Instead of uploading separate black-box fuzzers for each target
language, it will be more convenient to have the target language chosen
based on the data file being processed. This change facilitates that.
Bug: https://crbug.com/1246587
Change-Id: I39f225835f8ca06cb8b8ea1c791b6c872f0f9d8f
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/66180
Auto-Submit: Alastair Donaldson <afdx@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Removes an abort that was injected to confirm that a fuzzer target was
working.
Bug: https://crbug.com/1246587
Change-Id: Ibe5270eacb3dfa2832b5de4c1fcf7b220af91fcc
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/66121
Auto-Submit: Alastair Donaldson <afdx@google.com>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
An assertion failure had been injected to check that black box fuzzing
is working, but as ClusterFuzz runs a release mode build this was not
triggering. This change turns the assertion failure into an abort. Once
it has been established that the abort is triggered by the black box
fuzzers, it should be removed.
Bug: https://crbug.com/1246587
Change-Id: I5afcea97132e5a7f13df4ba353121deccc901e60
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/65901
Reviewed-by: Ben Clayton <bclayton@google.com>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Alastair Donaldson <afdx@google.com>
To test whether black-box fuzzing is working, this change injects an
assertion failure into tint_black_box_fuzzer_target. Once it has been
established that this failure is found by the black box fuzzers, it
should be removed.
Bug: https://crbug.com/1246587
Change-Id: I408bdb116e817879edcec025f644e6f0f6f8bb73
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/65340
Auto-Submit: Alastair Donaldson <afdx@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Alastair Donaldson <afdx@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
This is instead of consuming a portion of the input, so that the seed
corpus of valid shaders can be more effective.
BUG=tint:1098
Change-Id: If3696527c82c23b09edeea6ddd2a0f935e5e1ac7
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63301
Auto-Submit: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Ben Clayton <bclayton@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Adds a stand-alone executable that serves as an entry point for black
box fuzzing. It reads data from a given file, and then calls into the
same code that the libFuzzer fuzzer targets do.
Fixes: tint:1151
Change-Id: I23f4c5b4aa7040f434c791404136422f5c8ee12a
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63341
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Alastair Donaldson
Ryan Harrison