Skia can now build if we mark drawPosText as private,
Will hide/remove next (after Chrome CL)
Bug: skia:
Change-Id: I156560b025c119af302545bb5bd60678f7b8e8f7
Reviewed-on: https://skia-review.googlesource.com/c/179985
Reviewed-by: Mike Reed <reed@google.com>
Commit-Queue: Mike Reed <reed@google.com>
Auto-Submit: Mike Reed <reed@google.com>
Bug: oss-fuzz:11491, oss-fuzz:11514 and others
Change-Id: I60f05b889a73749ddcde7cf2bf3beabab33b0538
Reviewed-on: https://skia-review.googlesource.com/c/178180
Commit-Queue: Kevin Lubick <kjlubick@google.com>
Commit-Queue: Mike Klein <mtklein@google.com>
Reviewed-by: Mike Klein <mtklein@google.com>
Auto-Submit: Kevin Lubick <kjlubick@google.com>
This should make reproducing certain fuzzes easier between oss-fuzz
and a typical dev's desktop.
This was the most straight-forward way I could think of to
accomplish this. An ideal solution would "compile" a set of
fonts that was not the test set and embed it, but I lack the
domain knowledge to craft such a set.
If this method works ok, we can explore making the font set
more robust and varied.
Bug: 818769
Change-Id: I03eb2bc316caf7aec3ffa88e59ff29d76c8557ec
Reviewed-on: https://skia-review.googlesource.com/c/177800
Commit-Queue: Kevin Lubick <kjlubick@google.com>
Reviewed-by: Ben Wagner <bungeman@google.com>
Chrome added a public method to validate SkPathRef,
but always called it when validating SkPath. We did too.
Remove the SkPathRef entry point, validate SkPathRef
when validating SkPath, and remove Skia's callers.
(Chrome has already been fixed.)
TBR=reed@google.comR=fmalita@chromium.org
Bug:913930
Change-Id: I0828b00b42cc1f031b4216ddeace50f80aa21e62
Reviewed-on: https://skia-review.googlesource.com/c/177065
Commit-Queue: Cary Clark <caryclark@skia.org>
Auto-Submit: Cary Clark <caryclark@skia.org>
Reviewed-by: Florin Malita <fmalita@chromium.org>
Change-Id: I3fd20d2b69d5c3b4b7163c239d65185ce9099c41
Reviewed-on: https://skia-review.googlesource.com/c/171783
Commit-Queue: Hal Canary <halcanary@google.com>
Commit-Queue: Kevin Lubick <kjlubick@google.com>
Auto-Submit: Hal Canary <halcanary@google.com>
Reviewed-by: Kevin Lubick <kjlubick@google.com>
Doesn't look like we need to distinguish these if we just
write them as the simple
1) load the right number of bytes
2) clamp to [min,max]
This makes enum fuzzing independent of its underlying type, and may make
it easier to see the mapping from fuzzed byte stream to
nextRange()/nextEnum() values.
Change-Id: I9f785f94f513a0087ad7151b5e7bc14ddbe9314a
Reviewed-on: https://skia-review.googlesource.com/c/171820
Commit-Queue: Mike Klein <mtklein@google.com>
Commit-Queue: Kevin Lubick <kjlubick@google.com>
Auto-Submit: Mike Klein <mtklein@google.com>
Reviewed-by: Kevin Lubick <kjlubick@google.com>
This reverts commit 6bd19df9fa.
Restores original CL, but adds guards for flutter.
Bug: skia:
Change-Id: I380b4ea87d293355026d734249aa2b8c397da144
Reviewed-on: https://skia-review.googlesource.com/c/169345
Reviewed-by: Florin Malita <fmalita@chromium.org>
Commit-Queue: Mike Reed <reed@google.com>
Auto-Submit: Mike Reed <reed@google.com>
I think this originally was done due to int / unsigned
differences between Linux in Windows. In hindsight, that
was short-sighted.
Bug: oss-fuzz:11281,oss-fuzz:11282,oss-fuzz:11283
Change-Id: I06e38cb663f84278f479eb7fee3118c1068eeaa8
Reviewed-on: https://skia-review.googlesource.com/c/169244
Reviewed-by: Mike Klein <mtklein@google.com>
Commit-Queue: Kevin Lubick <kjlubick@google.com>
Bug: skia:5679
Change-Id: I8658099707aab34b047d697b011e741da9019091
Reviewed-on: https://skia-review.googlesource.com/c/165525
Reviewed-by: Michael Ludwig <michaelludwig@google.com>
Commit-Queue: Brian Salomon <bsalomon@google.com>
This will hopefully be more interesting logic.
Bug: skia:
Change-Id: I8aa6ab3d66ece4a6c1042701e1aae06d96247f32
Reviewed-on: https://skia-review.googlesource.com/c/164600
Reviewed-by: Cary Clark <caryclark@google.com>
Commit-Queue: Kevin Lubick <kjlubick@google.com>
Make FuzzEnum always use uint32_t to make it consistent
(we were seeing some Windows setups have underlying type return
int and not unsigned int that we saw on Linux)
Bug: 897455
Change-Id: Ia8c97e59bb498d959a9a30abcb61731f4bd145cf
Reviewed-on: https://skia-review.googlesource.com/c/164240
Reviewed-by: Cary Clark <caryclark@google.com>
Commit-Queue: Kevin Lubick <kjlubick@google.com>
Fuzz SkAndroidCodec to help to catch errors in both incrementalDecode
and scanlineDecode. Try a variety of sample sizes, but cap it at 64.
Though sometimes larger sample sizes are used, the lower ones tend to
more common. Also draw the resulting bitmap to verify that we
initialized all pixels.
Independently test incrementalDecode to ensure that it initializes
rowsDecoded.
Change-Id: I20d8a408cd280262fdc62f902a6f04f0f57f5ad2
Reviewed-on: https://skia-review.googlesource.com/c/162025
Commit-Queue: Kevin Lubick <kjlubick@google.com>
Auto-Submit: Leon Scroggins <scroggo@google.com>
Reviewed-by: Kevin Lubick <kjlubick@google.com>
This CL renames FuzzPath() to FuzzNicePath() to remind us that it's
meant to create paths that a user could reasonably want to create
in good faith, to pass to Skia via its API, etc.
Then, add fuzz_nice_rect(), and have FuzzNicePath() use that to create
its rectangles and use FuzzNiceMatrix() to create its matrices, just
like we already use FuzzNiceRRect() to create rounded rectangles and
FuzzNicePath() itself to create sub-paths.
Using fuzz_nice_rect() should be the fix for the attached bug.
Using FuzzNiceMatrix() is by analogy, more preemptive.
While we're at it, rename BuildPath to FuzzEvilPath, so the contrast
with FuzzNicePath is more clear.
Update the assertions that we create a valid path in FuzzNicePath()
to tell us where things went wrong if they do.
Bug: oss-fuzz:10667, skia:8384
Change-Id: I6d802182a62815cd969c65cf0479609f64b1da55
Reviewed-on: https://skia-review.googlesource.com/156840
Reviewed-by: Kevin Lubick <kjlubick@google.com>
Commit-Queue: Kevin Lubick <kjlubick@google.com>
Auto-Submit: Mike Klein <mtklein@google.com>
This will point out if something's gone screwy earlier in Debug builds.
Bug: oss-fuzz:10488
Change-Id: Ib091ada75344140bbe2932e5c2f1e2257f05019b
Reviewed-on: https://skia-review.googlesource.com/156660
Auto-Submit: Mike Klein <mtklein@google.com>
Reviewed-by: Kevin Lubick <kjlubick@google.com>
Commit-Queue: Mike Klein <mtklein@google.com>
As far as I can tell, the attached bugs are self-inflicted wounds.
Bug: skia:8383, oss-fuzz:10378
Change-Id: Ie0bee292982d9e56193b90c04fef5e43bb2e36d4
Reviewed-on: https://skia-review.googlesource.com/156249
Commit-Queue: Mike Klein <mtklein@google.com>
Reviewed-by: Kevin Lubick <kjlubick@google.com>
Nothing's using it except test tools.
I'd like to make that a bit clearer by getting it out of src.
Disabled the fuzzer.
Removed the bench so Android's building nanobench doesn't block this.
Bug: chromium:886713
Change-Id: I761f52c40171c27ff4b699409b32647e84684ec3
Reviewed-on: https://skia-review.googlesource.com/156240
Commit-Queue: Mike Klein <mtklein@google.com>
Reviewed-by: Kevin Lubick <kjlubick@google.com>
Some oss-fuzz bugs (like the linked one) would not reproduce
in Skia proper due to the fact that there were subtle overloads
of the various Fuzz::next() methods in FuzzCanvas.cpp that
were pulled in in Skia proper, but not oss-fuzz.
This puts all of them in to FuzzCommon.h and makes the
matrix and rrect ones opt-in (fuzz_matrix, fuzz_rrect).
Additionally, this renames fuzz.cpp -> FuzzMain.cpp so we
can properly include Fuzz.cpp in oss-fuzz without
having two mains.
Bug: oss-fuzz:10378
Change-Id: I6cf9afb471781b9fadb689482109a1e5662358b5
Reviewed-on: https://skia-review.googlesource.com/154900
Commit-Queue: Kevin Lubick <kjlubick@google.com>
Reviewed-by: Robert Phillips <robertphillips@google.com>
Bug: skia:
Change-Id: I0ca1f3b60d05ce02d1e53bb8b989c9dc1babddd1
Reviewed-on: https://skia-review.googlesource.com/150915
Reviewed-by: Robert Phillips <robertphillips@google.com>
Commit-Queue: Jim Van Verth <jvanverth@google.com>