blob: a06c41b1393a1f2d9231c04d37fe66d15def9ad8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
|
# Fuzzers for SurfaceFlinger
## Table of contents
+ [SurfaceFlinger](#SurfaceFlinger)
+ [DisplayHardware](#DisplayHardware)
+ [Scheduler](#Scheduler)
+ [Layer](#Layer)
+ [FrameTracer](#FrameTracer)
# <a name="SurfaceFlinger"></a> Fuzzer for SurfaceFlinger
SurfaceFlinger supports the following data sources:
1. Pixel Formats (parameter name: `defaultCompositionPixelFormat`)
2. Data Spaces (parameter name: `defaultCompositionDataspace`)
3. Rotations (parameter name: `internalDisplayOrientation`)
3. Surface composer tags (parameter name: `onTransact`)
You can find the possible values in the fuzzer's source code.
#### Steps to run
1. Build the fuzzer
```
$ mm -j$(nproc) surfaceflinger_fuzzer
```
2. To run on device
```
$ adb sync data
$ adb shell /data/fuzz/arm64/surfaceflinger_fuzzer/surfaceflinger_fuzzer
```
# <a name="DisplayHardware"></a> Fuzzer for DisplayHardware
DisplayHardware supports the following parameters:
1. Hal Capability (parameter name: `hasCapability`)
2. Hal BlendMode (parameter name: `setBlendMode`)
3. Hal Composition (parameter name: `setCompositionType`)
4. Hal Display Capability (parameter name: `hasDisplayCapability`)
5. Composition Types (parameter name: `prepareFrame`)
6. Color Modes (parameter name: `setActiveColorMode`)
7. Render Intents (parameter name: `setActiveColorMode`)
8. Power Modes (parameter name: `setPowerMode`)
9. Content Types (parameter name: `setContentType`)
10. Data Space (parameter name: `setDataspace`)
11. Transforms (parameter name: `setLayerTransform`)
You can find the possible values in the fuzzer's source code.
#### Steps to run
1. Build the fuzzer
```
$ mm -j$(nproc) surfaceflinger_displayhardware_fuzzer
```
2. Run on device
```
$ adb sync data
$ adb shell /data/fuzz/arm64/surfaceflinger_displayhardware_fuzzer/surfaceflinger_displayhardware_fuzzer
```
# <a name="Scheduler"></a> Fuzzer for Scheduler
Scheduler supports the following parameters:
1. VSync Periods (parameter name: `lowFpsPeriod`)
You can find the possible values in the fuzzer's source code.
#### Steps to run
1. Build the fuzzer
```
$ mm -j$(nproc) surfaceflinger_scheduler_fuzzer
```
2. To run on device
```
$ adb sync data
$ adb shell /data/fuzz/arm64/surfaceflinger_scheduler_fuzzer/surfaceflinger_scheduler_fuzzer
```
# <a name="Layer"></a> Fuzzer for Layer
Layer supports the following parameters:
1. Display Connection Types (parameter name: `fakeDisplay`)
2. State Sets (parameter name: `traverseInZOrder`)
3. Disconnect modes (parameter name: `disconnect`)
4. Data Spaces (parameter name: `setDataspace`)
You can find the possible values in the fuzzer's source code.
#### Steps to run
1. Build the fuzzer
```
$ mm -j$(nproc) surfaceflinger_layer_fuzzer
```
2. Run on device
```
$ adb sync data
$ adb shell /data/fuzz/arm64/surfaceflinger_layer_fuzzer/surfaceflinger_layer_fuzzer
```
# <a name="FrameTracer"></a> Fuzzer for FrameTracer
#### Steps to run
1. Build the fuzzer
```
$ mm -j$(nproc) surfaceflinger_frametracer_fuzzer
```
2. To run on device
```
$ adb sync data
$ adb shell /data/fuzz/arm64/surfaceflinger_frametracer_fuzzer/surfaceflinger_frametracer_fuzzer
```
|
