1*6777b538SAndroid Build Coastguard Worker# Copyright 2015 The Chromium Authors 2*6777b538SAndroid Build Coastguard Worker# Use of this source code is governed by a BSD-style license that can be 3*6777b538SAndroid Build Coastguard Worker# found in the LICENSE file. 4*6777b538SAndroid Build Coastguard Worker 5*6777b538SAndroid Build Coastguard Worker# Individual libfuzzer tests that didn't find their home yet. 6*6777b538SAndroid Build Coastguard Worker 7*6777b538SAndroid Build Coastguard Workerimport("//build/config/features.gni") 8*6777b538SAndroid Build Coastguard Workerimport("//testing/libfuzzer/fuzzer_test.gni") 9*6777b538SAndroid Build Coastguard Workerimport("//third_party/protobuf/proto_library.gni") 10*6777b538SAndroid Build Coastguard Workerimport("//ui/gl/features.gni") 11*6777b538SAndroid Build Coastguard Workerimport("//v8/gni/v8.gni") 12*6777b538SAndroid Build Coastguard Worker 13*6777b538SAndroid Build Coastguard Worker# root BUILD depends on this target. Needed for package discovery 14*6777b538SAndroid Build Coastguard Workergroup("fuzzers") { 15*6777b538SAndroid Build Coastguard Worker} 16*6777b538SAndroid Build Coastguard Worker 17*6777b538SAndroid Build Coastguard Workerfuzzer_test("empty_fuzzer") { 18*6777b538SAndroid Build Coastguard Worker sources = [ "empty_fuzzer.cc" ] 19*6777b538SAndroid Build Coastguard Worker additional_configs = [ "//testing/libfuzzer:no_clusterfuzz" ] 20*6777b538SAndroid Build Coastguard Worker} 21*6777b538SAndroid Build Coastguard Worker 22*6777b538SAndroid Build Coastguard Workerfuzzer_test("string_compare_fuzzer") { 23*6777b538SAndroid Build Coastguard Worker sources = [ "string_compare_fuzzer.cc" ] 24*6777b538SAndroid Build Coastguard Worker additional_configs = [ "//testing/libfuzzer:no_clusterfuzz" ] 25*6777b538SAndroid Build Coastguard Worker} 26*6777b538SAndroid Build Coastguard Worker 27*6777b538SAndroid Build Coastguard Workerfuzzer_test("courgette_fuzzer") { 28*6777b538SAndroid Build Coastguard Worker sources = [ "courgette_fuzzer.cc" ] 29*6777b538SAndroid Build Coastguard Worker deps = [ 30*6777b538SAndroid Build Coastguard Worker "//base", 31*6777b538SAndroid Build Coastguard Worker "//courgette:courgette_lib", 32*6777b538SAndroid Build Coastguard Worker ] 33*6777b538SAndroid Build Coastguard Worker} 34*6777b538SAndroid Build Coastguard Worker 35*6777b538SAndroid Build Coastguard Workerfuzzer_test("language_detection_fuzzer") { 36*6777b538SAndroid Build Coastguard Worker sources = [ "language_detection_fuzzer.cc" ] 37*6777b538SAndroid Build Coastguard Worker deps = [ 38*6777b538SAndroid Build Coastguard Worker "//base", 39*6777b538SAndroid Build Coastguard Worker "//components/translate/core/language_detection:language_detection", 40*6777b538SAndroid Build Coastguard Worker ] 41*6777b538SAndroid Build Coastguard Worker} 42*6777b538SAndroid Build Coastguard Worker 43*6777b538SAndroid Build Coastguard Workerfuzzer_test("snappy_compress_fuzzer") { 44*6777b538SAndroid Build Coastguard Worker sources = [ "snappy_compress_fuzzer.cc" ] 45*6777b538SAndroid Build Coastguard Worker deps = [ "//third_party/snappy:snappy" ] 46*6777b538SAndroid Build Coastguard Worker seed_corpus = "//third_party/snappy/src/testdata" 47*6777b538SAndroid Build Coastguard Worker} 48*6777b538SAndroid Build Coastguard Worker 49*6777b538SAndroid Build Coastguard Workerfuzzer_test("snappy_uncompress_fuzzer") { 50*6777b538SAndroid Build Coastguard Worker sources = [ "snappy_uncompress_fuzzer.cc" ] 51*6777b538SAndroid Build Coastguard Worker deps = [ "//third_party/snappy:snappy" ] 52*6777b538SAndroid Build Coastguard Worker seed_corpus = "//third_party/snappy/src/testdata" 53*6777b538SAndroid Build Coastguard Worker} 54*6777b538SAndroid Build Coastguard Worker 55*6777b538SAndroid Build Coastguard Workerfuzzer_test("template_url_parser_fuzzer") { 56*6777b538SAndroid Build Coastguard Worker sources = [ "template_url_parser_fuzzer.cc" ] 57*6777b538SAndroid Build Coastguard Worker deps = [ 58*6777b538SAndroid Build Coastguard Worker "//base", 59*6777b538SAndroid Build Coastguard Worker "//base:i18n", 60*6777b538SAndroid Build Coastguard Worker "//components/search_engines", 61*6777b538SAndroid Build Coastguard Worker "//mojo/core/embedder", 62*6777b538SAndroid Build Coastguard Worker "//services/data_decoder/public/cpp", 63*6777b538SAndroid Build Coastguard Worker "//services/data_decoder/public/cpp:test_support", 64*6777b538SAndroid Build Coastguard Worker "//third_party/libxml:libxml", 65*6777b538SAndroid Build Coastguard Worker ] 66*6777b538SAndroid Build Coastguard Worker dict = "//third_party/libxml/fuzz/xml.dict" 67*6777b538SAndroid Build Coastguard Worker libfuzzer_options = [ "max_len=4096" ] 68*6777b538SAndroid Build Coastguard Worker} 69*6777b538SAndroid Build Coastguard Worker 70*6777b538SAndroid Build Coastguard Workerfuzzer_test("url_parse_proto_fuzzer") { 71*6777b538SAndroid Build Coastguard Worker sources = [ "url_parse_proto_fuzzer.cc" ] 72*6777b538SAndroid Build Coastguard Worker deps = [ 73*6777b538SAndroid Build Coastguard Worker "//base", 74*6777b538SAndroid Build Coastguard Worker "//base:i18n", 75*6777b538SAndroid Build Coastguard Worker "//testing/libfuzzer/proto:url_proto", 76*6777b538SAndroid Build Coastguard Worker "//third_party/libprotobuf-mutator", 77*6777b538SAndroid Build Coastguard Worker "//url:url", 78*6777b538SAndroid Build Coastguard Worker ] 79*6777b538SAndroid Build Coastguard Worker} 80*6777b538SAndroid Build Coastguard Worker 81*6777b538SAndroid Build Coastguard Workerfuzzer_test("libsrtp_fuzzer") { 82*6777b538SAndroid Build Coastguard Worker sources = [ "libsrtp_fuzzer.cc" ] 83*6777b538SAndroid Build Coastguard Worker deps = [ "//third_party/libsrtp" ] 84*6777b538SAndroid Build Coastguard Worker libfuzzer_options = [ "max_len=1500" ] 85*6777b538SAndroid Build Coastguard Worker} 86*6777b538SAndroid Build Coastguard Worker 87*6777b538SAndroid Build Coastguard Workerlibpng_seed_corpuses = [ 88*6777b538SAndroid Build Coastguard Worker "//components/test/data/viz", 89*6777b538SAndroid Build Coastguard Worker "//third_party/blink/web_tests/images/png-suite/samples", 90*6777b538SAndroid Build Coastguard Worker "//third_party/blink/web_tests/images/resources/pngfuzz", 91*6777b538SAndroid Build Coastguard Worker] 92*6777b538SAndroid Build Coastguard Worker 93*6777b538SAndroid Build Coastguard Workerfuzzer_test("gfx_png_image_fuzzer") { 94*6777b538SAndroid Build Coastguard Worker sources = [ "gfx_png_image_fuzzer.cc" ] 95*6777b538SAndroid Build Coastguard Worker deps = [ 96*6777b538SAndroid Build Coastguard Worker "//base", 97*6777b538SAndroid Build Coastguard Worker "//ui/base", 98*6777b538SAndroid Build Coastguard Worker "//ui/gfx", 99*6777b538SAndroid Build Coastguard Worker ] 100*6777b538SAndroid Build Coastguard Worker dict = "dicts/png.dict" 101*6777b538SAndroid Build Coastguard Worker seed_corpuses = libpng_seed_corpuses 102*6777b538SAndroid Build Coastguard Worker} 103*6777b538SAndroid Build Coastguard Worker 104*6777b538SAndroid Build Coastguard Workerfuzzer_test("libxml_xml_read_memory_fuzzer") { 105*6777b538SAndroid Build Coastguard Worker sources = [ "libxml_xml_read_memory_fuzzer.cc" ] 106*6777b538SAndroid Build Coastguard Worker deps = [ "//third_party/libxml:libxml" ] 107*6777b538SAndroid Build Coastguard Worker dict = "//third_party/libxml/fuzz/xml.dict" 108*6777b538SAndroid Build Coastguard Worker seed_corpus = "//third_party/libxml/fuzz/seed_corpus" 109*6777b538SAndroid Build Coastguard Worker} 110*6777b538SAndroid Build Coastguard Worker 111*6777b538SAndroid Build Coastguard Workerfuzzer_test("libpng_progressive_read_fuzzer") { 112*6777b538SAndroid Build Coastguard Worker sources = [ "libpng_read_fuzzer.cc" ] 113*6777b538SAndroid Build Coastguard Worker deps = [ 114*6777b538SAndroid Build Coastguard Worker "//base", 115*6777b538SAndroid Build Coastguard Worker "//third_party/libpng", 116*6777b538SAndroid Build Coastguard Worker ] 117*6777b538SAndroid Build Coastguard Worker dict = "dicts/png.dict" 118*6777b538SAndroid Build Coastguard Worker seed_corpuses = libpng_seed_corpuses 119*6777b538SAndroid Build Coastguard Worker} 120*6777b538SAndroid Build Coastguard Worker 121*6777b538SAndroid Build Coastguard Workertemplate("v8_fuzzer") { 122*6777b538SAndroid Build Coastguard Worker if (defined(invoker.v8_dep)) { 123*6777b538SAndroid Build Coastguard Worker _deps = [ "//v8:${invoker.v8_dep}" ] 124*6777b538SAndroid Build Coastguard Worker } else { 125*6777b538SAndroid Build Coastguard Worker _deps = [ "//v8:${target_name}" ] 126*6777b538SAndroid Build Coastguard Worker } 127*6777b538SAndroid Build Coastguard Worker 128*6777b538SAndroid Build Coastguard Worker fuzzer_test("v8_${target_name}") { 129*6777b538SAndroid Build Coastguard Worker forward_variables_from(invoker, 130*6777b538SAndroid Build Coastguard Worker "*", 131*6777b538SAndroid Build Coastguard Worker [ 132*6777b538SAndroid Build Coastguard Worker "v8_dep", 133*6777b538SAndroid Build Coastguard Worker "max_len", 134*6777b538SAndroid Build Coastguard Worker ]) 135*6777b538SAndroid Build Coastguard Worker 136*6777b538SAndroid Build Coastguard Worker sources = [] 137*6777b538SAndroid Build Coastguard Worker deps = _deps 138*6777b538SAndroid Build Coastguard Worker if (defined(invoker.max_len)) { 139*6777b538SAndroid Build Coastguard Worker if (!defined(libfuzzer_options)) { 140*6777b538SAndroid Build Coastguard Worker libfuzzer_options = [] 141*6777b538SAndroid Build Coastguard Worker } 142*6777b538SAndroid Build Coastguard Worker libfuzzer_options += [ "max_len=${invoker.max_len}" ] 143*6777b538SAndroid Build Coastguard Worker } 144*6777b538SAndroid Build Coastguard Worker 145*6777b538SAndroid Build Coastguard Worker asan_options = [ 146*6777b538SAndroid Build Coastguard Worker "allow_user_segv_handler=1", 147*6777b538SAndroid Build Coastguard Worker "handle_sigtrap=1", 148*6777b538SAndroid Build Coastguard Worker ] 149*6777b538SAndroid Build Coastguard Worker msan_options = [ "handle_sigtrap=1" ] 150*6777b538SAndroid Build Coastguard Worker ubsan_options = [ 151*6777b538SAndroid Build Coastguard Worker "handle_sigtrap=1", 152*6777b538SAndroid Build Coastguard Worker "handle_segv=1", 153*6777b538SAndroid Build Coastguard Worker ] 154*6777b538SAndroid Build Coastguard Worker environment_variables = [ "AFL_DRIVER_DONT_DEFER=1" ] 155*6777b538SAndroid Build Coastguard Worker } 156*6777b538SAndroid Build Coastguard Worker} 157*6777b538SAndroid Build Coastguard Worker 158*6777b538SAndroid Build Coastguard Workerv8_fuzzer("script_parser_fuzzer") { 159*6777b538SAndroid Build Coastguard Worker v8_dep = "parser_fuzzer" 160*6777b538SAndroid Build Coastguard Worker dict = "dicts/generated/javascript.dict" 161*6777b538SAndroid Build Coastguard Worker seed_corpus = "//v8/test/mjsunit/regress/" 162*6777b538SAndroid Build Coastguard Worker libfuzzer_options = [ "only_ascii=1" ] 163*6777b538SAndroid Build Coastguard Worker} 164*6777b538SAndroid Build Coastguard Worker 165*6777b538SAndroid Build Coastguard Workerv8_inspector_fuzzer_corpus_dir = "$target_gen_dir/v8_inspector_fuzzer_corpus" 166*6777b538SAndroid Build Coastguard Worker 167*6777b538SAndroid Build Coastguard Workeraction("generate_v8_inspector_fuzzer_corpus") { 168*6777b538SAndroid Build Coastguard Worker script = "generate_v8_inspector_fuzzer_corpus.py" 169*6777b538SAndroid Build Coastguard Worker sources = [ "generate_v8_inspector_fuzzer_corpus.py" ] 170*6777b538SAndroid Build Coastguard Worker args = [ 171*6777b538SAndroid Build Coastguard Worker rebase_path("//v8/test/inspector/", root_build_dir), 172*6777b538SAndroid Build Coastguard Worker rebase_path(v8_inspector_fuzzer_corpus_dir, root_build_dir), 173*6777b538SAndroid Build Coastguard Worker ] 174*6777b538SAndroid Build Coastguard Worker outputs = [ v8_inspector_fuzzer_corpus_dir ] 175*6777b538SAndroid Build Coastguard Worker} 176*6777b538SAndroid Build Coastguard Worker 177*6777b538SAndroid Build Coastguard Workerv8_fuzzer("inspector_fuzzer") { 178*6777b538SAndroid Build Coastguard Worker dict = "dicts/generated/javascript.dict" 179*6777b538SAndroid Build Coastguard Worker seed_corpus = v8_inspector_fuzzer_corpus_dir 180*6777b538SAndroid Build Coastguard Worker seed_corpus_deps = [ ":generate_v8_inspector_fuzzer_corpus" ] 181*6777b538SAndroid Build Coastguard Worker 182*6777b538SAndroid Build Coastguard Worker # The fuzzer is able to handle any input, but since the input is interpreted 183*6777b538SAndroid Build Coastguard Worker # as JS code, restricting to ascii only will increase fuzzing efficiency. 184*6777b538SAndroid Build Coastguard Worker libfuzzer_options = [ "only_ascii=1" ] 185*6777b538SAndroid Build Coastguard Worker} 186*6777b538SAndroid Build Coastguard Worker 187*6777b538SAndroid Build Coastguard Workerv8_fuzzer("json_parser_fuzzer") { 188*6777b538SAndroid Build Coastguard Worker v8_dep = "json_fuzzer" 189*6777b538SAndroid Build Coastguard Worker dict = "dicts/json.dict" 190*6777b538SAndroid Build Coastguard Worker} 191*6777b538SAndroid Build Coastguard Worker 192*6777b538SAndroid Build Coastguard Workerv8_fuzzer("regexp_parser_fuzzer") { 193*6777b538SAndroid Build Coastguard Worker v8_dep = "regexp_fuzzer" 194*6777b538SAndroid Build Coastguard Worker dict = "dicts/regexp.dict" 195*6777b538SAndroid Build Coastguard Worker seed_corpus = "//v8/test/fuzzer/regexp/" 196*6777b538SAndroid Build Coastguard Worker libfuzzer_options = [ "max_len=64" ] 197*6777b538SAndroid Build Coastguard Worker} 198*6777b538SAndroid Build Coastguard Worker 199*6777b538SAndroid Build Coastguard Workerif (v8_enable_webassembly) { 200*6777b538SAndroid Build Coastguard Worker v8_fuzzer("multi_return_fuzzer") { 201*6777b538SAndroid Build Coastguard Worker } 202*6777b538SAndroid Build Coastguard Worker 203*6777b538SAndroid Build Coastguard Worker v8_fuzzer("wasm_code_fuzzer") { 204*6777b538SAndroid Build Coastguard Worker max_len = 500 205*6777b538SAndroid Build Coastguard Worker } 206*6777b538SAndroid Build Coastguard Worker 207*6777b538SAndroid Build Coastguard Worker v8_fuzzer("wasm_compile_all_fuzzer") { 208*6777b538SAndroid Build Coastguard Worker max_len = 500 209*6777b538SAndroid Build Coastguard Worker } 210*6777b538SAndroid Build Coastguard Worker 211*6777b538SAndroid Build Coastguard Worker v8_fuzzer("wasm_compile_fuzzer") { 212*6777b538SAndroid Build Coastguard Worker max_len = 500 213*6777b538SAndroid Build Coastguard Worker } 214*6777b538SAndroid Build Coastguard Worker 215*6777b538SAndroid Build Coastguard Worker v8_fuzzer("wasm_compile_simd_fuzzer") { 216*6777b538SAndroid Build Coastguard Worker max_len = 500 217*6777b538SAndroid Build Coastguard Worker } 218*6777b538SAndroid Build Coastguard Worker 219*6777b538SAndroid Build Coastguard Worker v8_fuzzer("wasm_compile_wasmgc_fuzzer") { 220*6777b538SAndroid Build Coastguard Worker max_len = 500 221*6777b538SAndroid Build Coastguard Worker } 222*6777b538SAndroid Build Coastguard Worker 223*6777b538SAndroid Build Coastguard Worker v8_fuzzer("wasm_fuzzer") { 224*6777b538SAndroid Build Coastguard Worker max_len = 500 225*6777b538SAndroid Build Coastguard Worker seed_corpus = "//v8/test/fuzzer/wasm_corpus/" 226*6777b538SAndroid Build Coastguard Worker } 227*6777b538SAndroid Build Coastguard Worker 228*6777b538SAndroid Build Coastguard Worker v8_fuzzer("wasm_async_fuzzer") { 229*6777b538SAndroid Build Coastguard Worker max_len = 500 230*6777b538SAndroid Build Coastguard Worker seed_corpus = "//v8/test/fuzzer/wasm_corpus/" 231*6777b538SAndroid Build Coastguard Worker } 232*6777b538SAndroid Build Coastguard Worker 233*6777b538SAndroid Build Coastguard Worker v8_fuzzer("wasm_streaming_fuzzer") { 234*6777b538SAndroid Build Coastguard Worker max_len = 500 235*6777b538SAndroid Build Coastguard Worker seed_corpus = "//v8/test/fuzzer/wasm_corpus/" 236*6777b538SAndroid Build Coastguard Worker } 237*6777b538SAndroid Build Coastguard Worker 238*6777b538SAndroid Build Coastguard Worker v8_fuzzer("wasm_init_expr_fuzzer") { 239*6777b538SAndroid Build Coastguard Worker max_len = 500 240*6777b538SAndroid Build Coastguard Worker } 241*6777b538SAndroid Build Coastguard Worker} 242*6777b538SAndroid Build Coastguard Worker 243*6777b538SAndroid Build Coastguard Workerfuzzer_test("convert_woff2ttf_fuzzer") { 244*6777b538SAndroid Build Coastguard Worker sources = [ "convert_woff2ttf_fuzzer.cc" ] 245*6777b538SAndroid Build Coastguard Worker deps = [ "//third_party/woff2:woff2_dec" ] 246*6777b538SAndroid Build Coastguard Worker seed_corpus = "//testing/libfuzzer/fuzzers/woff2_corpus" 247*6777b538SAndroid Build Coastguard Worker libfuzzer_options = [ "max_len=803500" ] 248*6777b538SAndroid Build Coastguard Worker} 249*6777b538SAndroid Build Coastguard Worker 250*6777b538SAndroid Build Coastguard Workerfuzzer_test("flatbuffers_verifier_fuzzer") { 251*6777b538SAndroid Build Coastguard Worker sources = [ "flatbuffers_verifier_fuzzer.cc" ] 252*6777b538SAndroid Build Coastguard Worker deps = [ 253*6777b538SAndroid Build Coastguard Worker "//third_party/flatbuffers", 254*6777b538SAndroid Build Coastguard Worker "//third_party/flatbuffers:flatbuffers_samplebuffer", 255*6777b538SAndroid Build Coastguard Worker ] 256*6777b538SAndroid Build Coastguard Worker libfuzzer_options = [ "max_len=1024" ] 257*6777b538SAndroid Build Coastguard Worker seed_corpus = "//testing/libfuzzer/fuzzers/flatbuffers_corpus" 258*6777b538SAndroid Build Coastguard Worker} 259*6777b538SAndroid Build Coastguard Worker 260*6777b538SAndroid Build Coastguard Workerfuzzer_test("skia_path_fuzzer") { 261*6777b538SAndroid Build Coastguard Worker sources = [ 262*6777b538SAndroid Build Coastguard Worker "skia_path_common.cc", 263*6777b538SAndroid Build Coastguard Worker "skia_path_common.h", 264*6777b538SAndroid Build Coastguard Worker "skia_path_fuzzer.cc", 265*6777b538SAndroid Build Coastguard Worker ] 266*6777b538SAndroid Build Coastguard Worker deps = [ 267*6777b538SAndroid Build Coastguard Worker "//base", 268*6777b538SAndroid Build Coastguard Worker "//skia", 269*6777b538SAndroid Build Coastguard Worker ] 270*6777b538SAndroid Build Coastguard Worker libfuzzer_options = [ "max_len=256" ] 271*6777b538SAndroid Build Coastguard Worker if (is_debug) { 272*6777b538SAndroid Build Coastguard Worker # Disabled due to crashing on SkASSERT (crbug.com/642750, crbug.com/643275). 273*6777b538SAndroid Build Coastguard Worker additional_configs = [ "//testing/libfuzzer:no_clusterfuzz" ] 274*6777b538SAndroid Build Coastguard Worker } 275*6777b538SAndroid Build Coastguard Worker} 276*6777b538SAndroid Build Coastguard Worker 277*6777b538SAndroid Build Coastguard Workerfuzzer_test("skia_pathop_fuzzer") { 278*6777b538SAndroid Build Coastguard Worker sources = [ 279*6777b538SAndroid Build Coastguard Worker "skia_path_common.cc", 280*6777b538SAndroid Build Coastguard Worker "skia_path_common.h", 281*6777b538SAndroid Build Coastguard Worker "skia_pathop_fuzzer.cc", 282*6777b538SAndroid Build Coastguard Worker ] 283*6777b538SAndroid Build Coastguard Worker deps = [ 284*6777b538SAndroid Build Coastguard Worker "//base", 285*6777b538SAndroid Build Coastguard Worker "//skia", 286*6777b538SAndroid Build Coastguard Worker ] 287*6777b538SAndroid Build Coastguard Worker libfuzzer_options = [ "max_len=512" ] 288*6777b538SAndroid Build Coastguard Worker if (is_debug) { 289*6777b538SAndroid Build Coastguard Worker # Disabled due to crashing on SkASSERT (crbug.com/642750, crbug.com/643275). 290*6777b538SAndroid Build Coastguard Worker additional_configs = [ "//testing/libfuzzer:no_clusterfuzz" ] 291*6777b538SAndroid Build Coastguard Worker } 292*6777b538SAndroid Build Coastguard Worker} 293*6777b538SAndroid Build Coastguard Worker 294*6777b538SAndroid Build Coastguard Workerfuzzer_test("prtime_fuzzer") { 295*6777b538SAndroid Build Coastguard Worker sources = [ "prtime_fuzzer.cc" ] 296*6777b538SAndroid Build Coastguard Worker deps = [ "//base" ] 297*6777b538SAndroid Build Coastguard Worker dict = "dicts/prtime.dict" 298*6777b538SAndroid Build Coastguard Worker libfuzzer_options = [ "max_len=1024" ] 299*6777b538SAndroid Build Coastguard Worker} 300*6777b538SAndroid Build Coastguard Worker 301*6777b538SAndroid Build Coastguard Workerfuzzer_test("angle_translator_fuzzer") { 302*6777b538SAndroid Build Coastguard Worker sources = [] 303*6777b538SAndroid Build Coastguard Worker deps = [ "//third_party/angle:translator_fuzzer" ] 304*6777b538SAndroid Build Coastguard Worker libfuzzer_options = [ "max_len=1000" ] 305*6777b538SAndroid Build Coastguard Worker dict = "dicts/webgl-glsl.dict" 306*6777b538SAndroid Build Coastguard Worker} 307*6777b538SAndroid Build Coastguard Worker 308*6777b538SAndroid Build Coastguard Workerfuzzer_test("sha1_fuzzer") { 309*6777b538SAndroid Build Coastguard Worker sources = [ "sha1_fuzzer.cc" ] 310*6777b538SAndroid Build Coastguard Worker deps = [ "//base" ] 311*6777b538SAndroid Build Coastguard Worker} 312*6777b538SAndroid Build Coastguard Worker 313*6777b538SAndroid Build Coastguard Workerfuzzer_test("hash_fuzzer") { 314*6777b538SAndroid Build Coastguard Worker sources = [ "hash_fuzzer.cc" ] 315*6777b538SAndroid Build Coastguard Worker deps = [ "//base" ] 316*6777b538SAndroid Build Coastguard Worker} 317*6777b538SAndroid Build Coastguard Worker 318*6777b538SAndroid Build Coastguard Workeraction("gen_javascript_parser_proto") { 319*6777b538SAndroid Build Coastguard Worker # Only targets in this file and the top-level visibility target can 320*6777b538SAndroid Build Coastguard Worker # depend on this. 321*6777b538SAndroid Build Coastguard Worker visibility = [ ":*" ] 322*6777b538SAndroid Build Coastguard Worker 323*6777b538SAndroid Build Coastguard Worker script = "generate_javascript_parser_proto.py" 324*6777b538SAndroid Build Coastguard Worker 325*6777b538SAndroid Build Coastguard Worker sources = [ "dicts/javascript_parser_proto.dict" ] 326*6777b538SAndroid Build Coastguard Worker 327*6777b538SAndroid Build Coastguard Worker outputs = [ 328*6777b538SAndroid Build Coastguard Worker "$target_gen_dir/javascript_parser.proto", 329*6777b538SAndroid Build Coastguard Worker "$target_gen_dir/javascript_parser_proto_to_string.cc", 330*6777b538SAndroid Build Coastguard Worker ] 331*6777b538SAndroid Build Coastguard Worker 332*6777b538SAndroid Build Coastguard Worker args = rebase_path(outputs, root_build_dir) + 333*6777b538SAndroid Build Coastguard Worker rebase_path(sources, root_build_dir) 334*6777b538SAndroid Build Coastguard Worker} 335*6777b538SAndroid Build Coastguard Worker 336*6777b538SAndroid Build Coastguard Workerproto_library("javascript_parser_proto") { 337*6777b538SAndroid Build Coastguard Worker sources = [ "$target_gen_dir/javascript_parser.proto" ] 338*6777b538SAndroid Build Coastguard Worker proto_deps = [ ":gen_javascript_parser_proto" ] 339*6777b538SAndroid Build Coastguard Worker proto_out_dir = "" 340*6777b538SAndroid Build Coastguard Worker} 341*6777b538SAndroid Build Coastguard Worker 342*6777b538SAndroid Build Coastguard Workerfuzzer_test("javascript_parser_proto_fuzzer") { 343*6777b538SAndroid Build Coastguard Worker generated_sources = [ "$target_gen_dir/javascript_parser_proto_to_string.cc" ] 344*6777b538SAndroid Build Coastguard Worker sources = [ 345*6777b538SAndroid Build Coastguard Worker "javascript_parser_proto_fuzzer.cc", 346*6777b538SAndroid Build Coastguard Worker "javascript_parser_proto_to_string.h", 347*6777b538SAndroid Build Coastguard Worker ] 348*6777b538SAndroid Build Coastguard Worker deps = [ 349*6777b538SAndroid Build Coastguard Worker ":gen_javascript_parser_proto", 350*6777b538SAndroid Build Coastguard Worker ":javascript_parser_proto", 351*6777b538SAndroid Build Coastguard Worker "//base", 352*6777b538SAndroid Build Coastguard Worker "//third_party/libprotobuf-mutator", 353*6777b538SAndroid Build Coastguard Worker "//v8:v8", 354*6777b538SAndroid Build Coastguard Worker "//v8:v8_libplatform", 355*6777b538SAndroid Build Coastguard Worker ] 356*6777b538SAndroid Build Coastguard Worker} 357*6777b538SAndroid Build Coastguard Worker 358*6777b538SAndroid Build Coastguard Workerfuzzer_test("v8_fully_instrumented_fuzzer") { 359*6777b538SAndroid Build Coastguard Worker sources = [ "v8_fuzzer.cc" ] 360*6777b538SAndroid Build Coastguard Worker deps = [ 361*6777b538SAndroid Build Coastguard Worker "//base", 362*6777b538SAndroid Build Coastguard Worker "//v8:v8", 363*6777b538SAndroid Build Coastguard Worker "//v8:v8_libplatform", 364*6777b538SAndroid Build Coastguard Worker ] 365*6777b538SAndroid Build Coastguard Worker dict = "dicts/generated/javascript.dict" 366*6777b538SAndroid Build Coastguard Worker asan_options = [ 367*6777b538SAndroid Build Coastguard Worker "allow_user_segv_handler=1", 368*6777b538SAndroid Build Coastguard Worker "handle_sigtrap=1", 369*6777b538SAndroid Build Coastguard Worker ] 370*6777b538SAndroid Build Coastguard Worker msan_options = [ "handle_sigtrap=1" ] 371*6777b538SAndroid Build Coastguard Worker ubsan_options = [ 372*6777b538SAndroid Build Coastguard Worker "handle_sigtrap=1", 373*6777b538SAndroid Build Coastguard Worker "handle_segv=1", 374*6777b538SAndroid Build Coastguard Worker ] 375*6777b538SAndroid Build Coastguard Worker libfuzzer_options = [ "only_ascii=1" ] 376*6777b538SAndroid Build Coastguard Worker} 377*6777b538SAndroid Build Coastguard Worker 378*6777b538SAndroid Build Coastguard Workerfuzzer_test("skia_image_filter_proto_fuzzer") { 379*6777b538SAndroid Build Coastguard Worker sources = [ "skia_image_filter_proto_fuzzer.cc" ] 380*6777b538SAndroid Build Coastguard Worker 381*6777b538SAndroid Build Coastguard Worker deps = [ 382*6777b538SAndroid Build Coastguard Worker "//base", 383*6777b538SAndroid Build Coastguard Worker "//base/test:test_support", 384*6777b538SAndroid Build Coastguard Worker "//skia", 385*6777b538SAndroid Build Coastguard Worker "//testing/libfuzzer/proto:skia_image_filter_converter", 386*6777b538SAndroid Build Coastguard Worker "//testing/libfuzzer/proto:skia_image_filter_proto", 387*6777b538SAndroid Build Coastguard Worker "//third_party/libprotobuf-mutator", 388*6777b538SAndroid Build Coastguard Worker ] 389*6777b538SAndroid Build Coastguard Worker} 390*6777b538SAndroid Build Coastguard Worker 391*6777b538SAndroid Build Coastguard Worker# We build the libyuv_scale_fuzzer both for fuzztest 392*6777b538SAndroid Build Coastguard Worker# and libfuzzer, for education/comparison purposes. 393*6777b538SAndroid Build Coastguard Worker# Abstract the common parts: 394*6777b538SAndroid Build Coastguard Workersource_set("libyuv_scale_fuzzer_common") { 395*6777b538SAndroid Build Coastguard Worker testonly = true 396*6777b538SAndroid Build Coastguard Worker sources = [ 397*6777b538SAndroid Build Coastguard Worker "libyuv_scale_fuzzer.cc", 398*6777b538SAndroid Build Coastguard Worker "libyuv_scale_fuzzer.h", 399*6777b538SAndroid Build Coastguard Worker ] 400*6777b538SAndroid Build Coastguard Worker 401*6777b538SAndroid Build Coastguard Worker public_deps = [ "//third_party/libyuv" ] 402*6777b538SAndroid Build Coastguard Worker} 403*6777b538SAndroid Build Coastguard Worker 404*6777b538SAndroid Build Coastguard Worker# The libfuzzer version (which also works with other compatible 405*6777b538SAndroid Build Coastguard Worker# frameworks, e.g. centipede) 406*6777b538SAndroid Build Coastguard Workerfuzzer_test("libyuv_scale_fuzzer") { 407*6777b538SAndroid Build Coastguard Worker sources = [ "libyuv_scale_fuzzer_libfuzzer.cc" ] 408*6777b538SAndroid Build Coastguard Worker deps = [ ":libyuv_scale_fuzzer_common" ] 409*6777b538SAndroid Build Coastguard Worker} 410*6777b538SAndroid Build Coastguard Worker 411*6777b538SAndroid Build Coastguard Worker# This is a fuzztest fuzzer, which (for now) means we build this as 412*6777b538SAndroid Build Coastguard Worker# a unit test rather than using a fuzzing gn template such as 413*6777b538SAndroid Build Coastguard Worker# fuzzer_test. 414*6777b538SAndroid Build Coastguard Worker# This executable can be run in four modes: 415*6777b538SAndroid Build Coastguard Worker# modes: 416*6777b538SAndroid Build Coastguard Worker# ./libyuv_scale_fuzzer - runs a small amount of fuzzing as if 417*6777b538SAndroid Build Coastguard Worker# to fit in with a unit test framework, just to look for 418*6777b538SAndroid Build Coastguard Worker# egregious bugs 419*6777b538SAndroid Build Coastguard Worker# With the enable_fuzztest_fuzz gn arg: 420*6777b538SAndroid Build Coastguard Worker# ./libyuv_scale_fuzzer -fuzz= - fuzzes properly. 421*6777b538SAndroid Build Coastguard Worker# With the use_centipede gn arg: 422*6777b538SAndroid Build Coastguard Worker# centipede --binary=libyuv_scale_fuzzer - fuzzes using centipede 423*6777b538SAndroid Build Coastguard Worker# With the use_libfuzzer gn arg: 424*6777b538SAndroid Build Coastguard Worker# ./libyuv_scale_fuzzer - runs in a libfuzzer-compatible way 425*6777b538SAndroid Build Coastguard Worker# Note that right now this is using the plain 'test' template. 426*6777b538SAndroid Build Coastguard Worker# In time, we may choose a different option here. 427*6777b538SAndroid Build Coastguard Workertest("libyuv_scale_fuzztest") { 428*6777b538SAndroid Build Coastguard Worker sources = [ "libyuv_scale_fuzztest.cc" ] 429*6777b538SAndroid Build Coastguard Worker fuzztests = [ "ScaleFuzz.ScaleDoesNotCrash" ] 430*6777b538SAndroid Build Coastguard Worker 431*6777b538SAndroid Build Coastguard Worker deps = [ 432*6777b538SAndroid Build Coastguard Worker ":libyuv_scale_fuzzer_common", 433*6777b538SAndroid Build Coastguard Worker "//third_party/fuzztest:fuzztest_gtest_main", 434*6777b538SAndroid Build Coastguard Worker ] 435*6777b538SAndroid Build Coastguard Worker} 436*6777b538SAndroid Build Coastguard Worker 437*6777b538SAndroid Build Coastguard Workerproto_library("command_buffer_lpm_fuzzer_proto") { 438*6777b538SAndroid Build Coastguard Worker sources = [ "command_buffer_lpm_fuzzer/cmd_buf_lpm_fuzz.proto" ] 439*6777b538SAndroid Build Coastguard Worker 440*6777b538SAndroid Build Coastguard Worker use_protobuf_full = true 441*6777b538SAndroid Build Coastguard Worker deps = [ "//third_party/protobuf:protobuf_full" ] 442*6777b538SAndroid Build Coastguard Worker} 443*6777b538SAndroid Build Coastguard Worker 444*6777b538SAndroid Build Coastguard Workerif (!is_win) { 445*6777b538SAndroid Build Coastguard Worker fuzzer_test("command_buffer_lpm_fuzzer") { 446*6777b538SAndroid Build Coastguard Worker sources = [ 447*6777b538SAndroid Build Coastguard Worker "command_buffer_lpm_fuzzer/cmd_buf_lpm_fuzz.cc", 448*6777b538SAndroid Build Coastguard Worker "command_buffer_lpm_fuzzer/cmd_buf_lpm_fuzz.h", 449*6777b538SAndroid Build Coastguard Worker "command_buffer_lpm_fuzzer/webgpu_support.cc", 450*6777b538SAndroid Build Coastguard Worker "command_buffer_lpm_fuzzer/webgpu_support.h", 451*6777b538SAndroid Build Coastguard Worker ] 452*6777b538SAndroid Build Coastguard Worker 453*6777b538SAndroid Build Coastguard Worker # This is a hack. These files should be pulled in as a result of the 454*6777b538SAndroid Build Coastguard Worker # dependency on //gpu:webgpu which has a public dependency on 455*6777b538SAndroid Build Coastguard Worker # //gpu/command_buffer/client:webgpu_sources, but for some reason these files 456*6777b538SAndroid Build Coastguard Worker # get dropped in component builds, so manually add them to the sources here. 457*6777b538SAndroid Build Coastguard Worker if (is_component_build) { 458*6777b538SAndroid Build Coastguard Worker sources += [ 459*6777b538SAndroid Build Coastguard Worker "//gpu/command_buffer/client/webgpu_implementation.cc", 460*6777b538SAndroid Build Coastguard Worker "//gpu/command_buffer/client/webgpu_implementation.h", 461*6777b538SAndroid Build Coastguard Worker ] 462*6777b538SAndroid Build Coastguard Worker 463*6777b538SAndroid Build Coastguard Worker if (use_dawn) { 464*6777b538SAndroid Build Coastguard Worker sources += [ 465*6777b538SAndroid Build Coastguard Worker "//gpu/command_buffer/client/dawn_client_memory_transfer_service.cc", 466*6777b538SAndroid Build Coastguard Worker "//gpu/command_buffer/client/dawn_client_memory_transfer_service.h", 467*6777b538SAndroid Build Coastguard Worker "//gpu/command_buffer/client/dawn_client_serializer.cc", 468*6777b538SAndroid Build Coastguard Worker "//gpu/command_buffer/client/dawn_client_serializer.h", 469*6777b538SAndroid Build Coastguard Worker ] 470*6777b538SAndroid Build Coastguard Worker } 471*6777b538SAndroid Build Coastguard Worker } 472*6777b538SAndroid Build Coastguard Worker 473*6777b538SAndroid Build Coastguard Worker deps = [ 474*6777b538SAndroid Build Coastguard Worker ":command_buffer_lpm_fuzzer_proto", 475*6777b538SAndroid Build Coastguard Worker "//base", 476*6777b538SAndroid Build Coastguard Worker "//base/test:test_support", 477*6777b538SAndroid Build Coastguard Worker "//build:chromeos_buildflags", 478*6777b538SAndroid Build Coastguard Worker "//components/viz/common:shared_image_format", 479*6777b538SAndroid Build Coastguard Worker "//components/viz/test:test_support", # TODO: huge; is there something 480*6777b538SAndroid Build Coastguard Worker # more 481*6777b538SAndroid Build Coastguard Worker 482*6777b538SAndroid Build Coastguard Worker # targeted? 483*6777b538SAndroid Build Coastguard Worker "//content/public/common:static_switches", 484*6777b538SAndroid Build Coastguard Worker "//gpu:gles2", 485*6777b538SAndroid Build Coastguard Worker "//gpu:gpu", 486*6777b538SAndroid Build Coastguard Worker "//gpu:test_support", 487*6777b538SAndroid Build Coastguard Worker "//gpu:webgpu", 488*6777b538SAndroid Build Coastguard Worker "//gpu/command_buffer/client", 489*6777b538SAndroid Build Coastguard Worker "//gpu/command_buffer/client:gles2_c_lib", 490*6777b538SAndroid Build Coastguard Worker "//gpu/command_buffer/client:gles2_implementation", 491*6777b538SAndroid Build Coastguard Worker "//gpu/command_buffer/common", 492*6777b538SAndroid Build Coastguard Worker "//gpu/command_buffer/common:gles2_utils", 493*6777b538SAndroid Build Coastguard Worker "//gpu/command_buffer/service", 494*6777b538SAndroid Build Coastguard Worker "//gpu/config", 495*6777b538SAndroid Build Coastguard Worker "//gpu/ipc:gl_in_process_context", 496*6777b538SAndroid Build Coastguard Worker "//gpu/ipc/client", 497*6777b538SAndroid Build Coastguard Worker "//gpu/ipc/common", 498*6777b538SAndroid Build Coastguard Worker "//gpu/ipc/host", 499*6777b538SAndroid Build Coastguard Worker "//gpu/ipc/service:service", 500*6777b538SAndroid Build Coastguard Worker "//gpu/webgpu:common", 501*6777b538SAndroid Build Coastguard Worker "//mojo/core/embedder", 502*6777b538SAndroid Build Coastguard Worker "//mojo/core/embedder", 503*6777b538SAndroid Build Coastguard Worker "//mojo/public/cpp/bindings", 504*6777b538SAndroid Build Coastguard Worker "//testing/gmock", 505*6777b538SAndroid Build Coastguard Worker "//testing/gtest:gtest", 506*6777b538SAndroid Build Coastguard Worker "//third_party/libprotobuf-mutator", 507*6777b538SAndroid Build Coastguard Worker "//ui/gfx:gfx", 508*6777b538SAndroid Build Coastguard Worker "//ui/gl:gl", 509*6777b538SAndroid Build Coastguard Worker "//ui/gl:test_support", 510*6777b538SAndroid Build Coastguard Worker "//ui/gl/init:init", 511*6777b538SAndroid Build Coastguard Worker "//url", 512*6777b538SAndroid Build Coastguard Worker ] 513*6777b538SAndroid Build Coastguard Worker 514*6777b538SAndroid Build Coastguard Worker if (use_dawn) { 515*6777b538SAndroid Build Coastguard Worker deps += [ 516*6777b538SAndroid Build Coastguard Worker "//third_party/dawn/src/dawn:cpp", 517*6777b538SAndroid Build Coastguard Worker "//third_party/dawn/src/dawn:proc", 518*6777b538SAndroid Build Coastguard Worker "//third_party/dawn/src/dawn/native", 519*6777b538SAndroid Build Coastguard Worker ] 520*6777b538SAndroid Build Coastguard Worker } 521*6777b538SAndroid Build Coastguard Worker 522*6777b538SAndroid Build Coastguard Worker libfuzzer_options = [ "max_len=16384" ] 523*6777b538SAndroid Build Coastguard Worker } 524*6777b538SAndroid Build Coastguard Worker} 525