spirv-tools fuzzers: Avoid passing target backend

Changes the spirv-tools fuzzer targets so that the target back-end
language (HLSL, MSL, SPIR-V or WGSL) is no longer passed as a command
line argument, but instead baked into the fuzzer's binary. This avoids
a problem whereby an OSS-Fuzz bug reproducer does not use the required
back-end command line argument.

Change-Id: I69970dfa7f133f8e310ec063c9b6869bd774e7d3
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63343
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Alastair Donaldson <afdx@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
This commit is contained in:
Alastair Donaldson 2021-09-21 16:41:58 +00:00 committed by Tint LUCI CQ
parent 0118b964f3
commit 4d18c6b7c5
8 changed files with 218 additions and 5 deletions

View File

@ -28,6 +28,7 @@ set(FUZZER_SOURCES ${FUZZER_SOURCES}
cli.h
mutator.h
mutator_cache.h
override_cli_params.h
spirv_fuzz_mutator.h
spirv_opt_mutator.h
spirv_reduce_mutator.h
@ -57,10 +58,22 @@ function(configure_spirv_tools_fuzzer_target NAME SOURCES)
${spirv-tools_BINARY_DIR})
endfunction()
configure_spirv_tools_fuzzer_target(tint_spirv_tools_fuzzer "${FUZZER_SOURCES}")
target_compile_definitions(tint_spirv_tools_fuzzer PUBLIC CUSTOM_MUTATOR)
target_compile_definitions(tint_spirv_tools_fuzzer PRIVATE TARGET_FUZZER)
target_link_libraries(tint_spirv_tools_fuzzer libtint-fuzz)
function(add_tint_spirv_tools_fuzzer NAME)
set(FUZZER_TARGET_SOURCES ${NAME}.cc ${FUZZER_SOURCES})
configure_spirv_tools_fuzzer_target(${NAME} "${FUZZER_TARGET_SOURCES}")
target_link_libraries(${NAME} libtint-fuzz)
target_compile_definitions(tint_spirv_tools_fuzzer PUBLIC CUSTOM_MUTATOR)
target_compile_definitions(tint_spirv_tools_fuzzer PRIVATE TARGET_FUZZER)
endfunction()
# Add libfuzzer targets.
# Targets back-ends according to command line arguments.
add_tint_spirv_tools_fuzzer(tint_spirv_tools_fuzzer)
# Targets back-ends individually.
add_tint_spirv_tools_fuzzer(tint_spirv_tools_hlsl_writer_fuzzer)
add_tint_spirv_tools_fuzzer(tint_spirv_tools_msl_writer_fuzzer)
add_tint_spirv_tools_fuzzer(tint_spirv_tools_spv_writer_fuzzer)
add_tint_spirv_tools_fuzzer(tint_spirv_tools_wgsl_writer_fuzzer)
set(DEBUGGER_SOURCES
../random_generator.cc

View File

@ -21,6 +21,7 @@
#include "fuzzers/tint_common_fuzzer.h"
#include "fuzzers/tint_spirv_tools_fuzzer/cli.h"
#include "fuzzers/tint_spirv_tools_fuzzer/mutator_cache.h"
#include "fuzzers/tint_spirv_tools_fuzzer/override_cli_params.h"
#include "fuzzers/tint_spirv_tools_fuzzer/spirv_fuzz_mutator.h"
#include "fuzzers/tint_spirv_tools_fuzzer/spirv_opt_mutator.h"
#include "fuzzers/tint_spirv_tools_fuzzer/spirv_reduce_mutator.h"
@ -33,7 +34,7 @@ namespace spvtools_fuzzer {
namespace {
struct Context {
const FuzzerCliParams params;
FuzzerCliParams params;
std::unique_ptr<MutatorCache> mutator_cache;
};
@ -46,6 +47,7 @@ extern "C" int LLVMFuzzerInitialize(int* argc, char*** argv) {
? std::make_unique<MutatorCache>(params.mutator_cache_size)
: nullptr;
context = new Context{std::move(params), std::move(mutator_cache)};
OverrideCliParams(context->params);
return 0;
}

View File

@ -0,0 +1,36 @@
// Copyright 2021 The Tint Authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef FUZZERS_TINT_SPIRV_TOOLS_FUZZER_OVERRIDE_CLI_PARAMS_H_
#define FUZZERS_TINT_SPIRV_TOOLS_FUZZER_OVERRIDE_CLI_PARAMS_H_
#include "fuzzers/tint_spirv_tools_fuzzer/cli.h"
namespace tint {
namespace fuzzers {
namespace spvtools_fuzzer {
/// @brief Allows CLI parameters to be overridden.
///
/// This function allows fuzz targets to override particular CLI parameters,
/// for example forcing a particular back-end to be targeted.
///
/// @param cli_params - the parsed CLI parameters to be updated.
void OverrideCliParams(FuzzerCliParams& cli_params);
} // namespace spvtools_fuzzer
} // namespace fuzzers
} // namespace tint
#endif // FUZZERS_TINT_SPIRV_TOOLS_FUZZER_OVERRIDE_CLI_PARAMS_H_

View File

@ -0,0 +1,30 @@
// Copyright 2021 The Tint Authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#include <cassert>
#include "fuzzers/tint_spirv_tools_fuzzer/cli.h"
#include "fuzzers/tint_spirv_tools_fuzzer/override_cli_params.h"
namespace tint {
namespace fuzzers {
namespace spvtools_fuzzer {
void OverrideCliParams(FuzzerCliParams& /*unused*/) {
// Leave the CLI parameters unchanged.
}
} // namespace spvtools_fuzzer
} // namespace fuzzers
} // namespace tint

View File

@ -0,0 +1,33 @@
// Copyright 2021 The Tint Authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#include <cassert>
#include "fuzzers/tint_spirv_tools_fuzzer/cli.h"
#include "fuzzers/tint_spirv_tools_fuzzer/override_cli_params.h"
namespace tint {
namespace fuzzers {
namespace spvtools_fuzzer {
void OverrideCliParams(FuzzerCliParams& cli_params) {
assert(cli_params.fuzzing_target == FuzzingTarget::kAll &&
"The fuzzing target should not have been set by a CLI parameter: it "
"should have its default value.");
cli_params.fuzzing_target = FuzzingTarget::kHlsl;
}
} // namespace spvtools_fuzzer
} // namespace fuzzers
} // namespace tint

View File

@ -0,0 +1,33 @@
// Copyright 2021 The Tint Authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#include <cassert>
#include "fuzzers/tint_spirv_tools_fuzzer/cli.h"
#include "fuzzers/tint_spirv_tools_fuzzer/override_cli_params.h"
namespace tint {
namespace fuzzers {
namespace spvtools_fuzzer {
void OverrideCliParams(FuzzerCliParams& cli_params) {
assert(cli_params.fuzzing_target == FuzzingTarget::kAll &&
"The fuzzing target should not have been set by a CLI parameter: it "
"should have its default value.");
cli_params.fuzzing_target = FuzzingTarget::kMsl;
}
} // namespace spvtools_fuzzer
} // namespace fuzzers
} // namespace tint

View File

@ -0,0 +1,33 @@
// Copyright 2021 The Tint Authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#include <cassert>
#include "fuzzers/tint_spirv_tools_fuzzer/cli.h"
#include "fuzzers/tint_spirv_tools_fuzzer/override_cli_params.h"
namespace tint {
namespace fuzzers {
namespace spvtools_fuzzer {
void OverrideCliParams(FuzzerCliParams& cli_params) {
assert(cli_params.fuzzing_target == FuzzingTarget::kAll &&
"The fuzzing target should not have been set by a CLI parameter: it "
"should have its default value.");
cli_params.fuzzing_target = FuzzingTarget::kSpv;
}
} // namespace spvtools_fuzzer
} // namespace fuzzers
} // namespace tint

View File

@ -0,0 +1,33 @@
// Copyright 2021 The Tint Authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#include <cassert>
#include "fuzzers/tint_spirv_tools_fuzzer/cli.h"
#include "fuzzers/tint_spirv_tools_fuzzer/override_cli_params.h"
namespace tint {
namespace fuzzers {
namespace spvtools_fuzzer {
void OverrideCliParams(FuzzerCliParams& cli_params) {
assert(cli_params.fuzzing_target == FuzzingTarget::kAll &&
"The fuzzing target should not have been set by a CLI parameter: it "
"should have its default value.");
cli_params.fuzzing_target = FuzzingTarget::kWgsl;
}
} // namespace spvtools_fuzzer
} // namespace fuzzers
} // namespace tint