[mlir] Add simple fuzzer for textual format

Only use this on generic parser for now by not registering any dialect. For flushing out some parser bugs. The textual format is not meant to be load bearing in production runs, but still useful to remove edge cases/failures.

Differential Revision: https://reviews.llvm.org/D122267

Author: jpienaar

mlir/tools/CMakeLists.txt

@@ -1,5 +1,6 @@
 add_subdirectory(mlir-lsp-server)
 add_subdirectory(mlir-opt)
+add_subdirectory(mlir-parser-fuzzer)
 add_subdirectory(mlir-pdll)
 add_subdirectory(mlir-pdll-lsp-server)
 add_subdirectory(mlir-reduce)

mlir/tools/mlir-parser-fuzzer/CMakeLists.txt

@@ -0,0 +1,14 @@
+set(LLVM_LINK_COMPONENTS
+  FuzzMutate
+  Support
+)
+add_llvm_fuzzer(mlir-parser-fuzzer
+  mlir-parser-fuzzer.cpp
+  DUMMY_MAIN DummyParserFuzzer.cpp
+)
+target_link_libraries(mlir-parser-fuzzer
+  PUBLIC
+  MLIRIR
+  MLIRParser
+  MLIRSupport
+)

mlir/tools/mlir-parser-fuzzer/DummyParserFuzzer.cpp

@@ -0,0 +1,20 @@
+//===--- DummyParserFuzzer.cpp - Entry point to sanity check the fuzzer ---===//
+//
+// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
+// See https://llvm.org/LICENSE.txt for license information.
+// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
+//
+//===----------------------------------------------------------------------===//
+//
+// Implementation of main so we can build and test without linking libFuzzer.
+//
+//===----------------------------------------------------------------------===//
+
+#include "llvm/FuzzMutate/FuzzerCLI.h"
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv);
+int main(int argc, char *argv[]) {
+  return llvm::runFuzzerOnInputs(argc, argv, LLVMFuzzerTestOneInput,
+                                 LLVMFuzzerInitialize);
+}

mlir/tools/mlir-parser-fuzzer/mlir-parser-fuzzer.cpp

@@ -0,0 +1,50 @@
+//===--- mlir-parser-fuzzer.cpp - Entry point to parser fuzzer ------------===//
+//
+// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
+// See https://llvm.org/LICENSE.txt for license information.
+// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
+//
+//===----------------------------------------------------------------------===//
+//
+// Implementation of main so we can build and test without linking libFuzzer.
+//
+//===----------------------------------------------------------------------===//
+
+#include "mlir/IR/Diagnostics.h"
+#include "mlir/IR/Dialect.h"
+#include "mlir/IR/MLIRContext.h"
+#include "mlir/Parser/Parser.h"
+#include "llvm/ADT/StringRef.h"
+#include "llvm/Support/Compiler.h"
+
+using namespace mlir;
+
+extern "C" LLVM_ATTRIBUTE_USED int LLVMFuzzerTestOneInput(const uint8_t *data,
+                                                          size_t size) {
+  // Skip empty inputs.
+  if (size <= 1 || data[size - 1] != 0)
+    return 0;
+  --size;
+
+  // Create a null-terminated memory buffer from the input.
+  DialectRegistry registry;
+  MLIRContext context(registry);
+  context.allowUnregisteredDialects();
+
+  // Register diagnostic handler to avoid triggering exit behavior.
+  context.getDiagEngine().registerHandler(
+      [](mlir::Diagnostic &diag) { return; });
+
+  llvm::StringRef str(reinterpret_cast<const char *>(data), size);
+
+  // Parse module. The parsed module isn't used, so it is discarded post parse
+  // (successful or failure). The returned module is wrapped in a unique_ptr
+  // such that it is freed upon exit if returned.
+  (void)parseSourceString<ModuleOp>(str, &context);
+  return 0;
+}
+
+extern "C" LLVM_ATTRIBUTE_USED int LLVMFuzzerInitialize(int *argc,
+                                                        char ***argv) {
+  return 0;
+}