Commit Graph

291 Commits

Author SHA1 Message Date
alan-baker
d35a78db57
Switch SPIRV-Tools to use spirv.hpp11 internally (#4981)
Fixes #4960

* Switches to using enum classes with an underlying type to avoid
  undefined behaviour
2022-11-04 17:27:10 -04:00
Ryan Harrison
a383c476e6
Remove reference to protobuf internals from fuzzers (#4701)
In newer versions of protobuf the Status building code has been made
internal, so that embedders cannot build their own instances like is
being done here.

Changing this code to just use the .ok() method on the status object,
since if the status is OK or not is what is actually being tested.

This will make it easier in the future to update external/protobuf.
2022-02-10 10:41:24 -05:00
luzpaz
65ecfd1093
Fix various source comment (doxygen) typos (#4680)
Found via `codespell -q 3 -L fo,lod,parm
2022-01-26 15:13:08 -05:00
Alastair Donaldson
9e65f054d1
spirv-fuzz: Account for differing signedness in WrapVectorSynonym (#4414)
Makes the fuzzer pass and transformation that wraps vector synonyms
aware of the fact that integer operations can have arguments that
differ in signedness, and that the result type of such an operation
can have different sign from the argument types.

Fixes #4413.
2021-09-14 21:09:39 +00:00
Mostafa Ashraf
07f1302352
spirv-fuzz: Support AtomicStore (#4440)
Adds support for atomic operations in TransformationStore and its
associated fuzzer pass.

Fixes #4337.
2021-08-05 14:08:44 +01:00
Mostafa Ashraf
0065c5672d
spirv-fuzz: support AtomicLoad (#4330)
Enhances the TransformationLoad transformation and associated
fuzzer pass to support atomic operations.

Fixes #4324.
2021-08-03 21:51:25 +01:00
Alastair Donaldson
17bf443767
spirv-fuzz: Add minimal SPIR-V example to test shaders (#4415)
Testing on ClusterFuzz has revealed that the fuzzer sometimes goes
wrong when a shader is very simple - e.g., there have been bugs where
a fuzzer pass has assumed that at least one basic type exists in the
module. This change adds an almost empty SPIR-V example to the shaders
used for testing, to help catch such cases locally.
2021-07-29 17:09:14 +01:00
Alastair Donaldson
9c4481419e
spirv-fuzz: Allow inapplicable transformations to be ignored (#4407)
spirv-fuzz features transformations that should be applicable by
construction. Assertions are used to detect when such transformations
turn out to be inapplicable. Failures of such assertions indicate bugs
in the fuzzer. However, when using the fuzzer at scale (e.g. in
ClusterFuzz) reports of these assertion failures create noise, and
cause the fuzzer to exit early. This change adds an option whereby
inapplicable transformations can be ignored. This reduces noise and
allows fuzzing to continue even when a transformation that should be
applicable but is not has been erroneously created.
2021-07-28 22:59:37 +01:00
Alastair Donaldson
2419f3be86
spirv-fuzz: Tighten checks on null and undef pointers (#4367)
Adaps the transformations that add OpConstantUndef and OpConstantNull
to a module so that pointer undefs are not allowed, and null pointers
are only allowed if suitable capabilities are present.

Fixes #4357.
2021-07-22 21:34:11 +01:00
Shiyu Liu
033768c24b
spirv-fuzz: TransformationWrapVectorSynonym that rewrites scalar operations using vectors (#4376)
Adds a new transformation that rewrites a scalar operation (like
OpFAdd, opISub) as an equivalent vector operation, adding a synonym
between the scalar result and an appropriate component of the vector
result.

Fixes #4195.
2021-07-20 11:01:20 +01:00
Mostafa Ashraf
f084bcfe2b
spirv-fuzz: Support atomic operations opcode (#4348)
This change captures the fact that the signedness of memory semantics
and scope parameters of atomic operations does not matter.

Fixes #4345.
2021-07-20 10:03:58 +01:00
Mostafa Ashraf
e0937d7fd1
spirv-fuzz: Don't replace memory semantics / scope operands (#4349)
This change is responsible for avoiding the replacement of constant
operands with another one not constant, in the context of atomic
operations.  The related rule from the SPIR-V spec is: "All used for
Scope and Memory Semantics in shader capability must be of an
OpConstant."

Fixes #4346.
2021-07-15 19:03:51 +01:00
Alastair Donaldson
4d2832e3c8
spirv-fuzz: Check updated analyses in transformation tests (#4266)
Enhances the tests for TransformationSwapFunctionVariables to check that
analyses are updated.
2021-07-05 22:09:43 +01:00
Alastair Donaldson
7763360524
spirv-fuzz: Added tests for signedness analysis (#4361)
Adds skeleton tests to support #4345.
2021-07-04 12:26:11 +01:00
Alastair Donaldson
8cc8b6562b
spirv-fuzz: Add illustrative tests for new issues (#4347)
Adds (currently disabled) tests related to #4345 and #4346.
2021-06-24 17:24:46 +01:00
Mostafa Ashraf
9dbca316aa
spirv-fuzz: Improve TransformationAddBitInstructionSynonym to check integer signedness (#4312)
Fixes #4170, by checking the signedness of bitwise operands in
TransformationAddBitInstructionSynonym, to avoid an "Expected Base
Type to be equal to Result Type" validation error.
2021-06-09 19:56:56 +01:00
EGJ1996
c1a75bfabf
spirv-fuzz: Support bitwise or and xor in TransformationAddBitInstructionSynonym (#4310)
Fixes #4172.
2021-06-09 16:23:26 +01:00
Shiyu Liu
c05f744154
Spirv-fuzz: Add tests for MaybeGet* functions in fuzzerutil (#4284)
Adds tests for all MaybeGet* functions in fuzzerutil.

Fixes #4179.
2021-06-05 00:36:23 +01:00
Shiyu Liu
26cdce984f
spirv-fuzz: add tests for full coverage of TransformationAccessChain (#4304)
Fixes #4286 by achieving full coverage of the transformation.
2021-06-02 17:46:56 +01:00
EGJ1996
c853a91144
spirv-fuzz: Added test to increase coverage of the add_parameter transformation (#4305)
Fixes #4294 by achieving full coverage of this transformation.
2021-06-02 17:44:42 +01:00
Mostafa Ashraf
126a826d3a
Spirv-fuzz: Achieve coverage of TransformationAddDeadBlock test (#4306)
Fixes #4290, by enhancing the test to get 100% of the lines covered.
2021-06-02 17:16:44 +01:00
Alastair Donaldson
0861a8fa21
spirv-fuzz: Fix OutlineFunction in presence of unreachable blocks (#4308)
This change prevents TransformationOutlineFunction from outlining a
region of blocks if some block in the region has an unreachable
predecessor. This avoids a bug whereby the region would be outlined,
and the unreachable predecessors would be left behind, referring to
blocks that are no longer in the function.
2021-06-01 11:44:21 +01:00
Alastair Donaldson
9646c733e9
spirv-fuzz: Fix def-use update in PermutePhiOperands (#4309)
The def-use manager was being incorrectly updated in
TransformationPermutePhiOperands, and this was causing future
transformations to go wrong during fuzzing. This change updates the
def-use manager in a correct manner, and adds a test exposing the
previous bug.

Fixes #4300.
2021-06-01 08:37:45 +01:00
EGJ1996
ec1bc3e2e5
spirv-fuzz: Added extra tests for AddTypeFloat and AddTypeInt transformations (#4292)
Tests some edge cases of these transformations more thoroughly.
2021-05-27 08:36:39 +01:00
EGJ1996
94f570d7aa
spirv-fuzz: Increase test coverage of TransformationCompositeConstruct (#4301)
Brings this class up to 100% statement coverage.

Fixes #4288
2021-05-26 21:31:55 +01:00
Mostafa Ashraf
00ce2bb474
spirv-fuzz: Enhancing permute function variables and its testing (#4295)
Fixes the way instruction swapping is implemented.

Fixes #4257.
Fixes #4259.
2021-05-26 00:41:31 +01:00
Mostafa Ashraf
91931ffcd2
spirv-fuzz: Enhance test to improve lines covered (#4289)
Fixes #4287 by enhancing the test to get 100% of lines covered.
2021-05-24 14:24:11 +01:00
Alastair Donaldson
0afe1f2b3f
spirv-fuzz: Cover protobuf message creation in tests (#4285)
The Transformation class tests did not cover the (trivial) ToMessage
methods of each transformation, nor the constructors that take a
protobuf message. This lac of coverage makes it hard to see which more
interesting pieces of code are not covered when looking at coverage
percentages. This change adapts the helper function for applying a
transformation and checking fresh ids so that it turns a
transformation into a protobuf message and back, thus covering
ToMessage and the protobuf constructor for every transformation. The
runtime overhead of doing this is very small.
2021-05-22 17:45:09 +01:00
Alastair Donaldson
f6b59599ae
spirv-fuzz: Respect control flow rules when merging returns (#4279)
Fixes #4278.

Some minor code cleanup is incorporated.
2021-05-12 10:45:58 -04:00
Shiyu Liu
6cdf07d2b3
spirv-fuzz: Swap positions of two functions in a module (#4236)
Adds a new transformation class that swaps the syntactic position of
two functions in the module, and a fuzzer pass to apply it.

Fixes #4026.
2021-04-27 12:33:08 +01:00
Mostafa Ashraf
8fe39ad581
spirv-fuzz: Permute the order of variables at function scope issue (#4248)
Fixes #4194.
2021-04-26 16:53:55 +01:00
Alastair Donaldson
d0c73fcee1
spirv-fuzz: Optimize transformations (#4216)
Avoids blanket invalidation of analyses in several transformations,
instead updating the def-use manager and instruction to block mapping.
2021-03-26 10:22:06 +00:00
Alastair Donaldson
3d39517961
spirv-fuzz: Improve transformation test oracles (#4207)
To help ensure that optimizations that do less cautious invalidation
of analyses are implemented correctly, this change adds checks to the
tests of various transformations to ensure that analyses such as
def-use are up to date.
2021-03-23 13:31:14 +00:00
Vasyl Teliman
edb8399b0f
spirv-fuzz: Add WGSL compatibility flag to context (#4193)
The new flags allows transformations and fuzzer passes to be enabled
and applied in a WGSL-compatible fashion.
2021-03-21 09:10:15 +00:00
Alastair Donaldson
6382cbb497
spirv-fuzz: Avoid invalidating analyses in various transformations (#4205)
Avoids invalidating all analyses in transformations that add
constants, OpUndef and global and local variables.
2021-03-20 22:48:02 +00:00
Alastair Donaldson
6578899781
spirv-fuzz: Manage available instructions efficiently (#4177)
Introduces a data structure for efficient management of available
instructions in the fuzzer.
2021-03-20 18:51:18 +00:00
Vasyl Teliman
7779907584
spirv-fuzz: Add buggy test (#4180)
Part of #4170.
2021-03-14 01:52:05 +00:00
Vasyl Teliman
e6a9f4e430
spirv-fuzz: Fix the bug in TransformationReplaceBranchFromDeadBlockWithExit (#4140)
Fixes #4136.
2021-03-05 14:27:37 +00:00
Vasyl Teliman
7d514cf1c7
spirv-fuzz: Fix PartialCount (#4159)
Fixes #4158.
2021-03-05 11:13:28 +00:00
Alastair Donaldson
f7043c0de6
spirv-fuzz: Handle Vulkan SPIR-V versions (#4156)
Fixes #4155.
2021-03-03 22:29:57 +00:00
Vasyl Teliman
43cfa9bc1d
spirv-fuzz: Add persistent state to the fuzzer (#4137)
Adds persistent state to the fuzzer so that it can be used as a custom
mutator for mutation-based fuzzing.
2021-03-03 15:34:53 +00:00
Alastair Donaldson
4e31fdd4aa
spirv-fuzz: Fix OpPhi handling in DuplicateRegionWithSelection (#4065)
Avoid generating OpPhi on void types, and allow the transformation to
take place on regions that produce pointer and sampled image result
ids if such ids are not used after the region.

Fixes #3787.
2020-12-17 11:45:52 +00:00
Alastair Donaldson
1299436c8f
Reject SPIR-V that applies void to OpUndef, OpCopyObject, OpPhi (#4036)
Fixes #4035.
2020-11-27 16:31:04 +00:00
Alastair Donaldson
b0e22d28f5
spirv-fuzz: Fix facts arising from CompositeConstruct (#4034)
Fixes #4023.
2020-11-25 12:03:05 +00:00
Alastair Donaldson
5ffa320fee
spirv-fuzz: Do not flatten conditionals that create synonyms (#4030)
Fixes #4024.
2020-11-24 20:18:23 +00:00
Vasyl Teliman
aa6035f1c6
spirv-fuzz: Fix bugs in TransformationFlattenConditionalBranch (#4006)
Fixes #4005.
Fixes #3993.
2020-11-03 15:03:08 +00:00
André Perez
5735576f87
spirv-fuzz: Fix bug related to transformation applicability (#3990)
This PR fixes a bug related to the transformation applicability.
When the OpNot case was implemented, its opcode was not
added to the list of supported bit instructions in IsApplicable.
So, the changes made are the following.

- Add OpNot to the list of supported bit instructions.
- Update the tests.
2020-11-03 10:48:30 +00:00
André Perez
abe2eff36f
spirv-fuzz: Add expand vector reduction transformation (#3869)
The following implementations are introduced:

- Transformation and fuzzer pass for expanding vector reduction.
- Unit tests to cover the instructions with different vector sizes.

Fixes #3768.
2020-10-23 14:59:08 +01:00
Vasyl Teliman
99ad4f1e29
spirv-fuzz: Don't replace irrelevant indices in OpAccessChain (#3988)
Part of #3980.
2020-10-23 14:52:22 +01:00
Vasyl Teliman
895dafcc1d
spirv-fuzz: Add FuzzerPassAddCompositeExtract (#3904)
Fixes #3806.
2020-10-23 14:49:50 +01:00