From b67d0494b5d444ef8939c61a27f6d30d212977bf Mon Sep 17 00:00:00 2001 From: Ryan Harrison Date: Thu, 29 Apr 2021 20:06:25 +0000 Subject: [PATCH] Add fuzzing for transform::Msl BUG=tint:722 Change-Id: I1d1ceb9770a2a071522b0eb11521041d23dc1c84 Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/49462 Commit-Queue: Ryan Harrison Auto-Submit: Ryan Harrison Reviewed-by: Ben Clayton --- fuzzers/BUILD.gn | 10 ++++++++- fuzzers/CMakeLists.txt | 1 + fuzzers/tint_all_transforms_fuzzer.cc | 19 ++++++++++++++++ fuzzers/tint_msl_transform_fuzzer.cc | 31 +++++++++++++++++++++++++++ 4 files changed, 60 insertions(+), 1 deletion(-) create mode 100644 fuzzers/tint_msl_transform_fuzzer.cc diff --git a/fuzzers/BUILD.gn b/fuzzers/BUILD.gn index 890507a131..e42be8aa6b 100644 --- a/fuzzers/BUILD.gn +++ b/fuzzers/BUILD.gn @@ -106,6 +106,11 @@ if (build_with_chromium) { } if (tint_build_wgsl_reader && tint_build_msl_writer) { + fuzzer_test("tint_msl_transform_fuzzer") { + sources = [ "tint_msl_transform_fuzzer.cc" ] + deps = [ ":tint_fuzzer_common" ] + } + fuzzer_test("tint_wgsl_reader_msl_writer_fuzzer") { sources = [ "tint_wgsl_reader_msl_writer_fuzzer.cc" ] deps = [ ":tint_fuzzer_common" ] @@ -183,7 +188,10 @@ if (build_with_chromium) { ] } if (tint_build_wgsl_reader && tint_build_msl_writer) { - deps += [ ":tint_wgsl_reader_msl_writer_fuzzer" ] + deps += [ + ":tint_msl_transform_fuzzer", + ":tint_wgsl_reader_msl_writer_fuzzer", + ] } if (tint_build_spv_reader) { deps += [ ":tint_spv_reader_fuzzer" ] diff --git a/fuzzers/CMakeLists.txt b/fuzzers/CMakeLists.txt index 08086e0f64..78958decf3 100644 --- a/fuzzers/CMakeLists.txt +++ b/fuzzers/CMakeLists.txt @@ -46,6 +46,7 @@ endif() if (${TINT_BUILD_WGSL_READER} AND ${TINT_BUILD_MSL_WRITER}) add_tint_fuzzer(tint_wgsl_reader_msl_writer_fuzzer) + add_tint_fuzzer(tint_msl_transform_fuzzer) endif() if (${TINT_BUILD_SPV_READER}) diff --git a/fuzzers/tint_all_transforms_fuzzer.cc b/fuzzers/tint_all_transforms_fuzzer.cc index 5efe17b09f..d524610f90 100644 --- a/fuzzers/tint_all_transforms_fuzzer.cc +++ b/fuzzers/tint_all_transforms_fuzzer.cc @@ -80,6 +80,25 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { } #endif // TINT_BUILD_HLSL_WRITER +#if TINT_BUILD_MSL_WRITER + { + Config config; + config.data = data; + config.size = size; + + if (!AddPlatformIndependentPasses(&config)) { + return 0; + } + + config.manager.Add(); + + fuzzers::CommonFuzzer fuzzer(InputFormat::kWGSL, OutputFormat::kMSL); + fuzzer.SetTransformManager(&config.manager, std::move(config.inputs)); + + fuzzer.Run(config.data, config.size); + } +#endif // TINT_BUILD_MSL_WRITER + return 0; } diff --git a/fuzzers/tint_msl_transform_fuzzer.cc b/fuzzers/tint_msl_transform_fuzzer.cc new file mode 100644 index 0000000000..250dfbef4b --- /dev/null +++ b/fuzzers/tint_msl_transform_fuzzer.cc @@ -0,0 +1,31 @@ +// Copyright 2021 The Tint Authors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#include "fuzzers/tint_common_fuzzer.h" + +namespace tint { +namespace fuzzers { + +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { + transform::Manager transform_manager; + transform_manager.Add(); + + fuzzers::CommonFuzzer fuzzer(InputFormat::kWGSL, OutputFormat::kMSL); + fuzzer.SetTransformManager(&transform_manager, {}); + + return fuzzer.Run(data, size); +} + +} // namespace fuzzers +} // namespace tint