skia2

Author	SHA1	Message	Date
mtklein	e1fce93f36	Remove FuzzPaeth now that we have some real Fuzzes. BUG=skia: GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1711753002 Review URL: https://codereview.chromium.org/1711753002	2016-02-18 06:58:13 -08:00
kjlubick	5bd98a244b	Create ParsePath API fuzz This is based on https://codereview.chromium.org/1675053002 BUG=skia:4438 GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1702383003 Review URL: https://codereview.chromium.org/1702383003	2016-02-18 06:27:39 -08:00
kjlubick	2a42f48b58	Add ability to fuzz images using scaling and different modes This also fixes the tryAllocPixels/SkColorTable mismatch which was causing the "Image might be too large (32 x 32)" problems. BUG=skia:4952 GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1698963003 Review URL: https://codereview.chromium.org/1698963003	2016-02-16 16:14:23 -08:00
kjlubick	47d158eb3c	Make fuzz broadcast when it terminates via return. This helps analysis figure out things like timeouts and unexpected, uncaught exits. TBR=mtkelin@google.com BUG=skia:4438 GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1657743002 Review URL: https://codereview.chromium.org/1657743002	2016-02-01 08:23:50 -08:00
kjlubick	2b6aa21817	Make fuzz output the words success for a 'clean exit' The analysis looks for "Success" to determine if the fuzz should be considered a clean exit or not. It classifies clean exists as "grey" fuzzes, i.e. fixed. TBR=mtklein@google.com BUG=skia:4438 GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1646603002 Review URL: https://codereview.chromium.org/1646603002	2016-01-27 11:34:36 -08:00
herb	97293c6ce7	Change name from ScaleToSides to SkScaleToSides. BUG=skia: GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1618283004 Review URL: https://codereview.chromium.org/1618283004	2016-01-22 11:58:55 -08:00
herb	5e0883cf57	Fix bounds of checking if a radii are too long for a side. BUG=skia:4692,skia:4413 GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1617763003 Review URL: https://codereview.chromium.org/1617763003	2016-01-22 08:34:35 -08:00
mtklein	26379ca002	Demo fuzz for Herb BUG=skia:4692 GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1611293002 Review URL: https://codereview.chromium.org/1611293002	2016-01-21 09:25:33 -08:00
mtklein	d4387ea993	fuzz: list API fuzzing options if -t api and -n matches nothing. Today we segfault if --name is empty. This fixes that too. This updates some terms: -t api lets us fuzz an API. BUG=skia: GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1617713003 Review URL: https://codereview.chromium.org/1617713003	2016-01-21 06:13:52 -08:00
kjlubick	dba5734409	Seperating our fuzzing binary from DM produces a 50x speed increase for decoding images and a 10x speed increase in decoding/rendering Skps. This also lets us differentiate between the decoding of Skps and the rendering of them, the latter of which may be more interesting for bugs. BUG=skia:4800 GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1591073002 Review URL: https://codereview.chromium.org/1591073002	2016-01-21 05:03:28 -08:00
mtklein	d0b823479a	If we pass no bytes, use the fuzz binary itself. This is mostly for convenient local testing. BUG=skia: GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1587043009 Review URL: https://codereview.chromium.org/1587043009	2016-01-15 07:56:20 -08:00
mtklein	f5e9782bde	Restore creature comforts to fuzz binary The hack to remove these niceties didn't seem to make a difference in my fuzz/s, so we might as well keep them. BUG=skia: GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1589493006 Review URL: https://codereview.chromium.org/1589493006	2016-01-15 06:19:53 -08:00
mtklein	a115942ed6	fuzz: signalBug() / signalBoring() Instead of a single ASSERT macro, this switches to two new methods: - signalBug(): tell afl-fuzz there's a bug caused by its inputs (by crashing) - signalBoring(): tell afl-fuzz these inputs are not worth testing (by exiting gracefully) I'm not seeing any effect on fuzz/s when I just always log verbosely. signalBug() now triggers SIGSEGV rather than SIGABRT. This should make it work with catchsegv more easily. BUG=skia: GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1585353002 Review URL: https://codereview.chromium.org/1585353002	2016-01-15 05:46:54 -08:00
mtklein	24a22c7de8	some fuzz hacking Try to start faster: - remove flags dependency - print nothing - strip unused symbols from the binary on Mac (smaller binary) - only create one fuzz object - only run one DEF_FUZZ I am not sure if any of these things mattered, but I thought you may like to look. Good stuff: - make nextU() / nextF() work - drop nextURange() / nextFRange() for now - add nextB() for a single byte As you may have guessed, I have figured out how to use afl-fuzz on my laptop. Syntax to run becomes: $ afl-fuzz ... out/Release/fuzz <DEF_FUZZ name> @@ BUG=skia: GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1581203003 Review URL: https://codereview.chromium.org/1581203003	2016-01-14 04:59:42 -08:00
mtklein	65e5824d3a	Add new fuzz binary. This is designed to have short startup time, for maximum fuzzing throughput. BUG=skia: GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1589563002 Review URL: https://codereview.chromium.org/1589563002	2016-01-13 12:57:58 -08:00

15 Commits