This also adds in a few small guards to prevent libfuzzer from frequently
running out of memory when an image claims to have billions of pixels.
Bug: skia:
Change-Id: I47a9daac832c4d85a42000698482b61721c38880
Reviewed-on: https://skia-review.googlesource.com/106264
Commit-Queue: Kevin Lubick <kjlubick@google.com>
Reviewed-by: Leon Scroggins <scroggo@google.com>
FuzzImageFilterDeserialize is already being used in oss-fuzz
but the target lived there and not here. This moves it here.
Then we can turn on:
- FuzzPathDeserialize
- FuzzTextBlobDeserialize
Bug: skia:
Change-Id: I7baee8386fb7aeebc43a68abfff9a670ba16f82c
Reviewed-on: https://skia-review.googlesource.com/105763
Reviewed-by: Mike Klein <mtklein@google.com>
Commit-Queue: Kevin Lubick <kjlubick@google.com>
This reverts the revert 9ff8c8c073.
Original:
This is a performance-only hint that no one but fuzzers
is using. It's even explicitly filtered out in Android.
The fuzzers have noticed they can trick us into allocating
uninitialized memory and treating it as opaque, blending
uninitialized pixels, etc.
Since no one's using this, we can just kill the bit.
Bug: skia:7566, chromium:808830
Docs-Preview: https://skia.org/?cl=105282
Change-Id: I4326c663f777aa373ff7ec9f319519da9729350d
Reviewed-on: https://skia-review.googlesource.com/105282
Reviewed-by: Mike Klein <mtklein@chromium.org>
Commit-Queue: Mike Klein <mtklein@chromium.org>
This reverts commit 9a7a2ee5ad.
Reason for revert: still need to update blink_headless in Google3
Original change's description:
> remove SkCanvas::kIsOpaque_SaveLayerFlag
>
> This is a performance-only hint that no one but fuzzers
> is using. It's even explicitly filtered out in Android.
>
> The fuzzers have noticed they can trick us into allocating
> uninitialized memory and treating it as opaque, blending
> uninitialized pixels, etc.
>
> Since no one's using this, we can just kill the bit.
>
> Bug: skia:7566, chromium:808830
>
> Change-Id: Id74a85e51bc4d0907b4127eb9ac5b02576f8f0a7
> Reviewed-on: https://skia-review.googlesource.com/104441
> Reviewed-by: Mike Reed <reed@google.com>
> Commit-Queue: Mike Klein <mtklein@chromium.org>
TBR=mtklein@chromium.org,fmalita@chromium.org,reed@google.com
Change-Id: I10d3c7e5184b9322715a5bfb6a7106292c8876a3
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: skia:7566, chromium:808830
Reviewed-on: https://skia-review.googlesource.com/104781
Reviewed-by: Mike Klein <mtklein@google.com>
Commit-Queue: Mike Klein <mtklein@google.com>
This is a performance-only hint that no one but fuzzers
is using. It's even explicitly filtered out in Android.
The fuzzers have noticed they can trick us into allocating
uninitialized memory and treating it as opaque, blending
uninitialized pixels, etc.
Since no one's using this, we can just kill the bit.
Bug: skia:7566, chromium:808830
Change-Id: Id74a85e51bc4d0907b4127eb9ac5b02576f8f0a7
Reviewed-on: https://skia-review.googlesource.com/104441
Reviewed-by: Mike Reed <reed@google.com>
Commit-Queue: Mike Klein <mtklein@chromium.org>
Bug: oss-fuzz:5629
Change-Id: I1129a6a9a68c69e07ab63e2e2be1c00cf0581962
Reviewed-on: https://skia-review.googlesource.com/102482
Reviewed-by: Mike Klein <mtklein@chromium.org>
Commit-Queue: Kevin Lubick <kjlubick@google.com>
Also tweak when we report OOM - AFL-fuzz is fine, but libfuzzer should
abort, not exit.
Bug: skia:
Change-Id: Ic19277bbceec5e7c0ac966d6d9ac677bcfebcfae
Reviewed-on: https://skia-review.googlesource.com/93201
Commit-Queue: Kevin Lubick <kjlubick@google.com>
Reviewed-by: Hal Canary <halcanary@google.com>
Also refactor a few things to make it easier to use oss-fuzz.
Bug: skia:
Change-Id: Ie518a6cfc7d57a347b5d09089379f986d33f8b7f
Reviewed-on: https://skia-review.googlesource.com/41740
Commit-Queue: Kevin Lubick <kjlubick@google.com>
Reviewed-by: Mike Klein <mtklein@google.com>
After this CL, we have 3.5 options for fuzzing ImageFilter
1. Create it from API calls and then draw it
fuzz -t api -n ImageFilter -b [input]
2. Deserialize a fuzzed stream into an ImageFilter (this is
what Chromium's filter_fuzz_stub does)
fuzz -t filter_fuzz -b [input]
3. Create an ImageFilter from API calls, serialize it, apply
some mutations to the stream, deserialize it, then draw it.
fuzz -t api -n SerializedImageFilter -b [input]
3.5 Create ImageFilters as part of our more general canvas
fuzzers.
fuzz -t api -n RasterN32Canvas -b [input] (and others)
Previously, the SerializedImageFilter had its own, slightly
stale and prone to stack-overflow way of making an image filter.
This CL re-uses what we already do for Canvas fuzzing and removes
that dead code.
Additionally, there is a way to easily generate a corpus
for the filter_fuzz type, via SerializedImageFilter.
Bug: skia:
Change-Id: I31bb4ffce2abf1c1a6d0a7000e5aceb8d7b38b65
Reviewed-on: https://skia-review.googlesource.com/92142
Reviewed-by: Hal Canary <halcanary@google.com>
Commit-Queue: Kevin Lubick <kjlubick@google.com>
This cleans up the build so commandline flags defined in tools/*.cpp
don't get globbed into the fuzzer's.
Bug: skia:
Change-Id: I5994aa5bf75686641baf0cf97fd81141f0ac6f3a
Reviewed-on: https://skia-review.googlesource.com/92680
Commit-Queue: Kevin Lubick <kjlubick@google.com>
Reviewed-by: Mike Klein <mtklein@google.com>
Add a flag that hints, which lattice rectangles are solid colors.
Draw solid rectangles and 1x1 rectangles with drawRect.
Test: Measured performance of a ninepatch drawn by HWUI
Bug: b/69796044
Change-Id: Ib3b00ca608da42fa9f2d2038cc126a978421ec7c
Reviewed-on: https://skia-review.googlesource.com/79821
Commit-Queue: Stan Iliev <stani@google.com>
Reviewed-by: Derek Sollenberger <djsollen@google.com>
Bug: skia:
Change-Id: I054560b66c6cde346d939015326d8547879d2c4b
Reviewed-on: https://skia-review.googlesource.com/81160
Reviewed-by: Mike Klein <mtklein@chromium.org>
Commit-Queue: Mike Reed <reed@google.com>
Change-Id: I0ea4f96263aec4b272ead5f541ee304942499f68
Reviewed-on: https://skia-review.googlesource.com/79161
Reviewed-by: Mike Klein <mtklein@chromium.org>
Commit-Queue: Hal Canary <halcanary@google.com>
This was created by looking at warnings produced by clang's
-Wzero-as-null-pointer-constant. This updates most issues in
Skia code. However, there are places where GL and Vulkan want
pointer values which are explicitly 0, external headers which
use NULL directly, and possibly more uses in un-compiled
sources (for other platforms).
Change-Id: Id22fbac04d5c53497a53d734f0896b4f06fe8345
Reviewed-on: https://skia-review.googlesource.com/39521
Reviewed-by: Mike Reed <reed@google.com>
Commit-Queue: Ben Wagner <bungeman@google.com>
On desktop, this saves just over 5% of the time in the SkSL compiler.
As written, the code will now build either way, so it's much easier to
switch back (or even have some platforms use SkString, if that's ever
required).
Bug: skia:
Change-Id: I634f26a4f6fcb404e59bda6a5c6a21a9c6d73c0b
Reviewed-on: https://skia-review.googlesource.com/34381
Reviewed-by: Brian Osman <brianosman@google.com>
Commit-Queue: Brian Osman <brianosman@google.com>
Will need guards for android (at least)
Bug: skia:
Change-Id: I2bb8e656997984489ef1f2e41cd3d301c4e7b947
Reviewed-on: https://skia-review.googlesource.com/26040
Reviewed-by: Mike Klein <mtklein@chromium.org>
Commit-Queue: Mike Reed <reed@google.com>
This reverts commit 742a3e298f.
Reason for revert: Breaking Android roll:
frameworks/base/core/jni/android/graphics/BitmapFactory.cpp:453:18: error: no member named 'fColorPtr' in 'SkAndroidCodec::AndroidOptions'
codecOptions.fColorPtr = colorPtr;
~~~~~~~~~~~~ ^
frameworks/base/core/jni/android/graphics/BitmapFactory.cpp:454:18: error: no member named 'fColorCount' in 'SkAndroidCodec::AndroidOptions'
codecOptions.fColorCount = colorCount;
~~~~~~~~~~~~ ^
Original change's description:
> Remove support for decoding to kIndex_8
>
> Fix up callsites, and remove tests that no longer make sense.
>
> Bug: skia:6828
> Change-Id: I2548c4b7528b7b1be7412563156f27b52c9d4295
> Reviewed-on: https://skia-review.googlesource.com/21664
> Reviewed-by: Derek Sollenberger <djsollen@google.com>
> Commit-Queue: Leon Scroggins <scroggo@google.com>
TBR=djsollen@google.com,scroggo@google.com
Change-Id: I1bc669441f250690884e75a9a61427fdf75c6907
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: skia:6828
Reviewed-on: https://skia-review.googlesource.com/22120
Reviewed-by: Leon Scroggins <scroggo@google.com>
Commit-Queue: Leon Scroggins <scroggo@google.com>
Fix up callsites, and remove tests that no longer make sense.
Bug: skia:6828
Change-Id: I2548c4b7528b7b1be7412563156f27b52c9d4295
Reviewed-on: https://skia-review.googlesource.com/21664
Reviewed-by: Derek Sollenberger <djsollen@google.com>
Commit-Queue: Leon Scroggins <scroggo@google.com>
Previously, SkGifCodec treated an error in the LZW data as incomplete,
since we can still draw the partially decoded image. But a client doing
incremental decodes needs to distinguish this from truly incomplete
data. In the case of an error, the client should not attempt to provide
more data and decode again.
Add kErrorInInput, and return it when SkGifCodec sees a fatal error.
Treat it the same as kIncompleteInput when it comes to filling and DM.
Bug: skia:6825
Change-Id: Ic6ce3a62c0b065ed34dcd8006309e43272a3db9f
Reviewed-on: https://skia-review.googlesource.com/21530
Commit-Queue: Leon Scroggins <scroggo@google.com>
Reviewed-by: Mike Reed <reed@google.com>
Reviewed-by: Chris Blume <cblume@chromium.org>
AFAICT none of our clients use this entry point and it is tangling up efforts to add a new parameter to the BlurImageFilter.
Change-Id: I494634db98a1d246854a5e3735380fbe55f425c2
Reviewed-on: https://skia-review.googlesource.com/20837
Reviewed-by: Mike Reed <reed@google.com>
Commit-Queue: Robert Phillips <robertphillips@google.com>
Realized that a pending CL needed to add (yet another) private type to SkRecords.h, but w/o this CL I'd be forced to move that header also into private. This change frees us up to not have transitive exposure for types that need to be recorded.
Bug: skia:
Change-Id: Id79f1c2e44ba85e063c1360cf96c92de6397ca2b
Reviewed-on: https://skia-review.googlesource.com/17031
Commit-Queue: Mike Reed <reed@google.com>
Reviewed-by: Mike Klein <mtklein@chromium.org>
Many tests and examples use drawText with
a guess of how long the text is in bytes,
or a call to strlen(). Add a helper to
SkCanvas to simplify these examples.
Add another helper for SkString.
R=reed@google.com
Change-Id: I0204a31e938f065606f08ee7cd9a6b36db791ee2
Reviewed-on: https://skia-review.googlesource.com/13642
Commit-Queue: Cary Clark <caryclark@google.com>
Reviewed-by: Cary Clark <caryclark@google.com>
Reviewed-by: Mike Reed <reed@google.com>
Reviewed-by: Cary Clark <caryclark@skia.org>
guarded by SK_SUPPORT_OBSOLETE_LOCKPIXELS
needs https://codereview.chromium.org/2820873002/# to land first
Bug: skia:6481
Change-Id: I1c39902cbf6fe99f622adfa8192733b95f7fea09
Change-Id: I1c39902cbf6fe99f622adfa8192733b95f7fea09
Reviewed-on: https://skia-review.googlesource.com/13580
Reviewed-by: Florin Malita <fmalita@chromium.org>
Reviewed-by: Leon Scroggins <scroggo@google.com>
Commit-Queue: Mike Reed <reed@google.com>
Fixes:
- create temp api for android to pass nullptr
- don't release and access sk_sp<SkData> at the same time in parameters
This reverts commit b14131c185.
Bug: skia:
Change-Id: Ic0e4f62520ba9f35455499ed30d306ad19d998a8
Reviewed-on: https://skia-review.googlesource.com/11129
Commit-Queue: Mike Reed <reed@google.com>
Reviewed-by: Matt Sarett <msarett@google.com>
This reverts commit 9920b10f52.
Reason for revert: trying to get details on w2k failure
https://chromium-swarm.appspot.com/task?id=354345d34ba3b310&refresh=10
Caught exception 3221225477 EXCEPTION_ACCESS_VIOLATION, was running:
unit test HugeBlurImageFilter
unit test FontNames
unit test Codec_PngRoundTrip
unit test ClampRange
unit test FontHost
unit test ColorMatrixFilter
f16 image scaled_codec_premul abnormal.wbmp
565 image brd_android_codec_divisor_0.167 interlaced3.png_0.167
unit test Codec_png
unit test ImageFilterBlurLargeImage
unit test FontObj
unit test DrawText
unit test GrShape
565 image brd_android_codec_divisor_0.333 interlaced2.png_0.333
unit test PathOpsOpCubicsThreaded
unit test PathOpsOpLoopsThreaded
unit test FontMgr
unit test ColorToHSVRoundTrip
unit test Image_Serialize_Encoding_Failure
Likely culprit:
unit test Image_Serialize_Encoding_Failure
step returned non-zero exit code: -1073741819
Original change's description:
> Revert[2] "clean up (partially) colortable api""
>
> This reverts commit 1d1165ca65.
>
> Bug: skia:
> Change-Id: Idbc0634ae3cec2e79f592d252de8751b077e6408
> Reviewed-on: https://skia-review.googlesource.com/11024
> Reviewed-by: Mike Reed <reed@google.com>
> Commit-Queue: Mike Reed <reed@google.com>
>
TBR=reed@google.com,reviews@skia.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Change-Id: Ia4e73434b083224baa36092c69526c2f59bb16aa
Reviewed-on: https://skia-review.googlesource.com/11025
Reviewed-by: Mike Reed <reed@google.com>
Commit-Queue: Mike Reed <reed@google.com>