aboutsummaryrefslogtreecommitdiffhomepage
path: root/fuzz
Commit message (Collapse)AuthorAge
* Make fuzz broadcast when it terminates via return.Gravatar kjlubick2016-02-01
| | | | | | | | | | | This helps analysis figure out things like timeouts and unexpected, uncaught exits. TBR=mtkelin@google.com BUG=skia:4438 GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1657743002 Review URL: https://codereview.chromium.org/1657743002
* Make fuzz output the words success for a 'clean exit'Gravatar kjlubick2016-01-27
| | | | | | | | | | | The analysis looks for "Success" to determine if the fuzz should be considered a clean exit or not. It classifies clean exists as "grey" fuzzes, i.e. fixed. TBR=mtklein@google.com BUG=skia:4438 GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1646603002 Review URL: https://codereview.chromium.org/1646603002
* Change name from ScaleToSides to SkScaleToSides.Gravatar herb2016-01-22
| | | | | | | BUG=skia: GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1618283004 Review URL: https://codereview.chromium.org/1618283004
* Fix bounds of checking if a radii are too long for a side.Gravatar herb2016-01-22
| | | | | | | BUG=skia:4692,skia:4413 GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1617763003 Review URL: https://codereview.chromium.org/1617763003
* Demo fuzz for HerbGravatar mtklein2016-01-21
| | | | | | | BUG=skia:4692 GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1611293002 Review URL: https://codereview.chromium.org/1611293002
* fuzz: list API fuzzing options if -t api and -n matches nothing.Gravatar mtklein2016-01-21
| | | | | | | | | | | Today we segfault if --name is empty. This fixes that too. This updates some terms: -t api lets us fuzz an API. BUG=skia: GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1617713003 Review URL: https://codereview.chromium.org/1617713003
* Seperating our fuzzing binary from DM produces a 50x speed increase for ↵Gravatar kjlubick2016-01-21
| | | | | | | | | | | decoding images and a 10x speed increase in decoding/rendering Skps. This also lets us differentiate between the decoding of Skps and the rendering of them, the latter of which may be more interesting for bugs. BUG=skia:4800 GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1591073002 Review URL: https://codereview.chromium.org/1591073002
* If we pass no bytes, use the fuzz binary itself.Gravatar mtklein2016-01-15
| | | | | | | | | This is mostly for convenient local testing. BUG=skia: GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1587043009 Review URL: https://codereview.chromium.org/1587043009
* Restore creature comforts to fuzz binaryGravatar mtklein2016-01-15
| | | | | | | | | | The hack to remove these niceties didn't seem to make a difference in my fuzz/s, so we might as well keep them. BUG=skia: GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1589493006 Review URL: https://codereview.chromium.org/1589493006
* fuzz: signalBug() / signalBoring()Gravatar mtklein2016-01-15
| | | | | | | | | | | | | | | Instead of a single ASSERT macro, this switches to two new methods: - signalBug(): tell afl-fuzz there's a bug caused by its inputs (by crashing) - signalBoring(): tell afl-fuzz these inputs are not worth testing (by exiting gracefully) I'm not seeing any effect on fuzz/s when I just always log verbosely. signalBug() now triggers SIGSEGV rather than SIGABRT. This should make it work with catchsegv more easily. BUG=skia: GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1585353002 Review URL: https://codereview.chromium.org/1585353002
* some fuzz hackingGravatar mtklein2016-01-14
| | | | | | | | | | | | | | | | | | | | | | | | | Try to start faster: - remove flags dependency - print nothing - strip unused symbols from the binary on Mac (smaller binary) - only create one fuzz object - only run one DEF_FUZZ I am not sure if any of these things mattered, but I thought you may like to look. Good stuff: - make nextU() / nextF() work - drop nextURange() / nextFRange() for now - add nextB() for a single byte As you may have guessed, I have figured out how to use afl-fuzz on my laptop. Syntax to run becomes: $ afl-fuzz ... out/Release/fuzz <DEF_FUZZ name> @@ BUG=skia: GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1581203003 Review URL: https://codereview.chromium.org/1581203003
* Add new fuzz binary.Gravatar mtklein2016-01-13
This is designed to have short startup time, for maximum fuzzing throughput. BUG=skia: GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1589563002 Review URL: https://codereview.chromium.org/1589563002