scripts/update_fuzzer_seed_corpus.sh - dawn - Git at Google

 #!/bin/bash

 # Copyright 2019 The Dawn Authors
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.

 # Generates a seed corpus for fuzzing based on dumping wire traces
 # from running Dawn tests

 # Exit if anything fails
 set -e

 if [ "$#" -lt 3 ]; then
 cat << EOF

 Usage:
   $0 <out_dir> <fuzzer_name> <test_name> [additional_test_args...]

 Example:
   $0 out/fuzz dawn_wire_server_and_vulkan_backend_fuzzer dawn_end2end_tests --gtest_filter=*Vulkan

 EOF
     exit 1
 fi

 all_args=("$@")
 out_dir=$1
 fuzzer_name=$2
 test_name=$3
 additional_test_args=("${all_args[@]:3}")

 testcase_dir="/tmp/testcases/${fuzzer_name}/"
 injected_error_testcase_dir="/tmp/testcases/${fuzzer_name}_injected/"
 minimized_testcase_dir="/tmp/testcases/${fuzzer_name}_minimized/"

 # Print commands so it's clear what is being executed
 set -x

 # Make a directory for temporarily storing testcases
 mkdir -p "$testcase_dir"

 # Make an empty directory for temporarily storing testcases with injected errors
 rm -rf "$injected_error_testcase_dir"
 mkdir -p "$injected_error_testcase_dir"

 # Make an empty directory for temporarily storing minimized testcases
 rm -rf "$minimized_testcase_dir"
 mkdir -p "$minimized_testcase_dir"

 # Build the fuzzer and test
 autoninja -C $out_dir $fuzzer_name $test_name

 fuzzer_binary="${out_dir}/${fuzzer_name}"
 test_binary="${out_dir}/${test_name}"

 # Run the test binary
 $test_binary --use-wire --wire-trace-dir="$testcase_dir" $additional_test_args

 # Run the fuzzer over the testcases to inject errors
 $fuzzer_binary --injected-error-testcase-dir="$injected_error_testcase_dir" -runs=0 "$testcase_dir"

 # Run the fuzzer to minimize the testcases + injected errors
 $fuzzer_binary -merge=1 "$minimized_testcase_dir" "$injected_error_testcase_dir" "$testcase_dir"

 # Turn off command printing
 set +x

 if [ -z "$(ls -A $minimized_testcase_dir)" ]; then
 cat << EOF

 Minimized testcase directory is empty!
 Are you building with use_libfuzzer=true ?

 EOF
     exit 1
 fi

 cat << EOF

 Please test the corpus in $minimized_testcase_dir with $fuzzer_name and confirm it works as expected.

     $fuzzer_binary $minimized_testcase_dir

 Then, run the following command to upload new testcases to the seed corpus:

     gsutil -m rsync $minimized_testcase_dir gs://clusterfuzz-corpus/libfuzzer/${fuzzer_name}/

 EOF
	#!/bin/bash

	# Copyright 2019 The Dawn Authors
	#
	# Licensed under the Apache License, Version 2.0 (the "License");
	# you may not use this file except in compliance with the License.
	# You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing, software
	# distributed under the License is distributed on an "AS IS" BASIS,
	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	# See the License for the specific language governing permissions and
	# limitations under the License.

	# Generates a seed corpus for fuzzing based on dumping wire traces
	# from running Dawn tests

	# Exit if anything fails
	set -e

	if [ "$#" -lt 3 ]; then
	cat << EOF

	Usage:
	$0 <out_dir> <fuzzer_name> <test_name> [additional_test_args...]

	Example:
	$0 out/fuzz dawn_wire_server_and_vulkan_backend_fuzzer dawn_end2end_tests --gtest_filter=*Vulkan

	EOF
	exit 1
	fi

	all_args=("$@")
	out_dir=$1
	fuzzer_name=$2
	test_name=$3
	additional_test_args=("${all_args[@]:3}")

	testcase_dir="/tmp/testcases/${fuzzer_name}/"
	injected_error_testcase_dir="/tmp/testcases/${fuzzer_name}_injected/"
	minimized_testcase_dir="/tmp/testcases/${fuzzer_name}_minimized/"

	# Print commands so it's clear what is being executed
	set -x

	# Make a directory for temporarily storing testcases
	mkdir -p "$testcase_dir"

	# Make an empty directory for temporarily storing testcases with injected errors
	rm -rf "$injected_error_testcase_dir"
	mkdir -p "$injected_error_testcase_dir"

	# Make an empty directory for temporarily storing minimized testcases
	rm -rf "$minimized_testcase_dir"
	mkdir -p "$minimized_testcase_dir"

	# Build the fuzzer and test
	autoninja -C $out_dir $fuzzer_name $test_name

	fuzzer_binary="${out_dir}/${fuzzer_name}"
	test_binary="${out_dir}/${test_name}"

	# Run the test binary
	$test_binary --use-wire --wire-trace-dir="$testcase_dir" $additional_test_args

	# Run the fuzzer over the testcases to inject errors
	$fuzzer_binary --injected-error-testcase-dir="$injected_error_testcase_dir" -runs=0 "$testcase_dir"

	# Run the fuzzer to minimize the testcases + injected errors
	$fuzzer_binary -merge=1 "$minimized_testcase_dir" "$injected_error_testcase_dir" "$testcase_dir"

	# Turn off command printing
	set +x

	if [ -z "$(ls -A $minimized_testcase_dir)" ]; then
	cat << EOF

	Minimized testcase directory is empty!
	Are you building with use_libfuzzer=true ?

	EOF
	exit 1
	fi

	cat << EOF

	Please test the corpus in $minimized_testcase_dir with $fuzzer_name and confirm it works as expected.

	$fuzzer_binary $minimized_testcase_dir

	Then, run the following command to upload new testcases to the seed corpus:

	gsutil -m rsync $minimized_testcase_dir gs://clusterfuzz-corpus/libfuzzer/${fuzzer_name}/

	EOF