This also adds in a few small guards to prevent libfuzzer from frequently
running out of memory when an image claims to have billions of pixels.
Bug: skia:
Change-Id: I47a9daac832c4d85a42000698482b61721c38880
Reviewed-on: https://skia-review.googlesource.com/106264
Commit-Queue: Kevin Lubick <kjlubick@google.com>
Reviewed-by: Leon Scroggins <scroggo@google.com>
FuzzImageFilterDeserialize is already being used in oss-fuzz
but the target lived there and not here. This moves it here.
Then we can turn on:
- FuzzPathDeserialize
- FuzzTextBlobDeserialize
Bug: skia:
Change-Id: I7baee8386fb7aeebc43a68abfff9a670ba16f82c
Reviewed-on: https://skia-review.googlesource.com/105763
Reviewed-by: Mike Klein <mtklein@google.com>
Commit-Queue: Kevin Lubick <kjlubick@google.com>
Also refactor a few things to make it easier to use oss-fuzz.
Bug: skia:
Change-Id: Ie518a6cfc7d57a347b5d09089379f986d33f8b7f
Reviewed-on: https://skia-review.googlesource.com/41740
Commit-Queue: Kevin Lubick <kjlubick@google.com>
Reviewed-by: Mike Klein <mtklein@google.com>
After this CL, we have 3.5 options for fuzzing ImageFilter
1. Create it from API calls and then draw it
fuzz -t api -n ImageFilter -b [input]
2. Deserialize a fuzzed stream into an ImageFilter (this is
what Chromium's filter_fuzz_stub does)
fuzz -t filter_fuzz -b [input]
3. Create an ImageFilter from API calls, serialize it, apply
some mutations to the stream, deserialize it, then draw it.
fuzz -t api -n SerializedImageFilter -b [input]
3.5 Create ImageFilters as part of our more general canvas
fuzzers.
fuzz -t api -n RasterN32Canvas -b [input] (and others)
Previously, the SerializedImageFilter had its own, slightly
stale and prone to stack-overflow way of making an image filter.
This CL re-uses what we already do for Canvas fuzzing and removes
that dead code.
Additionally, there is a way to easily generate a corpus
for the filter_fuzz type, via SerializedImageFilter.
Bug: skia:
Change-Id: I31bb4ffce2abf1c1a6d0a7000e5aceb8d7b38b65
Reviewed-on: https://skia-review.googlesource.com/92142
Reviewed-by: Hal Canary <halcanary@google.com>
Commit-Queue: Kevin Lubick <kjlubick@google.com>
This cleans up the build so commandline flags defined in tools/*.cpp
don't get globbed into the fuzzer's.
Bug: skia:
Change-Id: I5994aa5bf75686641baf0cf97fd81141f0ac6f3a
Reviewed-on: https://skia-review.googlesource.com/92680
Commit-Queue: Kevin Lubick <kjlubick@google.com>
Reviewed-by: Mike Klein <mtklein@google.com>
Bug: skia:
Change-Id: I054560b66c6cde346d939015326d8547879d2c4b
Reviewed-on: https://skia-review.googlesource.com/81160
Reviewed-by: Mike Klein <mtklein@chromium.org>
Commit-Queue: Mike Reed <reed@google.com>
This was created by looking at warnings produced by clang's
-Wzero-as-null-pointer-constant. This updates most issues in
Skia code. However, there are places where GL and Vulkan want
pointer values which are explicitly 0, external headers which
use NULL directly, and possibly more uses in un-compiled
sources (for other platforms).
Change-Id: Id22fbac04d5c53497a53d734f0896b4f06fe8345
Reviewed-on: https://skia-review.googlesource.com/39521
Reviewed-by: Mike Reed <reed@google.com>
Commit-Queue: Ben Wagner <bungeman@google.com>
On desktop, this saves just over 5% of the time in the SkSL compiler.
As written, the code will now build either way, so it's much easier to
switch back (or even have some platforms use SkString, if that's ever
required).
Bug: skia:
Change-Id: I634f26a4f6fcb404e59bda6a5c6a21a9c6d73c0b
Reviewed-on: https://skia-review.googlesource.com/34381
Reviewed-by: Brian Osman <brianosman@google.com>
Commit-Queue: Brian Osman <brianosman@google.com>
Will need guards for android (at least)
Bug: skia:
Change-Id: I2bb8e656997984489ef1f2e41cd3d301c4e7b947
Reviewed-on: https://skia-review.googlesource.com/26040
Reviewed-by: Mike Klein <mtklein@chromium.org>
Commit-Queue: Mike Reed <reed@google.com>
This reverts commit 742a3e298f.
Reason for revert: Breaking Android roll:
frameworks/base/core/jni/android/graphics/BitmapFactory.cpp:453:18: error: no member named 'fColorPtr' in 'SkAndroidCodec::AndroidOptions'
codecOptions.fColorPtr = colorPtr;
~~~~~~~~~~~~ ^
frameworks/base/core/jni/android/graphics/BitmapFactory.cpp:454:18: error: no member named 'fColorCount' in 'SkAndroidCodec::AndroidOptions'
codecOptions.fColorCount = colorCount;
~~~~~~~~~~~~ ^
Original change's description:
> Remove support for decoding to kIndex_8
>
> Fix up callsites, and remove tests that no longer make sense.
>
> Bug: skia:6828
> Change-Id: I2548c4b7528b7b1be7412563156f27b52c9d4295
> Reviewed-on: https://skia-review.googlesource.com/21664
> Reviewed-by: Derek Sollenberger <djsollen@google.com>
> Commit-Queue: Leon Scroggins <scroggo@google.com>
TBR=djsollen@google.com,scroggo@google.com
Change-Id: I1bc669441f250690884e75a9a61427fdf75c6907
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: skia:6828
Reviewed-on: https://skia-review.googlesource.com/22120
Reviewed-by: Leon Scroggins <scroggo@google.com>
Commit-Queue: Leon Scroggins <scroggo@google.com>
Fix up callsites, and remove tests that no longer make sense.
Bug: skia:6828
Change-Id: I2548c4b7528b7b1be7412563156f27b52c9d4295
Reviewed-on: https://skia-review.googlesource.com/21664
Reviewed-by: Derek Sollenberger <djsollen@google.com>
Commit-Queue: Leon Scroggins <scroggo@google.com>
Previously, SkGifCodec treated an error in the LZW data as incomplete,
since we can still draw the partially decoded image. But a client doing
incremental decodes needs to distinguish this from truly incomplete
data. In the case of an error, the client should not attempt to provide
more data and decode again.
Add kErrorInInput, and return it when SkGifCodec sees a fatal error.
Treat it the same as kIncompleteInput when it comes to filling and DM.
Bug: skia:6825
Change-Id: Ic6ce3a62c0b065ed34dcd8006309e43272a3db9f
Reviewed-on: https://skia-review.googlesource.com/21530
Commit-Queue: Leon Scroggins <scroggo@google.com>
Reviewed-by: Mike Reed <reed@google.com>
Reviewed-by: Chris Blume <cblume@chromium.org>
Fixes:
- create temp api for android to pass nullptr
- don't release and access sk_sp<SkData> at the same time in parameters
This reverts commit b14131c185.
Bug: skia:
Change-Id: Ic0e4f62520ba9f35455499ed30d306ad19d998a8
Reviewed-on: https://skia-review.googlesource.com/11129
Commit-Queue: Mike Reed <reed@google.com>
Reviewed-by: Matt Sarett <msarett@google.com>
This reverts commit 9920b10f52.
Reason for revert: trying to get details on w2k failure
https://chromium-swarm.appspot.com/task?id=354345d34ba3b310&refresh=10
Caught exception 3221225477 EXCEPTION_ACCESS_VIOLATION, was running:
unit test HugeBlurImageFilter
unit test FontNames
unit test Codec_PngRoundTrip
unit test ClampRange
unit test FontHost
unit test ColorMatrixFilter
f16 image scaled_codec_premul abnormal.wbmp
565 image brd_android_codec_divisor_0.167 interlaced3.png_0.167
unit test Codec_png
unit test ImageFilterBlurLargeImage
unit test FontObj
unit test DrawText
unit test GrShape
565 image brd_android_codec_divisor_0.333 interlaced2.png_0.333
unit test PathOpsOpCubicsThreaded
unit test PathOpsOpLoopsThreaded
unit test FontMgr
unit test ColorToHSVRoundTrip
unit test Image_Serialize_Encoding_Failure
Likely culprit:
unit test Image_Serialize_Encoding_Failure
step returned non-zero exit code: -1073741819
Original change's description:
> Revert[2] "clean up (partially) colortable api""
>
> This reverts commit 1d1165ca65.
>
> Bug: skia:
> Change-Id: Idbc0634ae3cec2e79f592d252de8751b077e6408
> Reviewed-on: https://skia-review.googlesource.com/11024
> Reviewed-by: Mike Reed <reed@google.com>
> Commit-Queue: Mike Reed <reed@google.com>
>
TBR=reed@google.com,reviews@skia.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Change-Id: Ia4e73434b083224baa36092c69526c2f59bb16aa
Reviewed-on: https://skia-review.googlesource.com/11025
Reviewed-by: Mike Reed <reed@google.com>
Commit-Queue: Mike Reed <reed@google.com>
This reverts commit 2e491a6a11.
Reason for revert: Windows unit tests failing?
Original change's description:
> clean up (partially) colortable api
>
> Needs this to land: https://codereview.chromium.org/2789853002/
>
> Bug: skia:
> Change-Id: I38d916a546b7fa64d000d973e695ddda24a589e7
> Reviewed-on: https://skia-review.googlesource.com/10600
> Commit-Queue: Mike Reed <reed@google.com>
> Reviewed-by: Matt Sarett <msarett@google.com>
>
TBR=msarett@google.com,scroggo@google.com,reed@google.com,reviews@skia.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Change-Id: I626e7edfcea82576a440dcaa851a04cedee6233f
Reviewed-on: https://skia-review.googlesource.com/10966
Reviewed-by: Mike Klein <mtklein@chromium.org>
Commit-Queue: Mike Klein <mtklein@chromium.org>
This reverts commit f3333c89bf.
Reason for revert: breaking the bots
Original change's description:
> skslc can now be compiled with no Skia dependencies, in preparation for its eventual
> role in Skia's build process.
>
> This reverts commit bcf35f86d5.
>
> BUG=skia:
>
> Change-Id: Id0a12dfc4d804d69a3c6bf60fed37e89ee130f02
> Reviewed-on: https://skia-review.googlesource.com/10802
> Commit-Queue: Ethan Nicholas <ethannicholas@google.com>
> Reviewed-by: Ben Wagner <benjaminwagner@google.com>
>
TBR=benjaminwagner@google.com,ethannicholas@google.com,reviews@skia.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=skia:
Change-Id: Ic7b50d391d25b3870acffa9764cbafc7f5c3be89
Reviewed-on: https://skia-review.googlesource.com/10962
Reviewed-by: Ethan Nicholas <ethannicholas@google.com>
Commit-Queue: Ethan Nicholas <ethannicholas@google.com>
role in Skia's build process.
This reverts commit bcf35f86d5.
BUG=skia:
Change-Id: Id0a12dfc4d804d69a3c6bf60fed37e89ee130f02
Reviewed-on: https://skia-review.googlesource.com/10802
Commit-Queue: Ethan Nicholas <ethannicholas@google.com>
Reviewed-by: Ben Wagner <benjaminwagner@google.com>
This reverts commit 7833466da4.
Reason for revert: Vulkan assertion failure
Original change's description:
> skslc can now be compiled with no Skia dependencies, in preparation for
> its eventual role in Skia's build process.
>
> Bug: skia:
> Change-Id: Iaa9933f4fc4a64bec60aa897c509a3513f457a78
> Reviewed-on: https://skia-review.googlesource.com/10282
> Commit-Queue: Ethan Nicholas <ethannicholas@google.com>
> Reviewed-by: Ben Wagner <benjaminwagner@google.com>
>
TBR=egdaniel@google.com,benjaminwagner@google.com,ethannicholas@google.com,reviews@skia.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Change-Id: Ic64cac2395abb406116885ddd725f74a434c8c49
Reviewed-on: https://skia-review.googlesource.com/10758
Reviewed-by: Ethan Nicholas <ethannicholas@google.com>
Commit-Queue: Ethan Nicholas <ethannicholas@google.com>
its eventual role in Skia's build process.
Bug: skia:
Change-Id: Iaa9933f4fc4a64bec60aa897c509a3513f457a78
Reviewed-on: https://skia-review.googlesource.com/10282
Commit-Queue: Ethan Nicholas <ethannicholas@google.com>
Reviewed-by: Ben Wagner <benjaminwagner@google.com>
Move the fuzzer in
chromium/src/skia/tools/filter_fuzz_stub/filter_fuzz_stub.cc
to Skia's fuzzer.
I recommend removing filter_fuzz_stub from chromium and only
using Skia's fuzzer.
BUG=chromium:700836
Change-Id: Ibab1a9b696e54a3042ee61f5524d196c12df2888
Reviewed-on: https://skia-review.googlesource.com/9802
Commit-Queue: Herb Derby <herb@google.com>
Reviewed-by: Kevin Lubick <kjlubick@google.com>
For example: `fuzz --type _dump_canvas -b fuzz_file`
Note well: this command-line usage is subject to change.
Change-Id: Ida7368a699bafe2395604d8428a2d50cb0eff6aa
Reviewed-on: https://skia-review.googlesource.com/9025
Reviewed-by: Kevin Lubick <kjlubick@google.com>
Reviewed-by: Herb Derby <herb@google.com>
Commit-Queue: Hal Canary <halcanary@google.com>
run `fuzz --type pdf_canvas` or `fuzz --type null_canvas` or
`fuzz --type n32_canvas`
Change-Id: Id70179d5578ed1e67006aef7823bf75fc1d7a4a6
Reviewed-on: https://skia-review.googlesource.com/8418
Reviewed-by: Kevin Lubick <kjlubick@google.com>
Commit-Queue: Hal Canary <halcanary@google.com>
This also fixes bin/coverage.
fuzz/coverage borrows heavily from bin/coverage.
BUG=skia:
Change-Id: I9e353d1f5ea3bca1d57d66b1c1ecabc6f9b23cee
Reviewed-on: https://skia-review.googlesource.com/8414
Reviewed-by: Joe Gregorio <jcgregorio@google.com>
Commit-Queue: Kevin Lubick <kjlubick@google.com>
BUG=skia:
Change-Id: Ie7d4fac3024b361a281f456fec2b3a837e2bfe43
Reviewed-on: https://skia-review.googlesource.com/6881
Commit-Queue: Mike Reed <reed@google.com>
Reviewed-by: Mike Klein <mtklein@chromium.org>
BUG=skia:
Change-Id: Ic8a56448b39bf6a8c6388bffb7f3b7c5ed798a2f
Reviewed-on: https://skia-review.googlesource.com/6692
Reviewed-by: Mike Klein <mtklein@chromium.org>
Commit-Queue: Kevin Lubick <kjlubick@google.com>
BUG=skia:5878
Change-Id: I13552948c86a83f2384b83f59432c11779f305f1
Reviewed-on: https://skia-review.googlesource.com/6528
Reviewed-by: Mike Klein <mtklein@chromium.org>
Commit-Queue: Mike Klein <mtklein@chromium.org>
This reverts commit ce33f10677.
Reason for revert: Breaking many gpu bots
Change-Id: I94c813ed6a9311458c872f74bb1b0792f46ff414
Reviewed-on: https://skia-review.googlesource.com/5737
Commit-Queue: Greg Daniel <egdaniel@google.com>
Reviewed-by: Greg Daniel <egdaniel@google.com>
Add a new mode to decode all frames of an animated image. Use
incremental decoding, rather than getPixels, since the primary client
uses incremental decoding.
Do not decode animated as index 8, which is only supported for the
first frame.
Change-Id: I5d7ed1a81c1ef37df3701c483486d4beff0f62a7
Reviewed-on: https://skia-review.googlesource.com/5679
Reviewed-by: Kevin Lubick <kjlubick@google.com>
Commit-Queue: Leon Scroggins <scroggo@google.com>
(re-land 248ff02 & 2cb6cb7, with changes)
- Hide SkImageEncoder class in private header.
- SkImageEncoder::Type becomes SkEncodedImageFormat
- SkEncodedFormat becomes SkEncodedImageFormat
- SkImageEncoder static functions replaced with
single function EncodeImage()
- utility wrappers for EncodeImage() are in
sk_tool_utils.h
TODO: remove link-time registration mechanism.
TODO: clean up clients use of API and flip the flag.
TODO: implement EncodeImage() in chromeium/skia/ext
Change-Id: I47d451e50be4d5c6c130869c7fa7c2857243d9f0
Reviewed-on: https://skia-review.googlesource.com/4909
Reviewed-by: Mike Reed <reed@google.com>
Reviewed-by: Leon Scroggins <scroggo@google.com>
Reviewed-on: https://skia-review.googlesource.com/5186
Commit-Queue: Hal Canary <halcanary@google.com>
Reviewed-by: Hal Canary <halcanary@google.com>
- Hide SkImageEncoder class in private header.
- SkImageEncoder::Type becomes SkEncodedImageFormat
- SkEncodedFormat becomes SkEncodedImageFormat
- SkImageEncoder static functions replaced with
single function EncodeImage()
- utility wrappers for EncodeImage() are in
sk_tool_utils.h
TODO: remove link-time registration mechanism.
TODO: clean up clients use of API and flip the flag.
TODO: implement EncodeImage() in chromeium/skia/ext
GOLD_TRYBOT_URL= https://gold.skia.org/search?issue=4909
Change-Id: Ib48b31fdc05cf23cda7f56ebfd67c841c149ce70
Reviewed-on: https://skia-review.googlesource.com/4909
Reviewed-by: Mike Reed <reed@google.com>
Reviewed-by: Leon Scroggins <scroggo@google.com>
Commit-Queue: Hal Canary <halcanary@google.com>