anki-3d-engine/ThirdParty/SpirvTools/test/fuzzers/spvtools_opt_fuzzer_common.cpp

// Copyright (c) 2021 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

#include "test/fuzzers/spvtools_opt_fuzzer_common.h"

#include "source/opt/build_module.h"
#include "test/fuzzers/random_generator.h"

namespace spvtools {
namespace fuzzers {

int OptFuzzerTestOneInput(
    const uint8_t* data, size_t size,
    const std::function<void(spvtools::Optimizer&)>& register_passes) {
  if (size < 1) {
    return 0;
  }

  spvtools::fuzzers::RandomGenerator random_gen(data, size);
  auto target_env = random_gen.GetTargetEnv();
  spvtools::Optimizer optimizer(target_env);
  optimizer.SetMessageConsumer([](spv_message_level_t, const char*,
                                  const spv_position_t&, const char*) {});

  std::vector<uint32_t> input;
  input.resize(size >> 2);

  size_t count = 0;
  for (size_t i = 0; (i + 3) < size; i += 4) {
    input[count++] = data[i] | (data[i + 1] << 8) | (data[i + 2] << 16) |
                     (data[i + 3]) << 24;
  }

  // The largest possible id bound is used when running the optimizer, to avoid
  // the problem of id overflows.
  const size_t kFinalIdLimit = UINT32_MAX;

  // The input is scanned to check that it does not already use an id too close
  // to this limit. This still gives the optimizer a large set of ids to
  // consume. It is thus very unlikely that id overflow will occur during
  // fuzzing. If it does, then the initial id limit should be decreased.
  const size_t kInitialIdLimit = kFinalIdLimit - 1000000U;

  // Build the module and scan it to check that all used ids are below the
  // initial limit.
  auto ir_context =
      spvtools::BuildModule(target_env, nullptr, input.data(), input.size());
  if (ir_context == nullptr) {
    // It was not possible to build a valid module; that's OK - skip this input.
    return 0;
  }
  if (ir_context->module()->id_bound() >= kInitialIdLimit) {
    // The input already has a very large id bound. The input is thus abandoned,
    // to avoid the possibility of ending up hitting the id bound limit.
    return 0;
  }

  // Set the optimizer and its validator up with the largest possible id bound
  // limit.
  spvtools::ValidatorOptions validator_options;
  spvtools::OptimizerOptions optimizer_options;
  optimizer_options.set_max_id_bound(kFinalIdLimit);
  validator_options.SetUniversalLimit(spv_validator_limit_max_id_bound,
                                      kFinalIdLimit);
  optimizer_options.set_validator_options(validator_options);
  register_passes(optimizer);
  optimizer.Run(input.data(), input.size(), &input, optimizer_options);

  return 0;
}

}  // namespace fuzzers
}  // namespace spvtools