The followings are the branches where fuzzer fails to bypass.
LLVMFuzzerTestOneInput
[function]
[call site]
00000
get_test_opts_from_env
[function]
[call site]
00001
getenv
[call site]
00002
tcti_type_from_name
[function]
[call site]
00003
strcmp
[call site]
00004
fprintf
[call site]
00005
getenv
[call site]
00006
getenv
[call site]
00007
getenv
[call site]
00008
strtol
[call site]
00009
sanity_check_test_opts
[function]
[call site]
00010
fprintf
[call site]
00011
fprintf
[call site]
00012
fprintf
[call site]
00013
fprintf
[call site]
00014
doLog
[function]
[call site]
00015
getLogLevel
[function]
[call site]
00016
getenv
[call site]
00017
strchr
[call site]
00018
case_insensitive_strncmp
[function]
[call site]
00019
tolower
[call site]
00020
strlen
[call site]
00021
strlen
[call site]
00022
case_insensitive_strncmp
[function]
[call site]
00023
log_stringlevel
[function]
[call site]
00024
strlen
[call site]
00025
case_insensitive_strncmp
[function]
[call site]
00026
snprintf
[call site]
00027
snprintf
[call site]
00028
getLogFile
[function]
[call site]
00029
getenv
[call site]
00030
case_insensitive_strncmp
[function]
[call site]
00031
strcmp
[call site]
00032
case_insensitive_strncmp
[function]
[call site]
00033
fopen
[call site]
00034
__errno_location
[call site]
00035
vfprintf
[call site]
00036
fflush
[call site]
00037
exit
[call site]
00038
sys_init_from_opts
[function]
[call site]
00039
tcti_init_from_opts
[function]
[call site]
00040
tcti_fuzzing_init
[function]
[call site]
00041
Tss2_Tcti_Fuzzing_Init
[function]
[call site]
00042
tcti_fuzzing_init_context_data
[function]
[call site]
00043
tcti_fuzzing_transmit
[function]
[call site]
00044
tcti_fuzzing_receive
[function]
[call site]
00045
tcti_fuzzing_context_cast
[function]
[call site]
00046
tcti_fuzzing_down_cast
[function]
[call site]
00047
tcti_common_receive_checks
[function]
[call site]
00048
doLog
[function]
[call site]
00049
doLog
[function]
[call site]
00050
doLog
[function]
[call site]
00051
tcti_fuzzing_finalize
[function]
[call site]
00052
tcti_fuzzing_cancel
[function]
[call site]
00053
tcti_fuzzing_get_poll_handles
[function]
[call site]
00054
tcti_fuzzing_set_locality
[function]
[call site]
00055
tcti_make_sticky_not_implemented
[function]
[call site]
00056
fprintf
[call site]
00057
calloc
[call site]
00058
__errno_location
[call site]
00059
fprintf
[call site]
00060
Tss2_Tcti_Fuzzing_Init
[function]
[call site]
00061
fprintf
[call site]
00062
sys_init_from_tcti_ctx
[function]
[call site]
00063
Tss2_Sys_GetContextSize
[function]
[call site]
00064
calloc
[call site]
00065
fprintf
[call site]
00066
Tss2_Sys_Initialize
[function]
[call site]
00067
syscontext_cast
[function]
[call site]
00068
doLog
[function]
[call site]
00069
InitSysContextPtrs
[function]
[call site]
00070
InitSysContextFields
[function]
[call site]
00071
fprintf
[call site]
00072
doLog
[function]
[call site]
00073
exit
[call site]
00074
syscontext_cast
[function]
[call site]
00075
tcti_fuzzing_context_cast
[function]
[call site]
00076
test_invoke
[function]
[call site]
00077
fuzz_fill
[function]
[call site]
00078
syscontext_cast
[function]
[call site]
00079
tcti_fuzzing_context_cast
[function]
[call site]
00080
Tss2_Sys_Load_Prepare
[function]
[call site]
00081
syscontext_cast
[function]
[call site]
00082
CommonPreparePrologue
[function]
[call site]
00083
InitSysContextFields
[function]
[call site]
00084
CopyCommandHeader
[function]
[call site]
00085
Tss2_MU_TPM2_ST_Marshal
[function]
[call site]
00086
doLog
[function]
[call site]
00087
__bswap_16
[function]
[call site]
00088
__bswap_32
[function]
[call site]
00089
req_header_from_cxt
[function]
[call site]
00090
GetNumResponseHandles
[function]
[call site]
00091
GetNumHandles
[function]
[call site]
00092
GetNumResponseHandles
[function]
[call site]
00093
GetNumCommandHandles
[function]
[call site]
00094
GetNumHandles
[function]
[call site]
00095
Tss2_MU_UINT32_Marshal
[function]
[call site]
00096
doLog
[function]
[call site]
00097
__bswap_32
[function]
[call site]
00098
Tss2_MU_UINT16_Marshal
[function]
[call site]
00099
doLog
[function]
[call site]
00100
__bswap_16
[function]
[call site]
00101
Tss2_MU_TPM2B_PRIVATE_Marshal
[function]
[call site]
00102
doLog
[function]
[call site]
00103
Tss2_MU_UINT16_Marshal
[function]
[call site]
00104
Tss2_MU_UINT16_Marshal
[function]
[call site]
00105
Tss2_MU_TPM2B_PUBLIC_Marshal
[function]
[call site]
00106
doLog
[function]
[call site]
00107
Tss2_MU_UINT16_Marshal
[function]
[call site]
00108
Tss2_MU_TPMT_PUBLIC_Marshal
[function]
[call site]
00109
doLog
[function]
[call site]
00110
Tss2_MU_UINT16_Marshal
[function]
[call site]
00111
Tss2_MU_TPMA_OBJECT_Marshal
[function]
[call site]
00112
doLog
[function]
[call site]
00113
__bswap_32
[function]
[call site]
00114
Tss2_MU_TPM2B_DIGEST_Marshal
[function]
[call site]
00115
doLog
[function]
[call site]
00116
Tss2_MU_UINT16_Marshal
[function]
[call site]
00117
Tss2_MU_TPMU_PUBLIC_PARMS_Marshal
[function]
[call site]
00118
doLog
[function]
[call site]
00119
Tss2_MU_TPMS_KEYEDHASH_PARMS_Marshal
[function]
[call site]
00120
doLog
[function]
[call site]
00121
Tss2_MU_TPMT_KEYEDHASH_SCHEME_Marshal
[function]
[call site]
00122
doLog
[function]
[call site]
00123
Tss2_MU_UINT16_Marshal
[function]
[call site]
00124
Tss2_MU_TPMU_SCHEME_KEYEDHASH_Marshal
[function]
[call site]
00125
doLog
[function]
[call site]
00126
Tss2_MU_TPMS_SCHEME_HASH_Marshal
[function]
[call site]
00127
doLog
[function]
[call site]
00128
Tss2_MU_UINT16_Marshal
[function]
[call site]
00129
marshal_null
[function]
[call site]
00130
marshal_null
[function]
[call site]
00131
__bswap_16
[function]
[call site]
00132
CommonPrepareEpilogue
[function]
[call site]
00133
__bswap_32
[function]
[call site]
00134
req_header_from_cxt
[function]
[call site]
00135
sys_teardown_full
[function]
[call site]
00136
Tss2_Sys_GetTctiContext
[function]
[call site]
00137
syscontext_cast
[function]
[call site]
00138
sys_teardown
[function]
[call site]
00139
Tss2_Sys_Finalize
[function]
[call site]
00140
tcti_teardown
[function]
[call site]
00141
doLog
[function]
[call site]
00142
exit
[call site]
00143