encounter
/
dawn-cmake
mirror of https://github.com/encounter/dawn-cmake.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,934 Commits 2 Branches 0 Tags 145 MiB
Commit Graph

36 Commits

Author SHA1 Message Date
Ryan Harrison 8645953be2 Refactor Inspector fuzzing 
It is always on now when using tint::CommonFuzzer, and runs before &
after the transform step.

This CL also adds missing API coverage to the Inspector fuzzing code.

Errors found with the Inspector are now reported as fuzzer failures
and should generate bug reports.

BUG=tint:1250,tint:1251,tint:1250

Change-Id: I1c1bcbddf81a35620f89c5b7a648c44e6a1f2952
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/66980
Auto-Submit: Ryan Harrison <rharrison@chromium.org>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Alastair Donaldson <afdx@google.com>
 2021-10-20 05:01:03 +00:00
Alastair Donaldson 54180d6631 Remove WGSL and SPIR-V reader fuzzers 
Fuzzing of the WGSL and SPIR-V readers is well covered by fuzzers that
do both reading and writing. This change removes the fuzzers that only
do reading.

Fixes: tint:1254
Change-Id: Ice93016a6e95be7a2e8418387c35f20be13266e5
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/66923
Auto-Submit: Alastair Donaldson <afdx@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
 2021-10-20 00:59:31 +00:00
Ryan Harrison 37a666d91c Add robustness pass to reader writer fuzzers 
BUG=chromium:1255257,tint:1208

Change-Id: Ia5daeff8d839cbb7810bbbc12feab21039d0b681
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/66060
Auto-Submit: Ryan Harrison <rharrison@chromium.org>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Alastair Donaldson <afdx@google.com>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
 2021-10-12 14:41:20 +00:00
Ryan Harrison c57642cbd5 Refactor fuzzer transform generation 
Also splits out various utility classes from tint_common_fuzzer and
uses consistent naming for utility classes.

BUG=tint:1106

Change-Id: Ic343741eea799366850c46834865d50885554a84
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/65301
Auto-Submit: Ryan Harrison <rharrison@chromium.org>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Antonio Maiorano <amaiorano@google.com>
 2021-09-30 18:58:32 +00:00
Alastair Donaldson 6556ba0e94 Move black-box fuzz target into fuzzers group 
This makes it possible to build the fuzzer in Chromium's asan builder
group by having it depend on the tint fuzzers group, and means that the
logic for when particular fuzz targets are built remains encapsulated in
the tint fuzzer build rules.

Change-Id: Ic8d6131ccf1759a25fc3d736ae507cd173931616
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/64181
Auto-Submit: Alastair Donaldson <afdx@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Commit-Queue: Ben Clayton <bclayton@google.com>
 2021-09-15 05:26:14 +00:00
Sarah ed18f2f8c3 fix roller: added missed renames of tint_regex_fuzzer_libfuzzer_options 
Missed rename from https://dawn-review.googlesource.com/c/tint/+/63180
In a prior CL I fixed tint_ast_fuzzer_libfuzzer_options

Change-Id: I4c3bc6e2046fc986ff2ce749ecbdae2a860f8d93
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63521
Reviewed-by: Sarah Mashayekhi <sarahmashay@google.com>
Commit-Queue: Sarah Mashayekhi <sarahmashay@google.com>
Auto-Submit: Sarah Mashayekhi <sarahmashay@google.com>
Kokoro: Sarah Mashayekhi <sarahmashay@google.com>
 2021-09-03 23:26:48 +00:00
Sarah 485a45dc05 fix roller: added missed renames of tint_fuzzer_common_libfuzzer_options 
Missed in https://dawn-review.googlesource.com/c/tint/+/63180

Change-Id: I7f51fc91617feb481e69713ad4c9fc0297b7f235
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63500
Reviewed-by: Antonio Maiorano <amaiorano@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Sarah Mashayekhi <sarahmashay@google.com>
 2021-09-03 22:19:26 +00:00
Ryan Harrison 5dc0ea7cce Unify fuzzer random number generation into a single class 
BUG=tint:1098

Change-Id: I84931804515487d931bbbb5f0d5239d03ca76dfc
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63300
Auto-Submit: Ryan Harrison <rharrison@chromium.org>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Alastair Donaldson <afdx@google.com>
 2021-09-03 00:59:35 +00:00
Ryan Harrison 5093b9fe4d Add options to fuzzer to improve performance 
Since the APIs being tested take in strings, using
onlyascii.
Restricting the size of test cases, so that we get more
diverse smaller test cases, instead of generating 1MB of 0s.

BUG=tint:1095,tint:1096

Change-Id: I0590bf0146c3395278ead362e2add328f669aea7
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63180
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Ben Clayton <bclayton@google.com>
Auto-Submit: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Ben Clayton <bclayton@google.com>
 2021-09-02 19:59:35 +00:00
Alastair Donaldson 3e70f3e2ac Add black box fuzzer target 
Adds a stand-alone executable that serves as an entry point for black
box fuzzing. It reads data from a given file, and then calls into the
same code that the libFuzzer fuzzer targets do.

Fixes: tint:1151
Change-Id: I23f4c5b4aa7040f434c791404136422f5c8ee12a
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63341
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
 2021-09-02 15:55:01 +00:00
Alastair Donaldson 44a0adf9b4 Fuzzers: Avoid passing target backend as parameter 
Changes various fuzz targets so that the target back-end language (HLSL,
MSL, SPIR-V or WGSL) is no longer passed as a command line argument, but
instead baked into the fuzzer's binary. This avoids a problem whereby a
ClusterFuzz bug reproducer does not use the required back-end command
line argument.

Change-Id: I64402a23391ca0f24c9d1ffd2aa2f218cc7106b1
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63163
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Alastair Donaldson <afdx@google.com>
 2021-08-31 22:07:17 +00:00
Alastair Donaldson a96dce9c89 Remove SPIR-V reader fuzzers 
Fuzzers that exercise the SPIR-V reader are being moved to OSS-Fuzz.
This change removes them from the Chromium build so that they cease to
be run by ClusterFuzz. The change also applies a small refactoring to
the fuzzer build rules, so that the tint_ast_clone fuzzer is specified
together with other fuzzers that require the WGSL reader and writer.

Bug: chromium:1243084
Change-Id: I4f5d12a679366634c7cad3e7ac18075bb046a8ba
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/62800
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Alastair Donaldson <afdx@google.com>
 2021-08-25 16:14:43 +00:00
Antonio Maiorano 15e89fa7b7 Add '-tint_dump_input=true/false' to fuzzers to dump input spv/wgsl to a file 
When enabled, the input spv/wgsl is dumped to a file named
"fuzzer_input_<hash of file>.spv/wgsl".

Note that this adds the setting to all the fuzzers in the root of
fuzzers/, but not to tint_ast_fuzzer, tint_regex_fuzzer, nor
tint_spirv_tools_fuzzer as they currently to their own CLI parsing.

Change-Id: I268ffd842b94be1cbb78eb199d5662712ff71053
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/61000
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Commit-Queue: Antonio Maiorano <amaiorano@google.com>
 2021-08-05 15:52:58 +00:00
Alastair Donaldson 1f0200a3ff Add gn support for regex fuzzer 
Allows the tint regex fuzzer to be built using gn, so that it can be
deployed on ClusterFuzz.

Fixes: tint:1075
Change-Id: I88f8bd0eefe3044483b66784cc32feebcdc63928
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/60202
Auto-Submit: Alastair Donaldson <afdx@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Alastair Donaldson <afdx@google.com>
 2021-07-29 11:58:18 +00:00
Alastair Donaldson 86dc88725a Add gn build support for spirv-tools + AST fuzzers 
Allows the new transformation-based fuzzers to be built using gn, so
that they can be deployed on ClusterFuzz.

Fixes: tint:1002
Fixes: tint:1006

Change-Id: Ib9624e507e40836541eb424e710705345a198db1
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/58387
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Vasyl Teliman <vasniktel@gmail.com>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
 2021-07-16 20:56:55 +00:00
Alastair Donaldson bbda5723da Add explanatory comment to fuzzer build files 
This change adds a comment related to the use of host_toolchain to
account for cross compilation, and removes a print statement that had
been accidentally left in a build script.

Bug: tint:966
Change-Id: I6334225864632d9983ab197bb28fcb972d5ba1d4
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/58000
Auto-Submit: Alastair Donaldson <afdx@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Commit-Queue: Ben Clayton <bclayton@google.com>
 2021-07-14 13:04:31 +00:00
Alastair Donaldson 9f4d94d70e Generate shader corpora for SPIR-V fuzzers 
Add a script that generates corpora of SPIR-V shaders for the tint
SPIR-V fuzzers, from test cases in the repository.

Fixes: tint:966
Change-Id: I3be5a868ed8ac9c9cfe3b1d5d7d5607e2e26168d
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/57881
Auto-Submit: Alastair Donaldson <afdx@google.com>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
 2021-07-13 19:42:22 +00:00
Alastair Donaldson ff0a8f0822 Generate shader corpora for WGSL fuzzers 
Adds scripts that generate corpora of WGSL shaders for the tint
WGSL fuzzers, from test cases in the repository.

Bug: tint:966
Change-Id: Icf8293472ff04ca15111acacda8582b11c0723be
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/57880
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Ben Clayton <bclayton@google.com>
Commit-Queue: Ben Clayton <bclayton@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Auto-Submit: Alastair Donaldson <afdx@google.com>
 2021-07-13 17:11:35 +00:00
James Price 54d1ee6f11 fuzzers: Switch fuzzers to new generator API 
Remove sanitizer transform fuzzers, as these will no longer be
publicly visible. We should fuzz the generator options instead.

Change-Id: If8f2c70f505bdaecd62a2f53a6586c3b84bd1c33
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/57760
Auto-Submit: James Price <jrprice@google.com>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Kokoro: Kokoro <noreply+kokoro@google.com>
 2021-07-12 21:07:41 +00:00
Ben Clayton 2e6fefb858 Revert "Generate shader corpora for fuzzers" 
This reverts commit d09317c0b5.

Reason for revert: Breaks chromium build. See: crbug.com/tint/970

Bug: tint:970

Original change's description:
> Generate shader corpora for fuzzers
>
> Adds scripts that generated corpora of WGSL and SPIR-V shaders for
> the tint fuzzers, from test cases in the repository.
>
> Fixed: tint:966
> Change-Id: I7e86ef5e34676d0c4f5b7e413a5c0f444fca08ff
> Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/57204
> Kokoro: Kokoro <noreply+kokoro@google.com>
> Reviewed-by: Ben Clayton <bclayton@google.com>
> Reviewed-by: Ryan Harrison <rharrison@chromium.org>
> Commit-Queue: Alastair Donaldson <afdx@google.com>

# Not skipping CQ checks because original CL landed > 1 day ago.

Change-Id: I5bdcfe33c3e4d1bc71b9e51c650c0e7318c561e1
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/57428
Reviewed-by: Ben Clayton <bclayton@google.com>
Kokoro: Ben Clayton <bclayton@google.com>
Commit-Queue: Ben Clayton <bclayton@google.com>
 2021-07-12 11:59:21 +00:00
Alastair Donaldson d09317c0b5 Generate shader corpora for fuzzers 
Adds scripts that generated corpora of WGSL and SPIR-V shaders for
the tint fuzzers, from test cases in the repository.

Fixed: tint:966
Change-Id: I7e86ef5e34676d0c4f5b7e413a5c0f444fca08ff
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/57204
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Alastair Donaldson <afdx@google.com>
 2021-07-08 18:33:33 +00:00
Ben Clayton 0273f1a604 transform: Rename BoundArrayAccessors to Robustness 
We will want this transform to do more bounds and argument sanitization.

Bug: tint:748
Change-Id: I38cb9623622e9f5ab85d8cd420d669ca6be77099
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/56543
Auto-Submit: Ben Clayton <bclayton@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Antonio Maiorano <amaiorano@google.com>
Reviewed-by: Antonio Maiorano <amaiorano@google.com>
 2021-06-30 13:23:36 +00:00
Ryan Harrison 593c87b414 Remove fuzzing for transform::EmitVertPointSize 
BUG=tint:753

Change-Id: Idb1f942defe6233421ea735a56bab8da8add8024
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/50360
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Ben Clayton <bclayton@google.com>
Auto-Submit: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Ben Clayton <bclayton@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
 2021-05-07 15:48:04 +00:00
Ryan Harrison a0174e613f Add fuzzing for transform::VertexPulling 
Includes a significant refactoring of helper functions in
tint_common_fuzzer.cc/.h

BUG=tint:722

Change-Id: I1fdab0113bae02c4a0bf8da0d1b7729f05a2fc5b
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/49902
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Auto-Submit: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Ben Clayton <bclayton@google.com>
 2021-05-06 15:43:33 +00:00
Ryan Harrison 52456c69c8 Add fuzzing for transform::SingleEntryPoint 
BUG=tint:722

Change-Id: I83dfb2cb196f6e80ffb48dc41ff385621a5d629e
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/49580
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Auto-Submit: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Ben Clayton <bclayton@google.com>
 2021-04-29 20:49:25 +00:00
Ryan Harrison bc5461d731 Add fuzzing for transform::Renamer 
BUG=tint:722

Change-Id: I6886913e01f579e48d6b13c152230dc4e23dfcd2
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/49540
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Auto-Submit: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Ben Clayton <bclayton@google.com>
 2021-04-29 20:43:45 +00:00
Ryan Harrison fc57979d70 Add fuzzing for transform::Spirv 
BUG=tint:722

Change-Id: Icf47d061b85ad68adc311b8873eb75ad2cd4a451
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/49463
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Auto-Submit: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Ben Clayton <bclayton@google.com>
 2021-04-29 20:12:05 +00:00
Ryan Harrison b67d0494b5 Add fuzzing for transform::Msl 
BUG=tint:722

Change-Id: I1d1ceb9770a2a071522b0eb11521041d23dc1c84
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/49462
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Auto-Submit: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Ben Clayton <bclayton@google.com>
 2021-04-29 20:06:25 +00:00
Ryan Harrison dcd6b4d669 Add fuzzing for transform::Hlsl 
BUG=tint:722

Change-Id: Iaf107077a596dd607c2f785d8787177279e0bcef
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/49461
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Auto-Submit: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Ben Clayton <bclayton@google.com>
 2021-04-29 20:03:35 +00:00
Ryan Harrison da43604eab Remove fuzzers for transforms that should only be invoked by sanitizers 
Also mark code elements that should be removed as part of
https://crbug.com/tint/753

BUG=tint:722

Change-Id: I52aedeffcb06e302f8399d83986909b36749ca5e
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/49560
Auto-Submit: Ryan Harrison <rharrison@chromium.org>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Ben Clayton <bclayton@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
 2021-04-29 19:59:55 +00:00
Ryan Harrison 23c73b0b32 Add fuzzing for transform::CanonicalizeEntryPointIO 
BUG=tint:722

Change-Id: Id6ca2a8c5b807c84658969a09ca75281f62221d1
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/49381
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Auto-Submit: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Ben Clayton <bclayton@google.com>
 2021-04-28 18:13:03 +00:00
Ryan Harrison be303e9265 Add fuzzing for transform::CalculateArrayLength 
BUG=tint:722

Change-Id: Ide83964646f303c03a9cc780f3828f1816baa288
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/49380
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Auto-Submit: Ryan Harrison <rharrison@chromium.org>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
 2021-04-28 17:57:23 +00:00
Ryan Harrison b5c908f700 Add fuzzing for transform::BindingRemapper 
BUG=tint:722

Change-Id: I742f1e536ef0429c2e7b8c9ea6c13b836a2ec0c2
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/49360
Auto-Submit: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Ben Clayton <bclayton@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
 2021-04-28 15:35:43 +00:00
Corentin Wallez 98c2cf0e91 More BUILD.gn fixes for building Tint in Chromium 
Bug: None
Change-Id: Ib9ed45e428aefd73eeefdbe34d03d9bc499d3679
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/48605
Commit-Queue: Corentin Wallez <cwallez@chromium.org>
Commit-Queue: Ben Clayton <bclayton@google.com>
Reviewed-by: Antonio Maiorano <amaiorano@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
 2021-04-21 14:58:42 +00:00
Corentin Wallez c205c28bc3 GN: Fix compilation of fuzzers in Chromium 
Bug: dawn:706
Change-Id: I1245bfe728d6b7f82a2fdfb0a65fd24ba3269526
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/44685
Reviewed-by: Ben Clayton <bclayton@google.com>
Commit-Queue: Corentin Wallez <cwallez@chromium.org>
 2021-03-15 15:09:11 +00:00
Corentin Wallez 5929a04316 Split BUILD.gn into per-subdirectory BUILD.gns 
This will allow Tint's dependent to depend on libtint without GN
discovering Tint's test and try to build them. In particular it will
help use Tint in Dawn in Skia's standalone build which doesn't have
//testing.

Bug: dawn:706
Change-Id: Idd28662b89aa75df7704eaae205328dce0b96fef
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/44540
Reviewed-by: David Neto <dneto@google.com>
Commit-Queue: Corentin Wallez <cwallez@chromium.org>
Auto-Submit: Corentin Wallez <cwallez@chromium.org>
 2021-03-15 08:43:11 +00:00