Added libgui_displayEvent_fuzzer

        "libgui_fuzzer_defaults",

    ],

}

cc_fuzz {

    name: "libgui_displayEvent_fuzzer",

    srcs: [

        "libgui_displayEvent_fuzzer.cpp",

    ],

    defaults: [

        "libgui_fuzzer_defaults",

    ],

}

+ [libgui_parcelable_fuzzer](#Libgui_Parcelable)

+ [libgui_bufferQueue_fuzzer](#BufferQueue)

+ [libgui_consumer_fuzzer](#Libgui_Consumer)

+ [libgui_displayEvent_fuzzer](#LibGui_DisplayEvent)

# <a name="libgui_surfaceComposer_fuzzer"></a> Fuzzer for SurfaceComposer

  $ adb sync data

  $ adb shell /data/fuzz/arm64/libgui_consumer_fuzzer/libgui_consumer_fuzzer

```

# <a name="libgui_displayEvent_fuzzer"></a> Fuzzer for LibGui_DisplayEvent

LibGui_DisplayEvent supports the following parameters:

1. DisplayEventType (parameter name:`type`)

2. Events (parameter name:`events`)

3. VsyncSource (parameter name:`vsyncSource`)

4. EventRegistrationFlags (parameter name:`flags`)

| Parameter| Valid Values| Configured Value|

|------------- |-------------| ----- |

|`vsyncSource`| 0.`ISurfaceComposer::eVsyncSourceApp`, 1.`ISurfaceComposer::eVsyncSourceSurfaceFlinger`, |Value obtained from FuzzedDataProvider|

|`flags`| 0.`ISurfaceComposer::EventRegistration::modeChanged`, 1.`ISurfaceComposer::EventRegistration::frameRateOverride`, |Value obtained from FuzzedDataProvider|

|`type`| 0.`DisplayEventReceiver::DISPLAY_EVENT_NULL`, 1.`DisplayEventReceiver::DISPLAY_EVENT_VSYNC`, 2.`DisplayEventReceiver::DISPLAY_EVENT_HOTPLUG`, 3.`DisplayEventReceiver::DISPLAY_EVENT_MODE_CHANGE`, 4.`DisplayEventReceiver::DISPLAY_EVENT_FRAME_RATE_OVERRIDE`, 5.`DisplayEventReceiver::DISPLAY_EVENT_FRAME_RATE_OVERRIDE_FLUSH`, |Value obtained from FuzzedDataProvider|

|`events`| 0.`Looper::EVENT_INPUT`, 1.`Looper::EVENT_OUTPUT`, 2.`Looper::EVENT_ERROR`, 3.`Looper::EVENT_HANGUP`, 4.`Looper::EVENT_INVALID`, |Value obtained from FuzzedDataProvider|

#### Steps to run

1. Build the fuzzer

```

  $ mm -j$(nproc) libgui_displayEvent_fuzzer

```

2. Run on device

```

  $ adb sync data

  $ adb shell /data/fuzz/arm64/libgui_displayEvent_fuzzer/libgui_displayEvent_fuzzer

```

/*

 * Copyright 2022 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

#include <android/gui/ISurfaceComposer.h>

#include <libgui_fuzzer_utils.h>

using namespace android;

constexpr gui::ISurfaceComposer::VsyncSource kVsyncSource[] = {

        gui::ISurfaceComposer::VsyncSource::eVsyncSourceApp,

        gui::ISurfaceComposer::VsyncSource::eVsyncSourceSurfaceFlinger,

};

constexpr gui::ISurfaceComposer::EventRegistration kEventRegistration[] = {

        gui::ISurfaceComposer::EventRegistration::modeChanged,

        gui::ISurfaceComposer::EventRegistration::frameRateOverride,

};

constexpr uint32_t kDisplayEvent[] = {

        DisplayEventReceiver::DISPLAY_EVENT_NULL,

        DisplayEventReceiver::DISPLAY_EVENT_VSYNC,

        DisplayEventReceiver::DISPLAY_EVENT_HOTPLUG,

        DisplayEventReceiver::DISPLAY_EVENT_MODE_CHANGE,

        DisplayEventReceiver::DISPLAY_EVENT_FRAME_RATE_OVERRIDE,

        DisplayEventReceiver::DISPLAY_EVENT_FRAME_RATE_OVERRIDE_FLUSH,

};

constexpr int32_t kEvents[] = {

        Looper::EVENT_INPUT,  Looper::EVENT_OUTPUT,  Looper::EVENT_ERROR,

        Looper::EVENT_HANGUP, Looper::EVENT_INVALID,

};

DisplayEventReceiver::Event buildDisplayEvent(FuzzedDataProvider* fdp, uint32_t type,

                                              DisplayEventReceiver::Event event) {

    switch (type) {

        case DisplayEventReceiver::DISPLAY_EVENT_VSYNC: {

            event.vsync.count = fdp->ConsumeIntegral<uint32_t>();

            event.vsync.vsyncData.frameInterval = fdp->ConsumeIntegral<uint64_t>();

            event.vsync.vsyncData.preferredFrameTimelineIndex = fdp->ConsumeIntegral<uint32_t>();

            for (size_t idx = 0; idx < gui::VsyncEventData::kFrameTimelinesLength; ++idx) {

                event.vsync.vsyncData.frameTimelines[idx].vsyncId = fdp->ConsumeIntegral<int64_t>();

                event.vsync.vsyncData.frameTimelines[idx].deadlineTimestamp =

                        fdp->ConsumeIntegral<uint64_t>();

                event.vsync.vsyncData.frameTimelines[idx].expectedPresentationTime =

                        fdp->ConsumeIntegral<uint64_t>();

            }

            break;

        }

        case DisplayEventReceiver::DISPLAY_EVENT_HOTPLUG: {

            event.hotplug = DisplayEventReceiver::Event::Hotplug{fdp->ConsumeBool() /*connected*/};

            break;

        }

        case DisplayEventReceiver::DISPLAY_EVENT_MODE_CHANGE: {

            event.modeChange =

                    DisplayEventReceiver::Event::ModeChange{fdp->ConsumeIntegral<int32_t>(),

                                                            fdp->ConsumeIntegral<int64_t>()};

            break;

        }

        case DisplayEventReceiver::DISPLAY_EVENT_FRAME_RATE_OVERRIDE:

        case DisplayEventReceiver::DISPLAY_EVENT_FRAME_RATE_OVERRIDE_FLUSH: {

            event.frameRateOverride =

                    DisplayEventReceiver::Event::FrameRateOverride{fdp->ConsumeIntegral<uint32_t>(),

                                                                   fdp->ConsumeFloatingPoint<

                                                                           float>()};

            break;

        }

    }

    return event;

}

extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {

    FuzzedDataProvider fdp(data, size);

    sp<Looper> looper;

    sp<FakeDisplayEventDispatcher> dispatcher(

            new FakeDisplayEventDispatcher(looper, fdp.PickValueInArray(kVsyncSource),

                                           fdp.PickValueInArray(kEventRegistration)));

    dispatcher->initialize();

    DisplayEventReceiver::Event event;

    uint32_t type = fdp.PickValueInArray(kDisplayEvent);

    PhysicalDisplayId displayId;

    event.header =

            DisplayEventReceiver::Event::Header{type, displayId, fdp.ConsumeIntegral<int64_t>()};

    event = buildDisplayEvent(&fdp, type, event);

    dispatcher->injectEvent(event);

    dispatcher->handleEvent(0, fdp.PickValueInArray(kEvents), nullptr);

    return 0;

}