rk3588-game
/
android13
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
android13/frameworks/native/services/surfaceflinger/fuzzer
History
liiir1985 7f62dcda9f initial 2024-06-22 20:45:49 +08:00
..
Android.bp initial 2024-06-22 20:45:49 +08:00
README.md initial 2024-06-22 20:45:49 +08:00
surfaceflinger_displayhardware_fuzzer.cpp initial 2024-06-22 20:45:49 +08:00
surfaceflinger_displayhardware_fuzzer_utils.h initial 2024-06-22 20:45:49 +08:00
surfaceflinger_fuzzer.cpp initial 2024-06-22 20:45:49 +08:00
surfaceflinger_fuzzers_utils.h initial 2024-06-22 20:45:49 +08:00
surfaceflinger_layer_fuzzer.cpp initial 2024-06-22 20:45:49 +08:00
surfaceflinger_scheduler_fuzzer.cpp initial 2024-06-22 20:45:49 +08:00
surfaceflinger_scheduler_fuzzer.h initial 2024-06-22 20:45:49 +08:00

README.md

Fuzzers for SurfaceFlinger

Table of contents

Fuzzer for SurfaceFlinger

SurfaceFlinger supports the following data sources:

  1. Pixel Formats (parameter name: defaultCompositionPixelFormat)
  2. Data Spaces (parameter name: defaultCompositionDataspace)
  3. Rotations (parameter name: internalDisplayOrientation)
  4. Surface composer tags (parameter name: onTransact)

You can find the possible values in the fuzzer's source code.

Steps to run

  1. Build the fuzzer
  $ mm -j$(nproc) surfaceflinger_fuzzer
  1. To run on device
  $ adb sync data
  $ adb shell /data/fuzz/arm64/surfaceflinger_fuzzer/surfaceflinger_fuzzer

Fuzzer for DisplayHardware

DisplayHardware supports the following parameters:

  1. Hal Capability (parameter name: hasCapability)
  2. Hal BlendMode (parameter name: setBlendMode)
  3. Hal Composition (parameter name: setCompositionType)
  4. Hal Display Capability (parameter name: hasDisplayCapability)
  5. Composition Types (parameter name: prepareFrame)
  6. Color Modes (parameter name: setActiveColorMode)
  7. Render Intents (parameter name: setActiveColorMode)
  8. Power Modes (parameter name: setPowerMode)
  9. Content Types (parameter name: setContentType)
  10. Data Space (parameter name: setDataspace)
  11. Transforms (parameter name: setLayerTransform)

You can find the possible values in the fuzzer's source code.

Steps to run

  1. Build the fuzzer
  $ mm -j$(nproc) surfaceflinger_displayhardware_fuzzer
  1. Run on device
  $ adb sync data
  $ adb shell /data/fuzz/arm64/surfaceflinger_displayhardware_fuzzer/surfaceflinger_displayhardware_fuzzer

Fuzzer for Scheduler

Scheduler supports the following parameters:

  1. VSync Periods (parameter name: lowFpsPeriod)

You can find the possible values in the fuzzer's source code.

Steps to run

  1. Build the fuzzer
  $ mm -j$(nproc) surfaceflinger_scheduler_fuzzer
  1. To run on device
  $ adb sync data
  $ adb shell /data/fuzz/arm64/surfaceflinger_scheduler_fuzzer/surfaceflinger_scheduler_fuzzer

Fuzzer for Layer

Layer supports the following parameters:

  1. Display Connection Types (parameter name: fakeDisplay)
  2. State Sets (parameter name: traverseInZOrder)
  3. State Subsets (parameter name: prepareCompositionState)
  4. Disconnect modes (parameter name: disconnect)
  5. Data Spaces (parameter name: setDataspace)

You can find the possible values in the fuzzer's source code.

Steps to run

  1. Build the fuzzer
  $ mm -j$(nproc) surfaceflinger_layer_fuzzer
  1. Run on device
  $ adb sync data
  $ adb shell /data/fuzz/arm64/surfaceflinger_layer_fuzzer/surfaceflinger_layer_fuzzer