Merge "Updated camera_service_fuzzer"

    size_t mPreviewBufferCount = 0;

    bool mAutoFocusMessage = false;

    bool mSnapshotNotification = false;

    bool mRecordingNotification = false;

    mutable Mutex mPreviewLock;

    mutable Condition mPreviewCondition;

    mutable Mutex mAutoFocusLock;

    mutable Condition mAutoFocusCondition;

    mutable Mutex mSnapshotLock;

    mutable Condition mSnapshotCondition;

    mutable Mutex mRecordingLock;

    mutable Condition mRecordingCondition;

    void getNumCameras();

    void getCameraInformation(int32_t cameraId);

            Mutex::Autolock l(mPreviewLock);

            ++mPreviewBufferCount;

            mPreviewCondition.broadcast();

            mRecordingNotification = true;

            mRecordingCondition.broadcast();

            break;

        }

        case CAMERA_MSG_COMPRESSED_IMAGE: {

}

void CameraFuzzer::invokeCameraAPIs() {

    for (int32_t cameraId = 0; cameraId < mNumCameras; ++cameraId) {

    /** In order to avoid the timeout issue caused due to multiple iteration of loops, the 'for'

     * loops are removed and the 'cameraId', 'pictureSize' and 'videoSize' are derived using the

     * FuzzedDataProvider from the available cameras and vectors of 'pictureSizes' and 'videoSizes'

     */

    int32_t cameraId = mFuzzedDataProvider->ConsumeIntegralInRange<int32_t>(0, mNumCameras - 1);

    getCameraInformation(cameraId);

    invokeTorchAPIs(cameraId);

    sp<ICamera> cameraDevice;

    rc = mCameraService->connect(this, cameraId, String16(),

                android::CameraService::USE_CALLING_UID, android::CameraService::USE_CALLING_PID,

                                 android::CameraService::USE_CALLING_UID,

                                 android::CameraService::USE_CALLING_PID,

                                 /*targetSdkVersion*/ __ANDROID_API_FUTURE__, &cameraDevice);

    if (!rc.isOk()) {

        // camera not connected

        Vector<Size> pictureSizes;

        params.getSupportedPictureSizes(pictureSizes);

            for (size_t i = 0; i < pictureSizes.size(); ++i) {

                params.setPictureSize(pictureSizes[i].width, pictureSizes[i].height);

        if (pictureSizes.size()) {

            Size pictureSize = pictureSizes[mFuzzedDataProvider->ConsumeIntegralInRange<size_t>(

                    0, pictureSizes.size() - 1)];

            params.setPictureSize(pictureSize.width, pictureSize.height);

            cameraDevice->setParameters(params.flatten());

            cameraDevice->startPreview();

            waitForPreviewStart();

            cameraDevice->takePicture(msgType);

            waitForEvent(mSnapshotLock, mSnapshotCondition, mSnapshotNotification);

            cameraDevice->stopPreview();

        }

        Vector<Size> videoSizes;

        params.getSupportedVideoSizes(videoSizes);

            for (size_t i = 0; i < videoSizes.size(); ++i) {

                params.setVideoSize(videoSizes[i].width, videoSizes[i].height);

        if (videoSizes.size()) {

            Size videoSize = videoSizes[mFuzzedDataProvider->ConsumeIntegralInRange<size_t>(

                    0, videoSizes.size() - 1)];

            params.setVideoSize(videoSize.width, videoSize.height);

            cameraDevice->setParameters(params.flatten());

            cameraDevice->startPreview();

            cameraDevice->setVideoBufferMode(

                    android::hardware::BnCamera::VIDEO_BUFFER_MODE_BUFFER_QUEUE);

            cameraDevice->setVideoTarget(previewSurface->getIGraphicBufferProducer());

            cameraDevice->stopPreview();

            cameraDevice->startRecording();

            waitForEvent(mRecordingLock, mRecordingCondition, mRecordingNotification);

            cameraDevice->stopRecording();

        }

            cameraDevice->stopPreview();

        cameraDevice->disconnect();

    }

}

}

void CameraFuzzer::process() {

    getNumCameras();