Fuzz introspector: zephyr/samples/subsys/debug/fuzz/src/main.c
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues

Fuzz blockers

The following nodes represent call sites where fuzz blockers occur.

Amount of callsites blocked Calltree index Parent function Callsite Largest blocked function
430 0 EP call site: {node_id} nsi_init

Fuzzer calltree

0 LLVMFuzzerTestOneInput [function] [call site] 00000
1 nsi_init [function] [call site] 00001
2 setvbuf [call site] 00002
2 setvbuf [call site] 00003
2 nsi_run_tasks [function] [call site] 00004
2 nsif_cpun_pre_cmdline_hooks [function] [call site] 00005
3 run_native_tasks [function] [call site] 00006
3 nsi_cpu_set_auto_start [function] [call site] 00007
4 CPU_N_RANGE_CHECK [call site] 00008
2 nsi_handle_cmd_line [call site] 00009
2 nsi_run_tasks [function] [call site] 00010
2 nsif_cpun_pre_hw_init_hooks [function] [call site] 00011
3 run_native_tasks [function] [call site] 00012
3 phy_sync_ctrl_connect_to_2G4_phy [function] [call site] 00013
4 bs_trace_raw [call site] 00014
4 hwll_connect_to_phy [call site] 00015
4 bsim_args_get_2G4_device_nbr [function] [call site] 00016
4 bsim_args_get_simid [function] [call site] 00017
4 bsim_args_get_2G4_phy_id [function] [call site] 00018
4 bs_trace_raw [call site] 00019
3 bst_pass_args [function] [call site] 00020
3 phy_sync_ctrl_pre_boot2 [function] [call site] 00021
4 hwll_wait_for_phy_simu_time [call site] 00022
4 BS_MAX [call site] 00023
2 nsi_run_tasks [function] [call site] 00024
2 nsi_hws_init [function] [call site] 00025
3 nsi_hws_set_sig_handler [function] [call site] 00026
4 NSI_SAFE_CALL [call site] 00027
4 sigemptyset [function] [call site] 00028
4 NSI_SAFE_CALL [call site] 00029
4 sigaction [function] [call site] 00030
5 ARG_UNUSED [call site] 00031
5 ARG_UNUSED [call site] 00032
5 ARG_UNUSED [call site] 00033
4 NSI_SAFE_CALL [call site] 00034
4 sigaction [function] [call site] 00035
3 nsi_hws_find_next_event [function] [call site] 00036
2 nsi_run_tasks [function] [call site] 00037
2 nsi_cpu_auto_boot [function] [call site] 00038
3 nsif_cpun_boot [function] [call site] 00039
4 run_native_tasks [function] [call site] 00040
4 bst_pre_init [function] [call site] 00041
4 phy_sync_ctrl_pre_boot3 [function] [call site] 00042
5 hwll_wait_for_phy_simu_time [call site] 00043
5 BS_MAX [call site] 00044
4 posix_boot_cpu [function] [call site] 00045
5 nce_init [function] [call site] 00046
6 calloc [function] [call site] 00047
7 size_mul_overflow [function] [call site] 00048
8 __builtin_mul_overflow [call site] 00049
7 malloc [function] [call site] 00050
8 malloc_lock [function] [call site] 00051
9 sys_mutex_lock [function] [call site] 00052
10 z_sys_mutex_kernel_lock [call site] 00053
9 __ASSERT_NO_MSG [call site] 00054
8 sys_heap_aligned_alloc [function] [call site] 00055
9 MIN [call site] 00056
9 chunk_header_bytes [function] [call site] 00057
10 big_heap [function] [call site] 00058
11 big_heap_chunks [function] [call site] 00059
12 IS_ENABLED [call site] 00060
12 IS_ENABLED [call site] 00061
9 chunk_header_bytes [function] [call site] 00062
9 sys_heap_alloc [function] [call site] 00063
10 bytes_to_chunksz [function] [call site] 00064
11 chunk_header_bytes [function] [call site] 00065
11 MIN [call site] 00066
10 alloc_chunk [function] [call site] 00067
11 bucket_idx [function] [call site] 00068
12 min_chunk_size [function] [call site] 00069
13 chunksz [function] [call site] 00070
13 chunk_header_bytes [function] [call site] 00071
12 __builtin_clz [call site] 00072
11 CHECK [call site] 00073
11 bucket_idx [function] [call site] 00074
11 chunk_size [call site] 00075
11 free_list_remove_bidx [function] [call site] 00076
12 CHECK [call site] 00077
12 chunk_used [function] [call site] 00078
13 chunk_field [function] [call site] 00079
14 chunk_buf [function] [call site] 00080
14 big_heap [function] [call site] 00081
12 CHECK [call site] 00082
12 CHECK [call site] 00083
12 BIT [call site] 00084
12 next_free_chunk [function] [call site] 00085
13 chunk_field [function] [call site] 00086
12 BIT [call site] 00087
12 prev_free_chunk [function] [call site] 00088
13 chunk_field [function] [call site] 00089
12 next_free_chunk [function] [call site] 00090
12 set_next_free_chunk [function] [call site] 00091
13 chunk_set [function] [call site] 00092
14 CHECK [call site] 00093
14 chunk_buf [function] [call site] 00094
14 big_heap [function] [call site] 00095
14 CHECK [call site] 00096
14 CHECK [call site] 00097
12 set_prev_free_chunk [function] [call site] 00098
13 chunk_set [function] [call site] 00099
12 chunksz_to_bytes [function] [call site] 00100
13 chunk_header_bytes [function] [call site] 00101
12 chunk_size [call site] 00102
11 next_free_chunk [function] [call site] 00103
11 CHECK [call site] 00104
11 BIT_MASK [call site] 00105
11 __builtin_ctz [call site] 00106
11 free_list_remove_bidx [function] [call site] 00107
11 CHECK [call site] 00108
11 chunk_size [call site] 00109
10 chunk_size [call site] 00110
10 split_chunks [function] [call site] 00111
11 CHECK [call site] 00112
11 CHECK [call site] 00113
11 chunk_size [call site] 00114
11 chunk_size [call site] 00115
11 set_chunk_size [function] [call site] 00116
12 chunk_set [function] [call site] 00117
11 set_chunk_size [function] [call site] 00118
11 set_left_chunk_size [function] [call site] 00119
12 chunk_set [function] [call site] 00120
11 set_left_chunk_size [function] [call site] 00121
11 right_chunk [function] [call site] 00122
12 chunk_size [call site] 00123
10 free_list_add [function] [call site] 00124
11 solo_free_header [function] [call site] 00125
12 big_heap [function] [call site] 00126
12 chunk_size [call site] 00127
11 bucket_idx [function] [call site] 00128
11 chunk_size [call site] 00129
11 free_list_add_bidx [function] [call site] 00130
12 CHECK [call site] 00131
12 BIT [call site] 00132
12 BIT [call site] 00133
12 set_prev_free_chunk [function] [call site] 00134
12 set_next_free_chunk [function] [call site] 00135
12 CHECK [call site] 00136
12 BIT [call site] 00137
12 prev_free_chunk [function] [call site] 00138
12 set_prev_free_chunk [function] [call site] 00139
12 set_next_free_chunk [function] [call site] 00140
12 set_next_free_chunk [function] [call site] 00141
12 set_prev_free_chunk [function] [call site] 00142
12 chunksz_to_bytes [function] [call site] 00143
12 chunk_size [call site] 00144
10 set_chunk_used [function] [call site] 00145
11 chunk_buf [function] [call site] 00146
11 big_heap [function] [call site] 00147
10 chunk_mem [function] [call site] 00148
11 chunk_buf [function] [call site] 00149
11 chunk_header_bytes [function] [call site] 00150
11 CHECK [call site] 00151
11 big_heap [function] [call site] 00152
10 increase_allocated_bytes [function] [call site] 00153
11 MAX [call site] 00154
10 chunksz_to_bytes [function] [call site] 00155
10 chunk_size [call site] 00156
10 heap_listener_notify_alloc [call site] 00157
10 HEAP_ID_FROM_POINTER [call site] 00158
10 chunksz_to_bytes [function] [call site] 00159
10 chunk_size [call site] 00160
10 IF_ENABLED [call site] 00161
10 __msan_allocated_memory [call site] 00162
9 chunk_header_bytes [function] [call site] 00163
9 __ASSERT [call site] 00164
9 bytes_to_chunksz [function] [call site] 00165
9 alloc_chunk [function] [call site] 00166
9 chunk_mem [function] [call site] 00167
9 ROUND_UP [call site] 00168
9 ROUND_UP [call site] 00169
9 mem_to_chunkid [function] [call site] 00170
10 chunk_buf [function] [call site] 00171
10 chunk_header_bytes [function] [call site] 00172
9 chunk_buf [function] [call site] 00173
9 CHECK [call site] 00174
9 split_chunks [function] [call site] 00175
9 free_list_add [function] [call site] 00176
9 right_chunk [function] [call site] 00177
9 split_chunks [function] [call site] 00178
9 free_list_add [function] [call site] 00179
9 set_chunk_used [function] [call site] 00180
9 increase_allocated_bytes [function] [call site] 00181
9 chunksz_to_bytes [function] [call site] 00182
9 chunk_size [call site] 00183
9 heap_listener_notify_alloc [call site] 00184
9 HEAP_ID_FROM_POINTER [call site] 00185
9 chunksz_to_bytes [function] [call site] 00186
9 chunk_size [call site] 00187
9 IF_ENABLED [call site] 00188
9 __msan_allocated_memory [call site] 00189
8 malloc_unlock [function] [call site] 00190
9 sys_mutex_unlock [function] [call site] 00191
10 k_mutex_unlock [call site] 00192
7 memset [call site] 00193
6 nsi_print_error_and_exit [call site] 00194
6 NSI_SAFE_CALL [call site] 00195
6 sem_init [function] [call site] 00196
7 __ASSERT [call site] 00197
7 k_sem_init [call site] 00198
6 NSI_SAFE_CALL [call site] 00199
6 sem_init [function] [call site] 00200
5 posix_arch_init [function] [call site] 00201
6 nct_init [function] [call site] 00202
7 calloc [function] [call site] 00203
7 nsi_print_error_and_exit [call site] 00204
7 calloc [function] [call site] 00205
7 nsi_print_error_and_exit [call site] 00206
7 ttable_init_elements [function] [call site] 00207
8 NSI_SAFE_CALL [call site] 00208
8 sem_init [function] [call site] 00209
8 NSI_SAFE_CALL [call site] 00210
8 sem_init [function] [call site] 00211
5 nce_boot_cpu [function] [call site] 00212
6 NSI_SAFE_CALL [call site] 00213
6 pthread_create [function] [call site] 00214
7 __attr_is_runnable [function] [call site] 00215
8 LOG_DBG [call site] 00216
8 __get_attr_stacksize [function] [call site] 00217
8 LOG_DBG [call site] 00218
8 valid_posix_policy [function] [call site] 00219
8 LOG_DBG [call site] 00220
7 posix_thread_recycle [function] [call site] 00221
8 SYS_DLIST_STATIC_INIT [call site] 00222
8 SYS_SEM_LOCK [call site] 00223
8 SYS_DLIST_FOR_EACH_CONTAINER_SAFE [call site] 00224
8 sys_dlist_remove [function] [call site] 00225
9 sys_dnode_init [function] [call site] 00226
8 sys_dlist_append [function] [call site] 00227
8 sys_dlist_is_empty [function] [call site] 00228
8 LOG_DBG [call site] 00229
8 sys_dlist_len [function] [call site] 00230
9 SYS_DLIST_FOR_EACH_NODE [call site] 00231
8 SYS_DLIST_FOR_EACH_CONTAINER [call site] 00232
8 pthread_attr_destroy [function] [call site] 00233
9 __attr_is_initialized [function] [call site] 00234
10 IS_ENABLED [call site] 00235
10 __attr_is_runnable [function] [call site] 00236
10 LOG_DBG [call site] 00237
9 k_thread_stack_free [call site] 00238
9 LOG_DBG [call site] 00239
9 __get_attr_stacksize [function] [call site] 00240
9 LOG_DBG [call site] 00241
8 SYS_SEM_LOCK [call site] 00242
8 sys_dlist_is_empty [function] [call site] 00243
8 CONTAINER_OF [call site] 00244
8 sys_dlist_get [function] [call site] 00245
9 sys_dlist_is_empty [function] [call site] 00246
9 sys_dlist_remove [function] [call site] 00247
8 posix_thread_q_set [function] [call site] 00248
9 sys_dlist_append [function] [call site] 00249
9 __ASSERT [call site] 00250
7 SYS_SEM_LOCK [call site] 00251
7 sys_dlist_is_empty [function] [call site] 00252
7 CONTAINER_OF [call site] 00253
7 sys_dlist_get [function] [call site] 00254
7 posix_thread_q_set [function] [call site] 00255
7 sys_slist_init [function] [call site] 00256
7 sys_slist_init [function] [call site] 00257
7 IS_ENABLED [call site] 00258
7 pthread_barrier_init [function] [call site] 00259
8 sys_bitarray_alloc [function] [call site] 00260
9 __ASSERT_NO_MSG [call site] 00261
9 __ASSERT_NO_MSG [call site] 00262
9 k_spin_lock [function] [call site] 00263
10 ARG_UNUSED [call site] 00264
10 arch_irq_lock [call site] 00265
10 z_spinlock_validate_pre [function] [call site] 00266
11 ARG_UNUSED [call site] 00267
11 __ASSERT [call site] 00268
11 z_spin_lock_valid [function] [call site] 00269
11 __ASSERT_NO_MSG [call site] 00270
11 z_spin_lock_mem_coherent [function] [call site] 00271
12 arch_mem_coherent [call site] 00272
10 atomic_inc [call site] 00273
10 atomic_get [call site] 00274
10 arch_spin_relax [call site] 00275
10 atomic_cas [call site] 00276
10 arch_spin_relax [call site] 00277
10 z_spinlock_validate_post [function] [call site] 00278
11 ARG_UNUSED [call site] 00279
11 z_spin_lock_set_owner [function] [call site] 00280
11 sys_clock_cycle_get_32 [call site] 00281
9 CHECKIF [call site] 00282
9 bundle_bitness [call site] 00283
9 find_lsb_set [function] [call site] 00284
10 __builtin_ffs [call site] 00285
10 find_msb_set [function] [call site] 00286
11 __builtin_clz [call site] 00287
9 match_region [function] [call site] 00288
10 setup_bundle_data [function] [call site] 00289
11 bundle_bitness [call site] 00290
11 bundle_bitness [call site] 00291
11 bundle_bitness [call site] 00292
11 bundle_bitness [call site] 00293
11 BIT [call site] 00294
11 BIT [call site] 00295
11 BIT [call site] 00296
10 __ASSERT_NO_MSG [call site] 00297
10 find_lsb_set [function] [call site] 00298
10 bundle_bitness [call site] 00299
9 set_region [call site] 00300
9 k_spin_unlock [function] [call site] 00301
10 ARG_UNUSED [call site] 00302
10 __ASSERT [call site] 00303
10 z_spin_unlock_valid [function] [call site] 00304
11 arch_is_in_isr [call site] 00305
10 sys_clock_cycle_get_32 [call site] 00306
10 __ASSERT [call site] 00307
10 atomic_inc [call site] 00308
10 atomic_clear [call site] 00309
10 arch_irq_unlock [call site] 00310
8 mark_pthread_obj_initialized [function] [call site] 00311
7 SYS_SEM_LOCK [call site] 00312
7 sys_dlist_remove [function] [call site] 00313
7 posix_thread_q_set [function] [call site] 00314
7 LOG_DBG [call site] 00315
7 pthread_attr_init [function] [call site] 00316
8 LOG_DBG [call site] 00317
8 BUILD_ASSERT [call site] 00318
8 k_thread_stack_alloc [call site] 00319
8 k_is_user_context [function] [call site] 00320
9 arch_is_user_context [call site] 00321
8 LOG_DBG [call site] 00322
8 __set_attr_stacksize [function] [call site] 00323
8 __ASSERT_NO_MSG [call site] 00324
8 __attr_is_initialized [function] [call site] 00325
8 LOG_DBG [call site] 00326
8 __get_attr_stacksize [function] [call site] 00327
8 LOG_DBG [call site] 00328
7 __attr_is_runnable [function] [call site] 00329
7 pthread_attr_destroy [function] [call site] 00330
7 SYS_SEM_LOCK [call site] 00331
7 sys_dlist_remove [function] [call site] 00332
7 posix_thread_q_set [function] [call site] 00333
7 zephyr_to_posix_priority [function] [call site] 00334
8 __ASSERT_NO_MSG [call site] 00335
8 __ASSERT_NO_MSG [call site] 00336
8 ZEPHYR_TO_POSIX_PRIORITY [call site] 00337
8 __ASSERT_NO_MSG [call site] 00338
8 is_posix_policy_prio_valid [function] [call site] 00339
9 posix_sched_priority_min [function] [call site] 00340
10 valid_posix_policy [function] [call site] 00341
9 posix_sched_priority_max [function] [call site] 00342
10 IS_ENABLED [call site] 00343
10 IS_ENABLED [call site] 00344
9 LOG_DBG [call site] 00345
7 k_thread_priority_get [call site] 00346
7 k_current_get [function] [call site] 00347
8 k_sched_current_thread_query [call site] 00348
7 k_thread_create [call site] 00349
7 __get_attr_stacksize [function] [call site] 00350
7 IS_ENABLED [call site] 00351
7 UINT_TO_POINTER [call site] 00352
7 posix_to_zephyr_priority [function] [call site] 00353
8 __ASSERT_NO_MSG [call site] 00354
8 is_posix_policy_prio_valid [function] [call site] 00355
8 POSIX_TO_ZEPHYR_PRIORITY [call site] 00356
7 IS_ENABLED [call site] 00357
7 pthread_barrier_wait [function] [call site] 00358
8 get_posix_barrier [function] [call site] 00359
9 to_posix_barrier_idx [function] [call site] 00360
10 mark_pthread_obj_uninitialized [function] [call site] 00361
9 is_pthread_obj_initialized [function] [call site] 00362
9 sys_bitarray_test_bit [function] [call site] 00363
10 __ASSERT_NO_MSG [call site] 00364
10 __ASSERT_NO_MSG [call site] 00365
10 k_spin_lock [function] [call site] 00366
10 CHECKIF [call site] 00367
10 bundle_bitness [call site] 00368
10 bundle_bitness [call site] 00369
10 BIT [call site] 00370
10 k_spin_unlock [function] [call site] 00371
8 k_mutex_lock [call site] 00372
8 __ASSERT_NO_MSG [call site] 00373
8 k_condvar_wait [call site] 00374
8 __ASSERT_NO_MSG [call site] 00375
8 k_condvar_signal [call site] 00376
8 __ASSERT_NO_MSG [call site] 00377
8 k_mutex_unlock [call site] 00378
8 __ASSERT_NO_MSG [call site] 00379
7 __ASSERT_NO_MSG [call site] 00380
7 pthread_barrier_destroy [function] [call site] 00381
8 get_posix_barrier [function] [call site] 00382
8 k_mutex_lock [call site] 00383
8 __ASSERT_NO_MSG [call site] 00384
8 posix_barrier_to_offset [function] [call site] 00385
8 sys_bitarray_free [function] [call site] 00386
9 __ASSERT_NO_MSG [call site] 00387
9 __ASSERT_NO_MSG [call site] 00388
9 k_spin_lock [function] [call site] 00389
9 match_region [function] [call site] 00390
9 set_region [call site] 00391
9 k_spin_unlock [function] [call site] 00392
8 __ASSERT_NO_MSG [call site] 00393
8 k_condvar_broadcast [call site] 00394
8 __ASSERT_NO_MSG [call site] 00395
8 k_mutex_unlock [call site] 00396
8 __ASSERT_NO_MSG [call site] 00397
7 __ASSERT_NO_MSG [call site] 00398
7 mark_pthread_obj_initialized [function] [call site] 00399
7 posix_thread_to_offset [function] [call site] 00400
7 LOG_DBG [call site] 00401
6 nce_wake_cpu [function] [call site] 00402
7 nsi_print_error_and_exit [call site] 00403
7 NSI_SAFE_CALL [call site] 00404
7 sem_post [function] [call site] 00405
8 k_sem_give [call site] 00406
7 NSI_SAFE_CALL [call site] 00407
7 nce_sem_rewait [function] [call site] 00408
8 sem_wait [function] [call site] 00409
9 k_sem_take [call site] 00410
7 NCE_DEBUG [call site] 00411
7 nsi_exit [call site] 00412
4 run_native_tasks [function] [call site] 00413
4 bst_post_init [function] [call site] 00414
2 nsi_run_tasks [function] [call site] 00415
1 hw_irq_ctrl_set_irq [function] [call site] 00416
2 hw_irq_ctrl_irq_raise_prefix [function] [call site] 00417
2 nsi_hws_get_time [function] [call site] 00418
2 nsi_hws_find_next_event [function] [call site] 00419
1 nsi_exec_for [function] [call site] 00420
2 nsi_hws_get_time [function] [call site] 00421
2 nsi_hws_one_event [function] [call site] 00422
3 nsi_hws_sleep_until_next_event [function] [call site] 00423
4 nsi_print_warning [call site] 00424
4 nsi_print_trace [call site] 00425
4 nsi_exit [call site] 00426
3 nsi_print_error_and_exit [call site] 00427
3 nsi_hws_find_next_event [function] [call site] 00428
2 nsi_hws_get_time [function] [call site] 00429
1 k_ticks_to_us_ceil64 [call site] 00430