From 416b248312efe7556f980d390254df8503bbbad7 Mon Sep 17 00:00:00 2001 From: Kevin Lubick Date: Thu, 10 Nov 2016 16:17:49 -0500 Subject: Avoid platform-dependent function params in Fuzzer We use this approach instead of T next() because different compilers evaluate function parameters in different orders. If fuzz->next() returned 5 and then 7, foo(fuzz->next(), fuzz->next()) would be foo(5, 7) when compiled on GCC and foo(7, 5) when compiled on Clang. By requiring params to be passed in, we avoid the temptation to call next() in a way that does not consume fuzzed bytes in a single platform-independent order. BUG=skia: GOLD_TRYBOT_URL= https://gold.skia.org/search?issue=4392 Change-Id: I35de849f82e8be45378f662a48100eb732fa8895 Reviewed-on: https://skia-review.googlesource.com/4392 Reviewed-by: Mike Klein Commit-Queue: Kevin Lubick --- fuzz/FuzzGradients.cpp | 74 ++++++++++++++++++++++++++++++-------------------- 1 file changed, 44 insertions(+), 30 deletions(-) (limited to 'fuzz/FuzzGradients.cpp') diff --git a/fuzz/FuzzGradients.cpp b/fuzz/FuzzGradients.cpp index df36c7ce8f..90d4066a80 100644 --- a/fuzz/FuzzGradients.cpp +++ b/fuzz/FuzzGradients.cpp @@ -17,22 +17,30 @@ const int MAX_COUNT = 400; void makeMatrix(Fuzz* fuzz, SkMatrix* m) { - m->setAll(fuzz->next(), fuzz->next(), fuzz->next(), - fuzz->next(), fuzz->next(), fuzz->next(), - fuzz->next(), fuzz->next(), fuzz->next()); + SkScalar mat[9]; + fuzz->nextN(mat, 9); + m->set9(mat); } void initGradientParams(Fuzz* fuzz, std::vector* colors, std::vector* pos, SkShader::TileMode* mode) { - int count = fuzz->nextRange(0, MAX_COUNT); + int count; + fuzz->nextRange(&count, 0, MAX_COUNT); - *mode = static_cast(fuzz->nextRange(0, 2)); + // Use a uint8_t to conserve bytes. This makes our "fuzzed bytes footprint" + // smaller, which leads to more efficient fuzzing. + uint8_t m; + fuzz->nextRange(&m, 0, 2); + *mode = static_cast(m); colors->clear(); pos ->clear(); for (int i = 0; i < count; i++) { - colors->push_back(fuzz->next()); - pos ->push_back(fuzz->next()); + SkColor c; + SkScalar s; + fuzz->next(&c, &s); + colors->push_back(c); + pos ->push_back(s); } if (count) { std::sort(pos->begin(), pos->end()); @@ -43,10 +51,10 @@ void initGradientParams(Fuzz* fuzz, std::vector* colors, } void fuzzLinearGradient(Fuzz* fuzz) { - SkPoint pts[2] = {SkPoint::Make(fuzz->next(), fuzz->next()), - SkPoint::Make(fuzz->next(), fuzz->next())}; - bool useLocalMatrix = fuzz->next(); - bool useGlobalMatrix = fuzz->next(); + SkPoint pts[2]; + fuzz->next(&pts[0].fX, &pts[0].fY, &pts[1].fX, &pts[1].fY); + bool useLocalMatrix, useGlobalMatrix; + fuzz->next(&useLocalMatrix, &useGlobalMatrix); std::vector colors; std::vector pos; @@ -54,7 +62,8 @@ void fuzzLinearGradient(Fuzz* fuzz) { initGradientParams(fuzz, &colors, &pos, &mode); SkPaint p; - uint32_t flags = fuzz->next(); + uint32_t flags; + fuzz->next(&flags); SkTLazy localMatrix; if (useLocalMatrix) { @@ -76,10 +85,11 @@ void fuzzLinearGradient(Fuzz* fuzz) { } void fuzzRadialGradient(Fuzz* fuzz) { - SkPoint center = SkPoint::Make(fuzz->next(), fuzz->next()); - SkScalar radius = fuzz->next(); - bool useLocalMatrix = fuzz->next(); - bool useGlobalMatrix = fuzz->next(); + SkPoint center; + fuzz->next(¢er.fX, ¢er.fY); + SkScalar radius; + bool useLocalMatrix, useGlobalMatrix; + fuzz->next(&radius, &useLocalMatrix, &useGlobalMatrix); std::vector colors; @@ -88,7 +98,8 @@ void fuzzRadialGradient(Fuzz* fuzz) { initGradientParams(fuzz, &colors, &pos, &mode); SkPaint p; - uint32_t flags = fuzz->next(); + uint32_t flags; + fuzz->next(&flags); SkTLazy localMatrix; if (useLocalMatrix) { @@ -111,12 +122,13 @@ void fuzzRadialGradient(Fuzz* fuzz) { } void fuzzTwoPointConicalGradient(Fuzz* fuzz) { - SkPoint start = SkPoint::Make(fuzz->next(), fuzz->next()); - SkPoint end = SkPoint::Make(fuzz->next(), fuzz->next()); - SkScalar startRadius = fuzz->next(); - SkScalar endRadius = fuzz->next(); - bool useLocalMatrix = fuzz->next(); - bool useGlobalMatrix = fuzz->next(); + SkPoint start; + fuzz->next(&start.fX, &start.fY); + SkPoint end; + fuzz->next(&end.fX, &end.fY); + SkScalar startRadius, endRadius; + bool useLocalMatrix, useGlobalMatrix; + fuzz->next(&startRadius, &endRadius, &useLocalMatrix, &useGlobalMatrix); std::vector colors; std::vector pos; @@ -124,7 +136,8 @@ void fuzzTwoPointConicalGradient(Fuzz* fuzz) { initGradientParams(fuzz, &colors, &pos, &mode); SkPaint p; - uint32_t flags = fuzz->next(); + uint32_t flags; + fuzz->next(&flags); SkTLazy localMatrix; if (useLocalMatrix) { @@ -147,10 +160,9 @@ void fuzzTwoPointConicalGradient(Fuzz* fuzz) { } void fuzzSweepGradient(Fuzz* fuzz) { - SkScalar cx = fuzz->next(); - SkScalar cy = fuzz->next(); - bool useLocalMatrix = fuzz->next(); - bool useGlobalMatrix = fuzz->next(); + SkScalar cx, cy; + bool useLocalMatrix, useGlobalMatrix; + fuzz->next(&cx, &cy, &useLocalMatrix, &useGlobalMatrix); std::vector colors; std::vector pos; @@ -161,7 +173,8 @@ void fuzzSweepGradient(Fuzz* fuzz) { if (useLocalMatrix) { SkMatrix m; makeMatrix(fuzz, &m); - uint32_t flags = fuzz->next(); + uint32_t flags; + fuzz->next(&flags); p.setShader(SkGradientShader::MakeSweep(cx, cy, colors.data(), pos.data(), colors.size(), flags, &m)); @@ -183,7 +196,8 @@ void fuzzSweepGradient(Fuzz* fuzz) { } DEF_FUZZ(Gradients, fuzz) { - uint8_t i = fuzz->next(); + uint8_t i; + fuzz->next(&i); switch(i) { case 0: -- cgit v1.2.3