Commit Graph

10 Commits

Author SHA1 Message Date
kjlubick
840f12a721 Fix memory leak in FuzzGradients
BUG=skia:
GOLD_TRYBOT_URL= https://gold.skia.org/search?issue=2446643003

Review-Url: https://codereview.chromium.org/2446643003
2016-10-25 06:11:05 -07:00
kjlubick
85d301745a Fix fuzzer's bools to be 0 or 1 only
BUG=skia:
GOLD_TRYBOT_URL= https://gold.skia.org/search?issue=2447823002

Review-Url: https://codereview.chromium.org/2447823002
2016-10-24 11:53:35 -07:00
reed
42943c8aa9 change SkStreams to work with sk_sp<SkData> instead of SkData*
BUG=skia:
GOLD_TRYBOT_URL= https://gold.skia.org/search?issue=2333713002

Review-Url: https://codereview.chromium.org/2333713002
2016-09-12 12:01:44 -07:00
bungeman
ffae30db4a Convert SkAutoTUnref<SkData> to sk_sp<SkData>.
With the move from SkData::NewXXX to SkData::MakeXXX most
SkAutoTUnref<SkData> were changed to sk_sp<SkData>. However,
there are still a few SkAutoTUnref<SkData> around, so clean
them up.

Review-Url: https://codereview.chromium.org/2212493002
2016-08-03 13:32:32 -07:00
kjlubick
e565450d0b Port FuzzPathop from chromium
BUG=skia:
GOLD_TRYBOT_URL= https://gold.skia.org/search?issue=2148023002

Review-Url: https://codereview.chromium.org/2148023002
2016-07-19 16:50:03 -07:00
kjlubick
4319593988 Do an in-place replacement of SkRandom with Fuzz for FilterFuzz
This feels rather clunky, because we aren't using the full potential of the
fuzzer, but it works, it seems.

BUG=skia:4969
GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1710183002

Review URL: https://codereview.chromium.org/1710183002
2016-04-05 12:48:47 -07:00
kjlubick
5bd98a244b Create ParsePath API fuzz
This is based on https://codereview.chromium.org/1675053002

BUG=skia:4438
GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1702383003

Review URL: https://codereview.chromium.org/1702383003
2016-02-18 06:27:39 -08:00
mtklein
a115942ed6 fuzz: signalBug() / signalBoring()
Instead of a single ASSERT macro, this switches to two new methods:
   - signalBug():    tell afl-fuzz there's a bug caused by its inputs (by crashing)
   - signalBoring(): tell afl-fuzz these inputs are not worth testing (by exiting gracefully)

I'm not seeing any effect on fuzz/s when I just always log verbosely.

signalBug() now triggers SIGSEGV rather than SIGABRT.  This should make it work with catchsegv more easily.

BUG=skia:
GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1585353002

Review URL: https://codereview.chromium.org/1585353002
2016-01-15 05:46:54 -08:00
mtklein
24a22c7de8 some fuzz hacking
Try to start faster:
 - remove flags dependency
 - print nothing
 - strip unused symbols from the binary on Mac (smaller binary)
 - only create one fuzz object
 - only run one DEF_FUZZ
I am not sure if any of these things mattered, but I thought you may like to look.

Good stuff:
 - make nextU() / nextF() work
 - drop nextURange() / nextFRange() for now
 - add nextB() for a single byte

As you may have guessed, I have figured out how to use afl-fuzz on my laptop.

Syntax to run becomes:
  $ afl-fuzz ... out/Release/fuzz <DEF_FUZZ name> @@

BUG=skia:
GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1581203003

Review URL: https://codereview.chromium.org/1581203003
2016-01-14 04:59:42 -08:00
mtklein
65e5824d3a Add new fuzz binary.
This is designed to have short startup time, for maximum fuzzing throughput.

BUG=skia:
GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1589563002

Review URL: https://codereview.chromium.org/1589563002
2016-01-13 12:57:58 -08:00