The gen_snapshots.py tool is used to copy an input gen_snapshot to an
output path with an architecture-specific suffix. For example, to copy
gen_snapshot to gen_snapshot_arm64. Bitcode segments, if any, are
stripped.
This moves the input/output filename hardcoding into the BUILD.gn file
and generalises the logic to simply copy an input binary to an output
path with bitcode segments stripped. Since the tool is no longer
gen_snapshot specific, we rename it from gen_snapshots.py to
strip_bitcode.py.
This also renames the generalised `macos_gen_snapshots` rule to
`strip_bitcode`.
Since we're working on removing bitcode support from the engine, this
script will eventually serve no purpose other than to copy the input
binary to an output path, at which point this script, and the associated
`strip_bitcode` template in `//flutter/sky/tools/macos_tools.gni` can be
removed.
Along with the TODO, renaming the script and the rule help ensure we'll
spot this and remove it when bitcode support is removed from the engine.
Finally, this fixes a dependency issue in the target
//flutter/lib/snapshot:create_macos_gen_snapshots. Previously, it
dependended on ":generate_snapshot_bin", but in fact, the only file it
touches is gen_snapshot. This was built transitively as part of the
":generate_snapshot_bin" target, but is now depended on directly.
This is pre-factoring for merging the iOS and macOS gen_snapshot
creation build rules in `flutter/lib/snapshot/BUILD.gn`.
Issue: https://github.com/flutter/flutter/issues/103386
Issue: https://github.com/flutter/flutter/issues/101138
Issue: https://github.com/flutter/flutter/issues/107884
* initial flatten deps scan
* move 3rd party scan to separate action
* allow fork to run
* install requests
* use packages
* pip install
* rename
* conditional vuln report
* trailing whitespace
* trailing whitespace
* detailed print
* add testing file
* add upload test sarif
* results sarif
* move sarif
* upload modified sarif
* test flow
* test with results.sarif
* formatting
* test naming convention
* description with text in artifactLocation
* don't use locations
* use template sarif
* just use template
* add one field mod
* add another field mod
* use actual osvReport
* add field
* add field
* test
* no information uri
* no information uri
* add name
* template NA data for results
* back to minimal template
* dynamic rules
* template update
* no results
* only use template
* test
* new test
* new test
* add back locations
* descriptive fields
* test
* use package name
* variable commit hash
* add chromium accessibility readme support
* use batch query test
* clean up
* use variables for sarif template
* initial automating ancestor commit
* allow for workflow on testing
* install gitpython in workflow
* wrap in try
* expand try
* check commit is not none
* quiet clone
* fix commit newline
* proper print for failed deps
* remove gitpython
* remove import
* fix origin source
* remove .dart from dep names
* update dep
* typo
* update
* clone into controlled name repo now
* fix github upstream clone url
* test CVE finding
* use templated rule and result
* typo
* remove test CVE
* add link straight to OSV DB
* comments
* use os mkdir
* check time of pinned commit
* quiet git
* print osv api query results if vulns found
* move upstream mapping into DEPS file
* add testing for DEPS file
* add khronos exception
* add basic ancestor commit test
* no vulns message
* do not produce empty sarif
* add yaml
* remove unused python dep
* no change?
* no more print, causing recipe issues
* string test
* string test
* no more fstrings
* convert to .format
* syntax
* remove unused dep
* test
* switch test script
* no encoding
* add back test
* typo
* remove scan flat deps tests again
* update
* fix tests
* typo
* newline
* use checkout dir
* prefix
* update to use prefix
* lint
* runhook attempt
* lint
* lint
* lint
* lint
* no license blurb
* cleanup
* enable for main
* do not raise error
* run on branch
* data indentation
* check file existence
create_macos_gen_snapshots.py uses `xcrun bitcode_strip` to copy
gen_snapshot from its build directory to a suffixed gen_snapshot_arm64
or gen_snapshot_armv7, while stripping the bitcode segment, if any.
This simplifies the python invocation to use subprocess.check_call, and
also guarantees the process exits with failure in such a situation --
we weren't checking the return value of generate_gen_snapshot.
This is cleanup for issues encountered while working on merging
macOS/iOS gen_snapshot tooling.
Issue: https://github.com/flutter/flutter/issues/103386
Issue: https://github.com/flutter/flutter/issues/101138
Cleans up the logic for building gen_snapshot for macOS hosts. Also adds
a bit more documentation to the snapshot-related build targets.
Previously:
* gen_snapshot targeting macOS (on both x64, and arm64) were generated
via the `create_macos_gen_snapshots` target.
* gen_snapshot arm/arm64 builds (on a macOS host) were generated via the
`create_arm_gen_snapshot` target. The reason why this covers only
arm/arm64 is simply that those are the only platforms we generate
iOS/Android AOT builds for. x64 iOS implies a simulator build, but we
only support debug builds for the iOS simulator, which aren't AOT
builds, and thus don't require gen_snapshot.
These two conditions overlap in the case of arm64 (but not x64) target
builds. This separates the two cases cleanly. A later patch will merge
the two cases to use a single tool.
Note that NEITHER of these two scenarios mentions builds for macOS hosts
targeting Fuchsia. That's because this target is never invoked during
Fuchsia target builds. See:
75d2baf5fe/BUILD.gn (L93-L95)
Issue: https://github.com/flutter/flutter/issues/103386
Issue: https://github.com/flutter/flutter/issues/101138
Currently, the hit-region is size FLT_MAX which is susceptible to
numerical overflow when rotating or translating (or any other
modification to the value).
