1#!/bin/bash -eu 2# Copyright 2021 Google LLC 3# 4# Licensed under the Apache License, Version 2.0 (the "License"); 5# you may not use this file except in compliance with the License. 6# You may obtain a copy of the License at 7# 8# http://www.apache.org/licenses/LICENSE-2.0 9# 10# Unless required by applicable law or agreed to in writing, software 11# distributed under the License is distributed on an "AS IS" BASIS, 12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13# See the License for the specific language governing permissions and 14# limitations under the License. 15# 16################################################################################ 17 18git clone https://github.com/KhronosGroup/SPIRV-Headers external/spirv-headers --depth=1 19git clone https://github.com/protocolbuffers/protobuf external/protobuf --branch v3.13.0.1 20git clone https://dawn.googlesource.com/tint --depth=1 21 22mkdir build 23pushd build 24 25CMAKE_ARGS="-DSPIRV_BUILD_LIBFUZZER_TARGETS=ON -DSPIRV_LIB_FUZZING_ENGINE_LINK_OPTIONS=$LIB_FUZZING_ENGINE" 26 27# With ubsan, RTTI must be enabled due to certain checks (vptr) requiring it. 28if [ $SANITIZER == "undefined" ]; 29then 30 CMAKE_ARGS="${CMAKE_ARGS} -DENABLE_RTTI=ON" 31fi 32cmake -G Ninja .. ${CMAKE_ARGS} 33ninja 34 35SPIRV_BINARY_FUZZERS="spvtools_binary_parser_fuzzer\ 36 spvtools_dis_fuzzer\ 37 spvtools_opt_legalization_fuzzer\ 38 spvtools_opt_performance_fuzzer\ 39 spvtools_opt_size_fuzzer\ 40 spvtools_val_fuzzer" 41 42SPIRV_ASSEMBLY_FUZZERS="spvtools_as_fuzzer" 43 44for fuzzer in $SPIRV_BINARY_FUZZERS $SPIRV_ASSEMBLY_FUZZERS 45do 46 cp test/fuzzers/$fuzzer $OUT 47done 48 49popd 50 51# An un-instrumented build of spirv-as is used to generate a corpus of SPIR-V binaries. 52mkdir standard-build 53pushd standard-build 54 55# Back-up instrumentation options 56CFLAGS_SAVE="$CFLAGS" 57CXXFLAGS_SAVE="$CXXFLAGS" 58unset CFLAGS 59unset CXXFLAGS 60export AFL_NOOPT=1 61 62cmake -G Ninja .. ${CMAKE_ARGS} 63ninja spirv-as 64 65# Restore instrumentation options 66export CFLAGS="${CFLAGS_SAVE}" 67export CXXFLAGS="${CXXFLAGS_SAVE}" 68unset AFL_NOOPT 69 70popd 71 72 73# Generate a corpus of SPIR-V binaries from the SPIR-V assembly files in the 74# SPIRV-Tools and tint repositories. 75mkdir $WORK/tint-binary-corpus 76python3 tint/fuzzers/generate_spirv_corpus.py tint/test $WORK/tint-binary-corpus standard-build/tools/spirv-as 77mkdir $WORK/spirv-binary-corpus-hashed-names 78tint_test_cases=`ls $WORK/tint-binary-corpus/*.spv` 79spirv_tools_test_cases=`find test/fuzzers/corpora -name "*.spv"` 80for f in $tint_test_cases $spirv_tools_test_cases 81do 82 hashed_name=$(sha1sum "$f" | awk '{print $1}') 83 cp $f $WORK/spirv-binary-corpus-hashed-names/$hashed_name 84done 85zip -j "$WORK/spirv_binary_seed_corpus.zip" "$WORK/spirv-binary-corpus-hashed-names"/* 86 87# Supply each of the binary fuzzers with this seed corpus. 88for fuzzer in $SPIRV_BINARY_FUZZERS 89do 90 cp "$WORK/spirv_binary_seed_corpus.zip" "$OUT/${fuzzer}_seed_corpus.zip" 91done 92 93# Generate a corpus of SPIR-V assembly files from the tint repository. 94mkdir $WORK/spirv-assembly-corpus-hashed-names 95for f in `find tint/test -name "*.spvasm"` 96do 97 hashed_name=$(sha1sum "$f" | awk '{print $1}') 98 cp $f $WORK/spirv-assembly-corpus-hashed-names/$hashed_name 99done 100 101zip -j "$WORK/spirv_assembly_seed_corpus.zip" "$WORK/spirv-assembly-corpus-hashed-names"/* 102 103# Supply each of the assembly fuzzers with this seed corpus. 104for fuzzer in $SPIRV_ASSEMBLY_FUZZERS 105do 106 cp "$WORK/spirv_assembly_seed_corpus.zip" "$OUT/${fuzzer}_seed_corpus.zip" 107done 108