From 1870a48d5f5fb38dd561fb6e26323c1396acfdff Mon Sep 17 00:00:00 2001 From: Ryan Harrison Date: Wed, 13 Jan 2021 15:50:11 +0000 Subject: [PATCH] Add fuzzer for Inspector BUG=tint:445 Change-Id: Ic342c7e83827bcc57bfd134dec92b03cb9708a70 Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/37540 Auto-Submit: Ryan Harrison Reviewed-by: dan sinclair Commit-Queue: Ryan Harrison --- BUILD.gn | 5 ++ fuzzers/CMakeLists.txt | 1 + fuzzers/tint_common_fuzzer.cc | 88 +++++++++++++++++++++++++++++------ fuzzers/tint_common_fuzzer.h | 2 + 4 files changed, 83 insertions(+), 13 deletions(-) diff --git a/BUILD.gn b/BUILD.gn index 6c0c5f5b62..d51ecb4869 100644 --- a/BUILD.gn +++ b/BUILD.gn @@ -1366,6 +1366,11 @@ if (build_with_chromium) { sources = [ "fuzzers/tint_first_index_offset_fuzzer.cc" ] deps = [ ":tint_fuzzer_common" ] } + + fuzzer_test("tint_inspector_fuzzer") { + sources = [ "fuzzers/tint_inspector_fuzzer.cc" ] + deps = [ ":tint_fuzzer_common" ] + } } if (tint_build_wgsl_reader && tint_build_hlsl_writer) { diff --git a/fuzzers/CMakeLists.txt b/fuzzers/CMakeLists.txt index 50b43a1e32..e462db260a 100644 --- a/fuzzers/CMakeLists.txt +++ b/fuzzers/CMakeLists.txt @@ -34,6 +34,7 @@ if ({$TINT_BUILD_WGSL_READER} AND ${TINT_BUILD_SPV_WRITER}) add_tint_fuzzer(tint_bound_array_accessors_fuzzer) add_tint_fuzzer(tint_emit_vertex_point_size_fuzzer) add_tint_fuzzer(tint_first_index_offset_fuzzer) + add_tint_fuzzer(tint_inspector_fuzzer) add_tint_fuzzer(tint_wgsl_reader_spv_writer_fuzzer) endif() diff --git a/fuzzers/tint_common_fuzzer.cc b/fuzzers/tint_common_fuzzer.cc index a43ac9af20..b47a8a086a 100644 --- a/fuzzers/tint_common_fuzzer.cc +++ b/fuzzers/tint_common_fuzzer.cc @@ -23,13 +23,13 @@ namespace tint { namespace fuzzers { CommonFuzzer::CommonFuzzer(InputFormat input, OutputFormat output) - : input_(input), output_(output) {} + : input_(input), output_(output), inspector_enabled_(false) {} CommonFuzzer::~CommonFuzzer() = default; int CommonFuzzer::Run(const uint8_t* data, size_t size) { - std::unique_ptr parser; + std::unique_ptr parser; #if TINT_BUILD_WGSL_READER - std::unique_ptr file; + std::unique_ptr file; #endif // TINT_BUILD_WGSL_READER switch (input_) { @@ -38,8 +38,8 @@ int CommonFuzzer::Run(const uint8_t* data, size_t size) { { std::string str(reinterpret_cast(data), size); - file = std::make_unique("test.wgsl", str); - parser = std::make_unique(file.get()); + file = std::make_unique("test.wgsl", str); + parser = std::make_unique(file.get()); } #endif // TINT_BUILD_WGSL_READER break; @@ -51,7 +51,7 @@ int CommonFuzzer::Run(const uint8_t* data, size_t size) { std::vector input(u32Data, u32Data + sizeInU32); if (input.size() != 0) { - parser = std::make_unique(input); + parser = std::make_unique(input); } } #endif // TINT_BUILD_WGSL_READER @@ -77,16 +77,78 @@ int CommonFuzzer::Run(const uint8_t* data, size_t size) { return 0; } - tint::TypeDeterminer td(&mod); + TypeDeterminer td(&mod); if (!td.Determine()) { return 0; } - tint::Validator v; + Validator v; if (!v.Validate(&mod)) { return 0; } + if (inspector_enabled_) { + inspector::Inspector inspector(mod); + + auto entry_points = inspector.GetEntryPoints(); + if (inspector.has_error()) { + return 0; + } + + for (auto& ep : entry_points) { + auto remapped_name = inspector.GetRemappedNameForEntryPoint(ep.name); + if (inspector.has_error()) { + return 0; + } + + auto constant_ids = inspector.GetConstantIDs(); + if (inspector.has_error()) { + return 0; + } + + auto uniform_bindings = + inspector.GetUniformBufferResourceBindings(ep.name); + if (inspector.has_error()) { + return 0; + } + + auto storage_bindings = + inspector.GetStorageBufferResourceBindings(ep.name); + if (inspector.has_error()) { + return 0; + } + + auto readonly_bindings = + inspector.GetReadOnlyStorageBufferResourceBindings(ep.name); + if (inspector.has_error()) { + return 0; + } + + auto sampler_bindings = inspector.GetSamplerResourceBindings(ep.name); + if (inspector.has_error()) { + return 0; + } + + auto comparison_sampler_bindings = + inspector.GetComparisonSamplerResourceBindings(ep.name); + if (inspector.has_error()) { + return 0; + } + + auto sampled_texture_bindings = + inspector.GetSampledTextureResourceBindings(ep.name); + if (inspector.has_error()) { + return 0; + } + + auto multisampled_texture_bindings = + inspector.GetMultisampledTextureResourceBindings(ep.name); + if (inspector.has_error()) { + return 0; + } + } + } + if (transform_manager_) { auto out = transform_manager_->Run(&mod); if (out.diagnostics.contains_errors()) { @@ -96,27 +158,27 @@ int CommonFuzzer::Run(const uint8_t* data, size_t size) { mod = std::move(out.module); } - std::unique_ptr writer; + std::unique_ptr writer; switch (output_) { case OutputFormat::kWGSL: #if TINT_BUILD_WGSL_WRITER - writer = std::make_unique(std::move(mod)); + writer = std::make_unique(std::move(mod)); #endif // TINT_BUILD_WGSL_WRITER break; case OutputFormat::kSpv: #if TINT_BUILD_SPV_WRITER - writer = std::make_unique(std::move(mod)); + writer = std::make_unique(std::move(mod)); #endif // TINT_BUILD_SPV_WRITER break; case OutputFormat::kHLSL: #if TINT_BUILD_HLSL_WRITER - writer = std::make_unique(std::move(mod)); + writer = std::make_unique(std::move(mod)); #endif // TINT_BUILD_HLSL_WRITER break; case OutputFormat::kMSL: #if TINT_BUILD_MSL_WRITER - writer = std::make_unique(std::move(mod)); + writer = std::make_unique(std::move(mod)); #endif // TINT_BUILD_MSL_WRITER break; case OutputFormat::kNone: diff --git a/fuzzers/tint_common_fuzzer.h b/fuzzers/tint_common_fuzzer.h index 346132d581..5f2bcffc85 100644 --- a/fuzzers/tint_common_fuzzer.h +++ b/fuzzers/tint_common_fuzzer.h @@ -30,6 +30,7 @@ class CommonFuzzer { ~CommonFuzzer(); void SetTransformManager(transform::Manager* tm) { transform_manager_ = tm; } + void EnableInspector() { inspector_enabled_ = true; } int Run(const uint8_t* data, size_t size); @@ -37,6 +38,7 @@ class CommonFuzzer { InputFormat input_; OutputFormat output_; transform::Manager* transform_manager_; + bool inspector_enabled_; }; } // namespace fuzzers