Flutter Engine
The Flutter Engine
Functions
FuzzSkRuntimeBlender.cpp File Reference
#include "fuzz/Fuzz.h"
#include "fuzz/FuzzCommon.h"
#include "include/core/SkCanvas.h"
#include "include/core/SkPaint.h"
#include "include/core/SkShader.h"
#include "include/core/SkSurface.h"
#include "include/effects/SkRuntimeEffect.h"
#include "include/private/base/SkTArray.h"
#include "src/gpu/ganesh/GrShaderCaps.h"

Go to the source code of this file.

Functions

static bool FuzzSkRuntimeBlender_Once (const SkString &shaderText, const SkRuntimeEffect::Options &options)
 
bool FuzzSkRuntimeBlender (const uint8_t *data, size_t size)
 

Function Documentation

◆ FuzzSkRuntimeBlender()

bool FuzzSkRuntimeBlender ( const uint8_t *  data,
size_t  size 
)

Definition at line 59 of file FuzzSkRuntimeBlender.cpp.

59 {
60 // Test once with optimization disabled...
61 SkString shaderText{reinterpret_cast<const char*>(data), size};
62 SkRuntimeEffect::Options options;
63 options.forceUnoptimized = true;
64 bool result = FuzzSkRuntimeBlender_Once(shaderText, options);
65
66 // ... and then with optimization enabled.
67 options.forceUnoptimized = false;
68 result = FuzzSkRuntimeBlender_Once(shaderText, options) || result;
69
70 return result;
71}
options
const char * options
Definition: CommonFlagsConfig.cpp:43
FuzzSkRuntimeBlender_Once
static bool FuzzSkRuntimeBlender_Once(const SkString &shaderText, const SkRuntimeEffect::Options &options)
Definition: FuzzSkRuntimeBlender.cpp:30
result
GAsyncResult * result
Definition: fl_text_input_plugin.cc:106
flutter::size
it will be possible to load the file into Perfetto s trace viewer disable asset Prevents usage of any non test fonts unless they were explicitly Loaded via prefetched default font Indicates whether the embedding started a prefetch of the default font manager before creating the engine run In non interactive keep the shell running after the Dart script has completed enable serial On low power devices with low core running concurrent GC tasks on threads can cause them to contend with the UI thread which could potentially lead to jank This option turns off all concurrent GC activities domain network JSON encoded network policy per domain This overrides the DisallowInsecureConnections switch Embedder can specify whether to allow or disallow insecure connections at a domain level old gen heap size
Definition: switches.h:259
data
std::shared_ptr< const fml::Mapping > data
Definition: texture_gles.cc:63

◆ FuzzSkRuntimeBlender_Once()

static bool FuzzSkRuntimeBlender_Once ( const SkString shaderText,
const SkRuntimeEffect::Options options 
)
static

The fuzzer treats the input bytes as an SkSL blend program. The requested number of uniforms and children are automatically synthesized to match the program's needs.

We fuzz twice, with two different settings for inlining in the SkSL compiler. By default, the compiler inlines most small to medium functions. This can hide bugs related to function-calling. So we run the fuzzer once with inlining disabled, and again with it enabled. This gives us better coverage, and eases the burden on the fuzzer to inject useless noise into functions to suppress inlining.

Definition at line 30 of file FuzzSkRuntimeBlender.cpp.

31 {
32 SkRuntimeEffect::Result result = SkRuntimeEffect::MakeForBlender(shaderText, options);
33 SkRuntimeEffect* effect = result.effect.get();
34 if (!effect) {
35 return false;
36 }
37
38 sk_sp<SkData> uniformBytes;
39 TArray<SkRuntimeEffect::ChildPtr> children;
40 FuzzCreateValidInputsForRuntimeEffect(effect, uniformBytes, children);
41
42 sk_sp<SkBlender> blender = effect->makeBlender(uniformBytes, SkSpan(children));
43 if (!blender) {
44 return false;
45 }
46 SkPaint paint;
47 paint.setColor(SK_ColorRED);
48 paint.setBlender(std::move(blender));
49
50 sk_sp<SkSurface> s = SkSurfaces::Raster(SkImageInfo::MakeN32Premul(4, 4));
51 if (!s) {
52 return false;
53 }
54 s->getCanvas()->drawPaint(paint);
55
56 return true;
57}
FuzzCreateValidInputsForRuntimeEffect
void FuzzCreateValidInputsForRuntimeEffect(SkRuntimeEffect *effect, sk_sp< SkData > &uniformBytes, TArray< SkRuntimeEffect::ChildPtr > &children)
Definition: FuzzCommon.cpp:352
SK_ColorRED
constexpr SkColor SK_ColorRED
Definition: SkColor.h:126
SkSpan
SkSpan(Container &&) -> SkSpan< std::remove_pointer_t< decltype(std::data(std::declval< Container >()))> >
SkRuntimeEffect::makeBlender
sk_sp< SkBlender > makeBlender(sk_sp< const SkData > uniforms, SkSpan< const ChildPtr > children={}) const
Definition: SkRuntimeEffect.cpp:885
SkRuntimeEffect::MakeForBlender
static Result MakeForBlender(SkString sksl, const Options &)
Definition: SkRuntimeEffect.cpp:672
sk_sp< SkData >
skia_private::TArray
Definition: SkTArray.h:40
paint
const Paint & paint
Definition: color_source.cc:38
s
struct MyStruct s
SkSurfaces::Raster
SK_API sk_sp< SkSurface > Raster(const SkImageInfo &imageInfo, size_t rowBytes, const SkSurfaceProps *surfaceProps)
Definition: SkSurface_Raster.cpp:186
SkImageInfo::MakeN32Premul
static SkImageInfo MakeN32Premul(int width, int height)
Definition: SkImageInfo.cpp:157
Generated on Sun Jun 23 2024 21:57:08 for Flutter Engine by doxygen 1.9.4