Add fuzzing for transform::Hlsl
BUG=tint:722
Change-Id: Iaf107077a596dd607c2f785d8787177279e0bcef
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/49461
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Auto-Submit: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Ben Clayton <bclayton@google.com>
diff --git a/fuzzers/BUILD.gn b/fuzzers/BUILD.gn
index 9f00ed3..890507a 100644
--- a/fuzzers/BUILD.gn
+++ b/fuzzers/BUILD.gn
@@ -94,6 +94,11 @@
}
if (tint_build_wgsl_reader && tint_build_hlsl_writer) {
+ fuzzer_test("tint_hlsl_transform_fuzzer") {
+ sources = [ "tint_hlsl_transform_fuzzer.cc" ]
+ deps = [ ":tint_fuzzer_common" ]
+ }
+
fuzzer_test("tint_wgsl_reader_hlsl_writer_fuzzer") {
sources = [ "tint_wgsl_reader_hlsl_writer_fuzzer.cc" ]
deps = [ ":tint_fuzzer_common" ]
@@ -172,7 +177,10 @@
]
}
if (tint_build_wgsl_reader && tint_build_hlsl_writer) {
- deps += [ ":tint_wgsl_reader_hlsl_writer_fuzzer" ]
+ deps += [
+ ":tint_hlsl_transform_fuzzer",
+ ":tint_wgsl_reader_hlsl_writer_fuzzer",
+ ]
}
if (tint_build_wgsl_reader && tint_build_msl_writer) {
deps += [ ":tint_wgsl_reader_msl_writer_fuzzer" ]
diff --git a/fuzzers/CMakeLists.txt b/fuzzers/CMakeLists.txt
index f0c617d..08086e0 100644
--- a/fuzzers/CMakeLists.txt
+++ b/fuzzers/CMakeLists.txt
@@ -41,6 +41,7 @@
if (${TINT_BUILD_WGSL_READER} AND ${TINT_BUILD_HLSL_WRITER})
add_tint_fuzzer(tint_wgsl_reader_hlsl_writer_fuzzer)
+ add_tint_fuzzer(tint_hlsl_transform_fuzzer)
endif()
if (${TINT_BUILD_WGSL_READER} AND ${TINT_BUILD_MSL_WRITER})
diff --git a/fuzzers/tint_all_transforms_fuzzer.cc b/fuzzers/tint_all_transforms_fuzzer.cc
index 95b130f..5efe17b 100644
--- a/fuzzers/tint_all_transforms_fuzzer.cc
+++ b/fuzzers/tint_all_transforms_fuzzer.cc
@@ -17,29 +17,70 @@
namespace tint {
namespace fuzzers {
-extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
- transform::Manager transform_manager;
- transform::DataMap transform_inputs;
+struct Config {
+ const uint8_t* data;
+ size_t size;
+ transform::Manager manager;
+ transform::DataMap inputs;
+};
- if (!ExtractFirstIndexOffsetInputs(&data, &size, &transform_inputs)) {
- return 0;
+bool AddPlatformIndependentPasses(Config* config) {
+ if (!ExtractFirstIndexOffsetInputs(&config->data, &config->size,
+ &config->inputs)) {
+ return false;
}
- if (!ExtractBindingRemapperInputs(&data, &size, &transform_inputs)) {
- return 0;
+ if (!ExtractBindingRemapperInputs(&config->data, &config->size,
+ &config->inputs)) {
+ return false;
}
- transform_manager.Add<transform::BoundArrayAccessors>();
- transform_manager
+ config->manager.Add<transform::BoundArrayAccessors>();
+ config->manager
.Add<transform::EmitVertexPointSize>(); // TODO(tint:753): Remove once
// transform used by sanitizers
- transform_manager.Add<transform::FirstIndexOffset>();
- transform_manager.Add<transform::BindingRemapper>();
+ config->manager.Add<transform::FirstIndexOffset>();
+ config->manager.Add<transform::BindingRemapper>();
- fuzzers::CommonFuzzer fuzzer(InputFormat::kWGSL, OutputFormat::kSpv);
- fuzzer.SetTransformManager(&transform_manager, std::move(transform_inputs));
+ return true;
+}
- return fuzzer.Run(data, size);
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
+ {
+ Config config;
+ config.data = data;
+ config.size = size;
+
+ if (!AddPlatformIndependentPasses(&config)) {
+ return 0;
+ }
+
+ fuzzers::CommonFuzzer fuzzer(InputFormat::kWGSL, OutputFormat::kSpv);
+ fuzzer.SetTransformManager(&(config.manager), std::move(config.inputs));
+
+ fuzzer.Run(config.data, config.size);
+ }
+
+#if TINT_BUILD_HLSL_WRITER
+ {
+ Config config;
+ config.data = data;
+ config.size = size;
+
+ if (!AddPlatformIndependentPasses(&config)) {
+ return 0;
+ }
+
+ config.manager.Add<transform::Hlsl>();
+
+ fuzzers::CommonFuzzer fuzzer(InputFormat::kWGSL, OutputFormat::kHLSL);
+ fuzzer.SetTransformManager(&config.manager, std::move(config.inputs));
+
+ fuzzer.Run(config.data, config.size);
+ }
+#endif // TINT_BUILD_HLSL_WRITER
+
+ return 0;
}
} // namespace fuzzers
diff --git a/fuzzers/tint_hlsl_transform_fuzzer.cc b/fuzzers/tint_hlsl_transform_fuzzer.cc
new file mode 100644
index 0000000..6950f87
--- /dev/null
+++ b/fuzzers/tint_hlsl_transform_fuzzer.cc
@@ -0,0 +1,31 @@
+// Copyright 2021 The Tint Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include "fuzzers/tint_common_fuzzer.h"
+
+namespace tint {
+namespace fuzzers {
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
+ transform::Manager transform_manager;
+ transform_manager.Add<transform::Hlsl>();
+
+ fuzzers::CommonFuzzer fuzzer(InputFormat::kWGSL, OutputFormat::kHLSL);
+ fuzzer.SetTransformManager(&transform_manager, {});
+
+ return fuzzer.Run(data, size);
+}
+
+} // namespace fuzzers
+} // namespace tint
