Add Dawn Wire Server LPM Fuzzer [1/N]

Add scaffolding for structured Dawn wire fuzzer. This CL contains a basic fuzzer for Dawn wire server that shows some simple design ideas: 1) A basic protobuf spec that is generated using dawn.json 2) conversion from protobuf message to a dawn wire server command. This is not the complete implementation and serves as a foundation for the fuzzer so that subsequent CLs will be easier to review. Bug: chromium:1374747 Change-Id: Ife1642dda13d01d3308bdd5fe56cf85978399fd3 Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/109406 Reviewed-by: Corentin Wallez <cwallez@chromium.org> Kokoro: Kokoro <noreply+kokoro@google.com> Reviewed-by: Austin Eng <enga@chromium.org> Commit-Queue: Brendon Tiszka <tiszka@chromium.org>
2025-12-08 21:17:45 +00:00 · 2023-02-08 20:43:18 +00:00
parent e4b4c4737e
commit d0b284b00b
13 changed files with 530 additions and 2 deletions
--- a/docs/dawn/codegen.md
+++ b/docs/dawn/codegen.md
@@ -111,3 +111,12 @@ The schema of `dawn_wire.json` is a dictionary with the following keys:
 ## OpenGL loader generator

 The code to load OpenGL entrypoints from a `GetProcAddress` function is generated from [`gl.xml`](../third_party/khronos/gl.xml) and the [list of extensions](../src/dawn/native/opengl/supported_extensions.json) it supports.
+
+
+## Dawn lpmfuzz generator
+One of Dawn's Fuzzers utilizes the information in [`dawn.json`, `dawn_wire.json`, `dawn_lpm.json`] to generate  the `.proto` and `.cpp` files required for a [libprotobuf-mutator fuzzer](https://github.com/google/libprotobuf-mutator) that fuzzes Dawn Wire Server's stack with more effectiveness in some areas than plain libfuzzer.
+
+At this time it is used to generate:
+
+ - the `dawn_lpm.proto` file used to describe the grammar for the fuzzer
+ - the serializer `DawnLPMSerializer.cpp` that takes an arbitrary number of protobuf structures that were defined in `dawn_lpm.proto` and serializes them to be passed to `DawnWireServer::HandleCommands`.