Fuzz introspector: inspector/source-codeexample_large_fuzzer.c
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
14 14 2 :

['crc_word_big', 'byte_swap']

14 14 crc32_z call site: 00012 /src/zlib/crc32.c:731
8 8 2 :

['malloc', 'strlen']

8 8 gz_error call site: 00000 /src/zlib/gzlib.c:546
4 17 3 :

['__errno_location', 'strerror', 'gz_error']

4 17 gz_load call site: 00000 /src/zlib/gzread.c:27
2 2 1 :

['perror']

2 2 file_compress call site: 00000 /src/minigzip_fuzzer.c:385
2 2 1 :

['perror']

2 2 file_uncompress call site: 00000 /src/minigzip_fuzzer.c:434
0 510 1 :

['gz_zero']

2 1048 gzclose_w call site: 00000 /src/zlib/gzwrite.c:609
0 510 1 :

['gz_zero']

0 2016 gz_write call site: 00000 /src/zlib/gzwrite.c:185
0 502 1 :

['gz_comp']

0 502 gzvprintf call site: 00000 /src/zlib/gzwrite.c:418
0 423 1 :

['gz_skip']

0 1230 gz_read call site: 00000 /src/zlib/gzread.c:277
0 70 1 :

['deflateReset']

6 505 gz_comp call site: 00000 /src/zlib/gzwrite.c:90
0 59 3 :

['_tr_stored_block', 'read_buf', 'flush_pending']

0 59 deflate_stored call site: 00061 /src/zlib/deflate.c:1757
0 25 1 :

['gzrewind']

0 25 gzseek64 call site: 00000 /src/zlib/gzlib.c:387

Fuzzer calltree

0 LLVMFuzzerTestOneInput [function] [call site] 00000
1 calloc [call site] 00001
1 calloc [call site] 00002
1 test_large_deflate [function] [call site] 00003
2 deflateInit_ [function] [call site] 00004
3 deflateInit2_ [function] [call site] 00005
4 deflateEnd [function] [call site] 00006
5 deflateStateCheck [function] [call site] 00007
4 deflateReset [function] [call site] 00008
5 deflateResetKeep [function] [call site] 00009
6 deflateStateCheck [function] [call site] 00010
6 crc32 [function] [call site] 00011
7 crc32_z [function] [call site] 00012
8 crc_word [function] [call site] 00013
8 crc_word [function] [call site] 00014
8 crc_word [function] [call site] 00015
8 crc_word [function] [call site] 00016
8 crc_word [function] [call site] 00017
8 byte_swap [function] [call site] 00018
8 crc_word_big [function] [call site] 00019
8 crc_word_big [function] [call site] 00020
8 crc_word_big [function] [call site] 00021
8 crc_word_big [function] [call site] 00022
8 crc_word_big [function] [call site] 00023
8 byte_swap [function] [call site] 00024
6 adler32 [function] [call site] 00025
7 adler32_z [function] [call site] 00026
6 _tr_init [function] [call site] 00027
7 tr_static_init [function] [call site] 00028
7 init_block [function] [call site] 00029
5 lm_init [function] [call site] 00030
2 fprintf [call site] 00031
2 deflate [function] [call site] 00032
3 deflateStateCheck [function] [call site] 00033
3 flush_pending [function] [call site] 00034
4 _tr_flush_bits [function] [call site] 00035
5 bi_flush [function] [call site] 00036
3 putShortMSB [function] [call site] 00037
3 putShortMSB [function] [call site] 00038
3 putShortMSB [function] [call site] 00039
3 adler32 [function] [call site] 00040
3 flush_pending [function] [call site] 00041
3 crc32 [function] [call site] 00042
3 flush_pending [function] [call site] 00043
3 crc32 [function] [call site] 00044
3 crc32 [function] [call site] 00045
3 flush_pending [function] [call site] 00046
3 crc32 [function] [call site] 00047
3 crc32 [function] [call site] 00048
3 flush_pending [function] [call site] 00049
3 crc32 [function] [call site] 00050
3 crc32 [function] [call site] 00051
3 flush_pending [function] [call site] 00052
3 crc32 [function] [call site] 00053
3 flush_pending [function] [call site] 00054
3 crc32 [function] [call site] 00055
3 flush_pending [function] [call site] 00056
3 deflate_stored [function] [call site] 00057
4 _tr_stored_block [function] [call site] 00058
5 bi_windup [function] [call site] 00059
4 flush_pending [function] [call site] 00060
4 read_buf [function] [call site] 00061
5 adler32 [function] [call site] 00062
5 crc32 [function] [call site] 00063
4 read_buf [function] [call site] 00064
4 _tr_stored_block [function] [call site] 00065
4 flush_pending [function] [call site] 00066
3 deflate_huff [function] [call site] 00067
4 fill_window [function] [call site] 00068
5 slide_hash [function] [call site] 00069
5 read_buf [function] [call site] 00070
4 _tr_flush_block [function] [call site] 00071
5 detect_data_type [function] [call site] 00072
5 build_tree [function] [call site] 00073
6 pqdownheap [function] [call site] 00074
6 pqdownheap [function] [call site] 00075
6 pqdownheap [function] [call site] 00076
6 gen_bitlen [function] [call site] 00077
6 gen_codes [function] [call site] 00078
7 bi_reverse [function] [call site] 00079
5 build_tree [function] [call site] 00080
5 build_bl_tree [function] [call site] 00081
6 scan_tree [function] [call site] 00082
6 scan_tree [function] [call site] 00083
6 build_tree [function] [call site] 00084
5 _tr_stored_block [function] [call site] 00085
5 compress_block [function] [call site] 00086
5 send_all_trees [function] [call site] 00087
6 send_tree [function] [call site] 00088
6 send_tree [function] [call site] 00089
5 compress_block [function] [call site] 00090
5 init_block [function] [call site] 00091
5 bi_windup [function] [call site] 00092
4 flush_pending [function] [call site] 00093
4 _tr_flush_block [function] [call site] 00094
4 flush_pending [function] [call site] 00095
4 _tr_flush_block [function] [call site] 00096
4 flush_pending [function] [call site] 00097
3 deflate_rle [function] [call site] 00098
4 fill_window [function] [call site] 00099
4 _tr_flush_block [function] [call site] 00100
4 flush_pending [function] [call site] 00101
4 _tr_flush_block [function] [call site] 00102
4 flush_pending [function] [call site] 00103
4 _tr_flush_block [function] [call site] 00104
4 flush_pending [function] [call site] 00105
3 _tr_align [function] [call site] 00106
4 bi_flush [function] [call site] 00107
3 _tr_stored_block [function] [call site] 00108
3 flush_pending [function] [call site] 00109
3 putShortMSB [function] [call site] 00110
3 putShortMSB [function] [call site] 00111
3 flush_pending [function] [call site] 00112
2 fprintf [call site] 00113
2 fprintf [call site] 00114
2 deflateParams [function] [call site] 00115
3 deflateStateCheck [function] [call site] 00116
3 deflate [function] [call site] 00117
3 slide_hash [function] [call site] 00118
2 deflate [function] [call site] 00119
2 fprintf [call site] 00120
2 deflateParams [function] [call site] 00121
2 deflate [function] [call site] 00122
2 fprintf [call site] 00123
2 deflate [function] [call site] 00124
2 fprintf [call site] 00125
2 deflateEnd [function] [call site] 00126
2 fprintf [call site] 00127
1 test_large_inflate [function] [call site] 00128
2 inflateInit_ [function] [call site] 00129
3 inflateInit2_ [function] [call site] 00130
4 inflateReset2 [function] [call site] 00131
5 inflateStateCheck [function] [call site] 00132
5 inflateReset [function] [call site] 00133
6 inflateStateCheck [function] [call site] 00134
6 inflateResetKeep [function] [call site] 00135
7 inflateStateCheck [function] [call site] 00136
2 fprintf [call site] 00137
2 inflate [function] [call site] 00138
3 inflateStateCheck [function] [call site] 00139
3 crc32 [function] [call site] 00140
3 crc32 [function] [call site] 00141
3 adler32 [function] [call site] 00142
3 crc32 [function] [call site] 00143
3 crc32 [function] [call site] 00144
3 crc32 [function] [call site] 00145
3 crc32 [function] [call site] 00146
3 crc32 [function] [call site] 00147
3 crc32 [function] [call site] 00148
3 crc32 [function] [call site] 00149
3 crc32 [function] [call site] 00150
3 adler32 [function] [call site] 00151
3 fixedtables [function] [call site] 00152
3 inflate_table [function] [call site] 00153
3 inflate_table [function] [call site] 00154
3 inflate_table [function] [call site] 00155
3 inflate_fast [function] [call site] 00156
3 crc32 [function] [call site] 00157
3 adler32 [function] [call site] 00158
3 updatewindow [function] [call site] 00159
3 crc32 [function] [call site] 00160
3 adler32 [function] [call site] 00161
2 fprintf [call site] 00162
2 inflateEnd [function] [call site] 00163
3 inflateStateCheck [function] [call site] 00164
2 fprintf [call site] 00165
2 fprintf [call site] 00166