Diversity transformation class space and implement Coverage-guided mutation-based fuzzing for WebGPU

Spir-fuzz is a C++-based tool that automatically finds bugs in Vulkan drivers. It works by transform the original shader into a new one that is semantically the same. Differences in the output of the new shader and the original one can be caused by bugs in the driver. Thus, our task involves expanding the set of transformations by building sets of transformation classes and writing their corresponding tests and fuzzer passes.

Our main task involves the WebGPU Shading Language, a new shading language featured by WebGPU. Since web browsers will have WebGPU, a secure implementation is crucial. To achieve a high test coverage, we use coverage-guided fuzzing. It uses program instrumentation to trace the code coverage reached by each input fed to a fuzz target. The information is then used to make informed decisions that maximize coverage, and thus increase the effectiveness of finding software bugs and security vulnerabilities. This project involves automatic fuzzing using LibFuzzer. Since LibFuzzer-based custom mutators mutate test cases in a domain-specific way, effective designing and implementing Tint-specific custom mutators are essential for this project to succeed.