageTokenizer()
[function]
[call site]
00010
protozero::MessageFilter::Config::~Config()
[function]
[call site]
00011
protozero::StringFilter::~StringFilter()
[function]
[call site]
00012
protozero::FilterBytecodeParser::~FilterBytecodeParser()
[function]
[call site]
00013
protozero::MessageFilter::LoadFilterBytecode(void const*, unsigned long)
[function]
[call site]
00014
protozero::MessageFilter::Config::LoadFilterBytecode(void const*, unsigned long)
[function]
[call site]
00015
protozero::FilterBytecodeParser::Load(void const*, unsigned long)
[function]
[call site]
00016
protozero::FilterBytecodeParser::Reset()
[function]
[call site]
00017
protozero::FilterBytecodeParser::FilterBytecodeParser()
[function]
[call site]
00018
protozero::FilterBytecodeParser::operator=(protozero::FilterBytecodeParser&&)
[function]
[call site]
00019
protozero::FilterBytecodeParser::~FilterBytecodeParser()
[function]
[call site]
00020
protozero::FilterBytecodeParser::LoadInternal(unsigned char const*, unsigned long)
[function]
[call site]
00021
protozero::PackedRepeatedFieldIterator<(protozero::proto_utils::ProtoWireType)0, unsigned int>::PackedRepeatedFieldIterator(unsigned char const*, unsigned long, bool*)
[function]
[call site]
00022
protozero::PackedRepeatedFieldIterator<(protozero::proto_utils::ProtoWireType)0, unsigned int>::operator++()
[function]
[call site]
00023
protozero::proto_utils::ParseVarInt(unsigned char const*, unsigned char const*, unsigned long*)
[function]
[call site]
00024
PerfettoPbParseVarInt(unsigned char const*, unsigned char const*, unsigned long*)
[function]
[call site]
00025
protozero::PackedRepeatedFieldIterator<(protozero::proto_utils::ProtoWireType)0, unsigned int>::operator bool() const
[function]
[call site]
00026
protozero::PackedRepeatedFieldIterator<(protozero::proto_utils::ProtoWireType)0, unsigned int>::operator*() const
[function]
[call site]
00027
protozero::PackedRepeatedFieldIterator<(protozero::proto_utils::ProtoWireType)0, unsigned int>::operator++()
[function]
[call site]
00028
perfetto::base::Hasher::Hasher()
[function]
[call site]
00029
_ZN8perfetto4base6Hasher6UpdateIjTnNSt3__19enable_ifIXsr3std13is_arithmeticIT_EE5valueEbE4typeELb1EEEvS5_
[function]
[call site]
00030
perfetto::base::Hasher::Update(char const*, unsigned long)
[function]
[call site]
00031
perfetto::base::Hasher::digest() const
[function]
[call site]
00032
perfetto::base::Basename(char const*)
[function]
[call site]
00033
perfetto::base::StrEnd(char const*)
[function]
[call site]
00034
perfetto::base::StrEnd(char const*)
[function]
[call site]
00035
perfetto::base::BasenameRecursive(char const*, char const*, char const*)
[function]
[call site]
00036
perfetto::base::BasenameRecursive(char const*, char const*, char const*)
[function]
[call site]
00037
perfetto::base::LogMessage(perfetto::base::LogLev, char const*, int, char const*, ...)
[function]
[call site]
00038
vsnprintf
[call site]
00039
snprintf
[call site]
00040
__cxa_guard_acquire
[call site]
00041
isatty
[call site]
00042
__cxa_guard_release
[call site]
00043
perfetto::base::StackString<10ul>::StackString(char const*, ...)
[function]
[call site]
00044
vsnprintf
[call site]
00045
strlen
[call site]
00046
perfetto::base::StackString<10ul>::len() const
[function]
[call site]
00047
perfetto::base::StackString<10ul>::c_str() const
[function]
[call site]
00048
perfetto::base::StackString<24ul>::StackString(char const*, ...)
[function]
[call site]
00049
perfetto::base::GetWallTimeMs()
[function]
[call site]
00050
perfetto::base::GetWallTimeNs()
[function]
[call site]
00051
perfetto::base::GetTimeInternalNs(int)
[function]
[call site]
00052
clock_gettime
[call site]
00053
perfetto::base::Basename(char const*)
[function]
[call site]
00054
__errno_location
[call site]
00055
strerror
[call site]
00056
perfetto::base::LogMessage(perfetto::base::LogLev, char const*, int, char const*, ...)
[function]
[call site]
00057
perfetto::base::StackString<32ul>::StackString(char const*, ...)
[function]
[call site]
00058
perfetto::base::StackString<32ul>::c_str() const
[function]
[call site]
00059
perfetto::base::StackString<24ul>::c_str() const
[function]
[call site]
00060
fprintf
[call site]
00061
perfetto::base::StackString<32ul>::c_str() const
[function]
[call site]
00062
perfetto::base::StackString<24ul>::c_str() const
[function]
[call site]
00063
fprintf
[call site]
00064
perfetto::base::StackString<32ul>::string_view() const
[function]
[call site]
00065
perfetto::base::StringView::StringView(char const*, unsigned long)
[function]
[call site]
00066
perfetto::base::StackString<24ul>::string_view() const
[function]
[call site]
00067
perfetto::base::StringView::StringView(char const*, unsigned long)
[function]
[call site]
00068
perfetto::base::LogRingBuffer::Append(perfetto::base::StringView, perfetto::base::StringView, perfetto::base::StringView)
[function]
[call site]
00069
perfetto::base::StringView::size() const
[function]
[call site]
00070
perfetto::base::StringView::data() const
[function]
[call site]
00071
perfetto::base::StringView::size() const
[function]
[call site]
00072
perfetto::base::StringView::data() const
[function]
[call site]
00073
perfetto::base::StringView::size() const
[function]
[call site]
00074
perfetto::base::StringView::data() const
[function]
[call site]
00075
snprintf
[call site]
00076
perfetto::base::MaybeSerializeLastLogsForCrashReporting()
[function]
[call site]
00077
perfetto::base::SerializeCrashKeys(char*, unsigned long)
[function]
[call site]
00078
perfetto::base::CrashKey::ToString(char*, unsigned long)
[function]
[call site]
00079
perfetto::base::SprintfTrunc(char*, unsigned long, char const*, ...)
[function]
[call site]
00080
vsnprintf
[call site]
00081
perfetto::base::SprintfTrunc(char*, unsigned long, char const*, ...)
[function]
[call site]
00082
perfetto::base::LogRingBuffer::Read(char*, unsigned long)
[function]
[call site]
00083
fputs
[call site]
00084
fputs
[call site]
00085
fputs
[call site]
00086
perfetto::base::FromPosixTimespec(timespec const&)
[function]
[call site]
00087
void perfetto::base::ignore_result<char [48], unsigned long>(char const (&) [48], unsigned long const&)
[function]
[call site]
00088
void perfetto::base::ignore_result<char [53], unsigned long>(char const (&) [53], unsigned long const&)
[function]
[call site]
00089
protozero::FilterBytecodeParser::LoadInternal(unsigned char const*, unsigned long)::$_0::operator()(unsigned int, unsigned int) const
[function]
[call site]
00090
protozero::FilterBytecodeParser::LoadInternal(unsigned char const*, unsigned long)::$_1::operator()(unsigned int, unsigned int, unsigned int) const
[function]
[call site]
00091
void perfetto::base::ignore_result<char [46], unsigned long>(char const (&) [46], unsigned long const&)
[function]
[call site]
00092
protozero::FilterBytecodeParser::LoadInternal(unsigned char const*, unsigned long)::$_0::operator()(unsigned int, unsigned int) const
[function]
[call site]
00093
protozero::FilterBytecodeParser::LoadInternal(unsigned char const*, unsigned long)::$_1::operator()(unsigned int, unsigned int, unsigned int) const
[function]
[call site]
00094
void perfetto::base::ignore_result<char [47], unsigned long, unsigned int>(char const (&) [47], unsigned long const&, unsigned int const&)
[function]
[call site]
00095
void perfetto::base::ignore_result<char [65]>(char const (&) [65])
[function]
[call site]
00096
void perfetto::base::ignore_result<char [72], unsigned int, unsigned long>(char const (&) [72], unsigned int const&, unsigned long const&)
[function]
[call site]
00097
protozero::FilterBytecodeParser::Reset()
[function]
[call site]
00098
perfetto::base::Basename(char const*)
[function]
[call site]
00099
__errno_location
[call site]
00100
strerror
[call site]
00101
perfetto::base::LogMessage(perfetto::base::LogLev, char const*, int, char const*, ...)
[function]
[call site]
00102
perfetto::base::MaybeSerializeLastLogsForCrashReporting()
[function]
[call site]
00103
protozero::MessageFilter::FilterMessage(void const*, unsigned long)
[function]
[call site]
00104
protozero::MessageFilter::FilterMessageFragments(protozero::MessageFilter::InputSlice const*, unsigned long)
[function]
[call site]
00105
protozero::MessageTokenizer::MessageTokenizer()
[function]
[call site]
00106
protozero::MessageFilter::Config::root_msg_index() const
[function]
[call site]
00107
protozero::MessageFilter::Config::string_filter()
[function]
[call site]
00108
protozero::StringFilter::MaybeFilter(char*, unsigned long) const
[function]
[call site]
00109
protozero::StringFilter::MaybeFilterInternal(char*, unsigned long) const
[function]
[call site]
00110
protozero::(anonymous namespace)::RedactMatches(std::__1::match_results<char*, std::__1::allocator<std::__1::sub_match<char*> > > const&)
[function]
[call site]
00111
perfetto::base::Basename(char const*)
[function]
[call site]
00112
__errno_location
[call site]
00113
strerror
[call site]
00114
perfetto::base::LogMessage(perfetto::base::LogLev, char const*, int, char const*, ...)
[function]
[call site]
00115
perfetto::base::MaybeSerializeLastLogsForCrashReporting()
[function]
[call site]
00116
protozero::(anonymous namespace)::FindAtracePayloadPtr(char const*, char const*)
[function]
[call site]
00117
memchr
[call site]
00118
protozero::(anonymous namespace)::StartsWith(char const*, char const*, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&)
[function]
[call site]
00119
memcmp
[call site]
00120
protozero::(anonymous namespace)::RedactMatches(std::__1::match_results<char*, std::__1::allocator<std::__1::sub_match<char*> > > const&)
[function]
[call site]
00121
protozero::(anonymous namespace)::FindAtracePayloadPtr(char const*, char const*)
[function]
[call site]
00122
protozero::(anonymous namespace)::StartsWith(char const*, char const*, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&)
[function]
[call site]
00123
protozero::(anonymous namespace)::RedactMatches(std::__1::match_results<char*, std::__1::allocator<std::__1::sub_match<char*> > > const&)
[function]
[call site]
00124
protozero::MessageTokenizer::Push(unsigned char)
[function]
[call site]
00125
protozero::MessageTokenizer::Token::valid() const
[function]
[call site]
00126
protozero::MessageFilter::Config::filter() const
[function]
[call site]
00127
protozero::FilterBytecodeParser::Query(unsigned int, unsigned int) const
[function]
[call site]
00128
protozero::FilterBytecodeParser::QueryResult::simple_field() const
[function]
[call site]
00129
protozero::(anonymous namespace)::AppendVarInt(unsigned int, unsigned long, unsigned char**)
[function]
[call site]
00130
protozero::proto_utils::MakeTagVarInt(unsigned int)
[function]
[call site]
00131
unsigned char* protozero::proto_utils::WriteVarInt<unsigned int>(unsigned int, unsigned char*)
[function]
[call site]
00132
_ZN9protozero11proto_utils33ExtendValueForVarIntSerializationIjEENSt3__113make_unsignedINS2_11conditionalIXsr3std11is_unsignedIT_EE5valueES5_lE4typeEE4typeES5_
[function]
[call site]
00133
unsigned char* protozero::proto_utils::WriteVarInt<unsigned long>(unsigned long, unsigned char*)
[function]
[call site]
00134
_ZN9protozero11proto_utils33ExtendValueForVarIntSerializationImEENSt3__113make_unsignedINS2_11conditionalIXsr3std11is_unsignedIT_EE5valueES5_lE4typeEE4typeES5_
[function]
[call site]
00135
void protozero::(anonymous namespace)::AppendFixed<unsigned int>(unsigned int, unsigned int, unsigned char**)
[function]
[call site]
00136
unsigned int protozero::proto_utils::MakeTagFixed<unsigned int>(unsigned int)
[function]
[call site]
00137
unsigned char* protozero::proto_utils::WriteVarInt<unsigned int>(unsigned int, unsigned char*)
[function]
[call site]
00138
void protozero::(anonymous namespace)::AppendFixed<unsigned long>(unsigned int, unsigned long, unsigned char**)
[function]
[call site]
00139
unsigned int protozero::proto_utils::MakeTagFixed<unsigned long>(unsigned int)
[function]
[call site]
00140
protozero::MessageFilter::SetUnrecoverableErrorState()
[function]
[call site]
00141
protozero::FilterBytecodeParser::QueryResult::nested_msg_field() const
[function]
[call site]
00142
protozero::(anonymous namespace)::AppendLenDelim(unsigned int, unsigned int, unsigned char**)
[function]
[call site]
00143
protozero::proto_utils::MakeTagLengthDelimited(unsigned int)
[function]
[call site]
00144
unsigned char* protozero::proto_utils::WriteVarInt<unsigned int>(unsigned int, unsigned char*)
[function]
[call site]
00145
unsigned char* protozero::proto_utils::WriteVarInt<unsigned int>(unsigned int, unsigned char*)
[function]
[call site]
00146
protozero::MessageFilter::out_written()
[function]
[call site]
00147
protozero::FilterBytecodeParser::QueryResult::filter_string_field() const
[function]
[call site]
00148
protozero::MessageFilter::IncrementCurrentFieldUsage(unsigned int, bool)
[function]
[call site]
00149
protozero::MessageFilter::IncrementCurrentFieldUsage(unsigned int, bool)::$_0::operator()(unsigned int) const
[function]
[call site]
00150
unsigned char* protozero::proto_utils::WriteVarInt<unsigned int>(unsigned int, unsigned char*)
[function]
[call site]
00151
protozero::MessageFilter::IncrementCurrentFieldUsage(unsigned int, bool)::$_0::operator()(unsigned int) const
[function]
[call site]
00152
protozero::proto_utils::WriteRedundantVarInt(unsigned int, unsigned char*, unsigned long)
[function]
[call site]
00153
perfetto::base::Basename(char const*)
[function]
[call site]
00154
__errno_location
[call site]
00155
strerror
[call site]
00156
perfetto::base::LogMessage(perfetto::base::LogLev, char const*, int, char const*, ...)
[function]
[call site]
00157
perfetto::base::MaybeSerializeLastLogsForCrashReporting()
[function]
[call site]
00158
protozero::MessageTokenizer::idle() const
[function]
[call site]
00159
perfetto::base::Basename(char const*)
[function]
[call site]
00160
__errno_location
[call site]
00161
strerror
[call site]
00162
perfetto::base::LogMessage(perfetto::base::LogLev, char const*, int, char const*, ...)
[function]
[call site]
00163
perfetto::base::MaybeSerializeLastLogsForCrashReporting()
[function]
[call site]
00164
protozero::MessageFilter::FilteredMessage::FilteredMessage(std::__1::unique_ptr<unsigned char [], std::__1::default_delete<unsigned char []> >, unsigned long)
[function]
[call site]
00165
protozero::MessageTokenizer::idle() const
[function]
[call site]
00166
protozero::MessageFilter::FilteredMessage::~FilteredMessage()
[function]
[call site]
00167
perfetto::base::Basename(char const*)
[function]
[call site]
00168
__errno_location
[call site]
00169
strerror
[call site]
00170
perfetto::base::LogMessage(perfetto::base::LogLev, char const*, int, char const*, ...)
[function]
[call site]
00171
perfetto::base::MaybeSerializeLastLogsForCrashReporting()
[function]
[call site]
00172
protozero::MessageFilter::FilteredMessage::~FilteredMessage()
[function]
[call site]
00173
protozero::MessageFilter::~MessageFilter()
[function]
[call site]
00174
protozero::MessageFilter::Config::~Config()
[function]
[call site]
00175