diff options
Diffstat (limited to 'projects/tint/build.sh')
| -rwxr-xr-x | projects/tint/build.sh | 106 |
1 files changed, 106 insertions, 0 deletions
diff --git a/projects/tint/build.sh b/projects/tint/build.sh new file mode 100755 index 000000000..68b682b91 --- /dev/null +++ b/projects/tint/build.sh @@ -0,0 +1,106 @@ +#!/bin/bash -eu +# Copyright 2021 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +cp standalone.gclient .gclient +gclient sync + +mkdir -p out/Debug +pushd out/Debug + +# ubsan's vptr sanitization is desabled as it requires RTTI, which is disabled +# when building tint. +CFLAGS="$CFLAGS -fno-sanitize=vptr" \ +CXXFLAGS="$CXXFLAGS -fno-sanitize=vptr" \ +cmake -GNinja ../.. -DCMAKE_BUILD_TYPE=Release -DTINT_BUILD_FUZZERS=ON -DTINT_BUILD_SPIRV_TOOLS_FUZZER=ON -DTINT_BUILD_TESTS=OFF -DTINT_LIB_FUZZING_ENGINE_LINK_OPTIONS=$LIB_FUZZING_ENGINE + +if [ -n "${OSS_FUZZ_CI-}" ] +then + # When running in the CI, restrict to a small number of fuzz targets to save + # time and disk space. A SPIR-V Tools-based fuzzer that uses the HLSL + # back-end, and a regular fuzzer that uses the MSL back-end, are selected. + SPIRV_TOOLS_FUZZERS="tint_spirv_tools_hlsl_writer_fuzzer" + SPIRV_FUZZERS="tint_spv_reader_msl_writer_fuzzer\ + ${SPIRV_TOOLS_FUZZERS}" +else + SPIRV_TOOLS_FUZZERS="tint_spirv_tools_hlsl_writer_fuzzer\ + tint_spirv_tools_msl_writer_fuzzer\ + tint_spirv_tools_spv_writer_fuzzer\ + tint_spirv_tools_wgsl_writer_fuzzer" + SPIRV_FUZZERS="tint_spv_reader_hlsl_writer_fuzzer\ + tint_spv_reader_msl_writer_fuzzer\ + tint_spv_reader_spv_writer_fuzzer\ + tint_spv_reader_wgsl_writer_fuzzer\ + ${SPIRV_TOOLS_FUZZERS}" +fi + +# The spirv-as tool is used to build seed corpora +ninja ${SPIRV_FUZZERS} + +cp ${SPIRV_FUZZERS} $OUT + +popd + +# An un-instrumented build of spirv-as is used to generate a corpus of SPIR-V binaries. +mkdir -p out/Standard +pushd out/Standard + +# Back-up instrumentation options +CFLAGS_SAVE="$CFLAGS" +CXXFLAGS_SAVE="$CXXFLAGS" +unset CFLAGS +unset CXXFLAGS +export AFL_NOOPT=1 + +cmake -GNinja ../.. -DCMAKE_BUILD_TYPE=Release +ninja spirv-as + +# Restore instrumentation options +export CFLAGS="${CFLAGS_SAVE}" +export CXXFLAGS="${CXXFLAGS_SAVE}" +unset AFL_NOOPT + +popd + +# Generate a corpus of SPIR-V binaries from the SPIR-V assembly files in the +# tint repository. +mkdir $WORK/spirv-corpus +python3 fuzzers/generate_spirv_corpus.py test $WORK/spirv-corpus out/Standard/spirv-as + +mkdir $WORK/spirv-corpus-hashed-names +for f in `ls $WORK/spirv-corpus/*.spv` +do + hashed_name=$(sha1sum "$f" | awk '{print $1}') + cp $f $WORK/spirv-corpus-hashed-names/$hashed_name +done + +zip -j "$WORK/seed_corpus.zip" "$WORK"/spirv-corpus-hashed-names/* + +for fuzzer in $SPIRV_FUZZERS +do + cp "$WORK/seed_corpus.zip" "$OUT/${fuzzer}_seed_corpus.zip" +done + +for fuzzer in $SPIRV_TOOLS_FUZZERS +do + echo "[libfuzzer] +max_len = 10000 +cross_over = 0 +mutate_depth = 1 +tint_enable_all_mutations = false +tint_mutation_batch_size = 5 +" > "$OUT/${fuzzer}.options" +done |