Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity	Unique Reachable Complexities	Unique Reachable Functions	All non-covered Complexity	All Reachable Complexity	Function Name	Function Callsite	Blocked Branch
2	14	2 : View List ['ogg_stream_clear', 'realloc']	2	14	_os_body_expand	call site: 00041	/src/ogg/src/framing.c:185
2	2	1 : View List ['realloc']	2	6	ogg_sync_buffer	call site: 00008	/src/ogg/src/framing.c:608
2	2	1 : View List ['speex_warning']	2	2	speex_bits_read_from	call site: 00095	/src/speex/libspeex/bits.c:119
0	7	1 : View List ['compute_rms16']	0	36	nb_decode	call site: 00000	/src/speex/libspeex/nb_celp.c:1727
0	2	1 : View List ['bw_lpc']	0	21	sb_decode_lost	call site: 00000	/src/speex/libspeex/sb_celp.c:1181
0	0	None	18	251	nb_decode	call site: 00000	/src/speex/libspeex/nb_celp.c:1368
0	0	None	18	193	nb_decode	call site: 00000	/src/speex/libspeex/nb_celp.c:1362
0	0	None	18	172	nb_decode	call site: 00000	/src/speex/libspeex/nb_celp.c:1485
0	0	None	14	148	nb_decode	call site: 00000	/src/speex/libspeex/nb_celp.c:1579
0	0	None	4	127	sb_decode	call site: 00000	/src/speex/libspeex/sb_celp.c:1249
0	0	None	4	60	sb_decode	call site: 00000	/src/speex/libspeex/sb_celp.c:1389
0	0	None	2	8	_os_lacing_expand	call site: 00037	/src/ogg/src/framing.c:216

Fuzzer calltree


         LLVMFuzzerTestOneInput

[function] [call site] 00000


           ogg_sync_init

[function] [call site] 00001


           speex_bits_init

[function] [call site] 00002


             speex_alloc

[function] [call site] 00003


               calloc

[call site] 00004


             speex_bits_reset

[function] [call site] 00005


           ogg_sync_buffer

[function] [call site] 00006


             ogg_sync_check

[function] [call site] 00007


             ogg_sync_clear

[function] [call site] 00008


             realloc

[call site] 00009


             ogg_sync_clear

[function] [call site] 00010


           ogg_sync_wrote

[function] [call site] 00011


             ogg_sync_check

[function] [call site] 00012


           ogg_sync_pageout

[function] [call site] 00013


             ogg_sync_check

[function] [call site] 00014


             ogg_sync_pageseek

[function] [call site] 00015


               ogg_sync_check

[function] [call site] 00016


               memcmp

[call site] 00017


               ogg_page_checksum_set

[function] [call site] 00018


                 _os_update_crc

[function] [call site] 00019


                 _os_update_crc

[function] [call site] 00020


               memcmp

[call site] 00021


               memchr

[call site] 00022


           ogg_page_serialno

[function] [call site] 00023


           ogg_page_serialno

[function] [call site] 00024


           ogg_page_serialno

[function] [call site] 00025


           ogg_stream_pagein

[function] [call site] 00026


             ogg_page_version

[function] [call site] 00027


             ogg_page_continued

[function] [call site] 00028


             ogg_page_bos

[function] [call site] 00029


             ogg_page_eos

[function] [call site] 00030


             ogg_page_granulepos

[function] [call site] 00031


             ogg_page_serialno

[function] [call site] 00032


             ogg_page_pageno

[function] [call site] 00033


             ogg_stream_check

[function] [call site] 00034


             _os_lacing_expand

[function] [call site] 00035


               ogg_stream_clear

[function] [call site] 00036


               realloc

[call site] 00037


               ogg_stream_clear

[function] [call site] 00038


               realloc

[call site] 00039


               ogg_stream_clear

[function] [call site] 00040


             _os_body_expand

[function] [call site] 00041


               ogg_stream_clear

[function] [call site] 00042


               realloc

[call site] 00043


               ogg_stream_clear

[function] [call site] 00044


           ogg_page_granulepos

[function] [call site] 00045


           ogg_page_packets

[function] [call site] 00046


           cleanup(void*, SpeexBits*, int, ogg_stream_state*, ogg_sync_state*)

[function] [call site] 00047


             speex_decoder_destroy

[function] [call site] 00048


             speex_bits_destroy

[function] [call site] 00049


               speex_free

[function] [call site] 00050


             ogg_stream_clear

[function] [call site] 00051


             ogg_sync_clear

[function] [call site] 00052


           cleanup(void*, SpeexBits*, int, ogg_stream_state*, ogg_sync_state*)

[function] [call site] 00053


           ogg_page_eos

[function] [call site] 00054


           cleanup(void*, SpeexBits*, int, ogg_stream_state*, ogg_sync_state*)

[function] [call site] 00055


           ogg_stream_packetout

[function] [call site] 00056


             ogg_stream_check

[function] [call site] 00057


             _packetout

[function] [call site] 00058


           memcmp

[call site] 00059


           process_header(ogg_packet*, int, int*, int*, int*, int*, int*, SpeexStereoState*, int*)

[function] [call site] 00060


             speex_packet_to_header

[function] [call site] 00061


               speex_notify

[function] [call site] 00062


               speex_alloc

[function] [call site] 00063


               le_int

[function] [call site] 00064


               le_int

[function] [call site] 00065


               le_int

[function] [call site] 00066


               le_int

[function] [call site] 00067


               le_int

[function] [call site] 00068


               le_int

[function] [call site] 00069


               le_int

[function] [call site] 00070


               le_int

[function] [call site] 00071


               le_int

[function] [call site] 00072


               le_int

[function] [call site] 00073


               le_int

[function] [call site] 00074


               speex_notify

[function] [call site] 00075


               speex_free

[function] [call site] 00076


             speex_lib_get_mode

[function] [call site] 00077


             speex_decoder_init

[function] [call site] 00078


             speex_decoder_ctl

[function] [call site] 00079


             speex_decoder_ctl

[function] [call site] 00080


             speex_decoder_destroy

[function] [call site] 00081


             speex_decoder_ctl

[function] [call site] 00082


             speex_decoder_destroy

[function] [call site] 00083


             speex_std_stereo_request_handler

[function] [call site] 00084


               speex_bits_unpack_unsigned

[function] [call site] 00085


               speex_bits_unpack_unsigned

[function] [call site] 00086

exp

[call site] 00087


               speex_bits_unpack_unsigned

[function] [call site] 00088


             speex_decoder_ctl

[function] [call site] 00089


             speex_decoder_destroy

[function] [call site] 00090


           cleanup(void*, SpeexBits*, int, ogg_stream_state*, ogg_sync_state*)

[function] [call site] 00091


           speex_decoder_ctl

[function] [call site] 00092


           speex_bits_read_from

[function] [call site] 00093


             speex_notify

[function] [call site] 00094


             speex_realloc

[function] [call site] 00095


               realloc

[call site] 00096


             speex_warning

[function] [call site] 00097


             speex_warning

[function] [call site] 00098


           speex_decode

[function] [call site] 00099


           speex_bits_remaining

[function] [call site] 00100


           speex_decode_stereo

[function] [call site] 00101


             sqrt

[call site] 00102


             sqrt

[call site] 00103


           cleanup(void*, SpeexBits*, int, ogg_stream_state*, ogg_sync_state*)

[function] [call site] 00104