Commit Graph

386 Commits

Author SHA1 Message Date
Alastair Donaldson
ba4b390c36
Suppress protobuf warning (#4551)
Suppresses a warning emitted by some versions of clang when compiling
protobufs.
2021-09-28 14:52:52 +00:00
Alastair Donaldson
9e65f054d1
spirv-fuzz: Account for differing signedness in WrapVectorSynonym (#4414)
Makes the fuzzer pass and transformation that wraps vector synonyms
aware of the fact that integer operations can have arguments that
differ in signedness, and that the result type of such an operation
can have different sign from the argument types.

Fixes #4413.
2021-09-14 21:09:39 +00:00
Mostafa Ashraf
07f1302352
spirv-fuzz: Support AtomicStore (#4440)
Adds support for atomic operations in TransformationStore and its
associated fuzzer pass.

Fixes #4337.
2021-08-05 14:08:44 +01:00
Ben Clayton
366d1be5e8
fuzzers: Disable suggest-destructor-override warning (#4439)
The protobuf generated code triggers this clang-12 warning, which some
projects may treat as an error.
2021-08-05 12:00:33 +01:00
Mostafa Ashraf
0065c5672d
spirv-fuzz: support AtomicLoad (#4330)
Enhances the TransformationLoad transformation and associated
fuzzer pass to support atomic operations.

Fixes #4324.
2021-08-03 21:51:25 +01:00
Ben Clayton
c5bda7ae5a
Fuzzer: Default the new constructor parameter (#4438)
Introducing a new mandatory parameter makes it very difficult to roll
Chromium to a new version of SPIRV-Tools, as this project is used by
several third-party projects, and an atomic update of all projects
is very hard to coordinate.
2021-08-02 13:37:37 +01:00
Alastair Donaldson
9c4481419e
spirv-fuzz: Allow inapplicable transformations to be ignored (#4407)
spirv-fuzz features transformations that should be applicable by
construction. Assertions are used to detect when such transformations
turn out to be inapplicable. Failures of such assertions indicate bugs
in the fuzzer. However, when using the fuzzer at scale (e.g. in
ClusterFuzz) reports of these assertion failures create noise, and
cause the fuzzer to exit early. This change adds an option whereby
inapplicable transformations can be ignored. This reduces noise and
allows fuzzing to continue even when a transformation that should be
applicable but is not has been erroneously created.
2021-07-28 22:59:37 +01:00
Alastair Donaldson
c9e094cc4d
spirv-fuzz: Quit fuzzer pass when no types are available (#4409)
The fuzzer pass that adds global variables requires some basic
types. This change makes the fuzzer pass exit gracefully when none are
available.

Fixes #4408.
2021-07-28 22:59:02 +01:00
Alastair Donaldson
11cd875ed8
spirv-fuzz: Use reference in CanMakeSynonymOf (#4401)
The instruction parameter of CanMakeSynonymOf is an input parameter
that should never be null, so a const reference is a more appropriate
type than a const pointer.
2021-07-27 13:18:36 +01:00
Alastair Donaldson
183fb9fe4c
spirv-fuzz: Fix problem with instruction context (#4394)
Adds an additional validity check to ensure that every instruction's
context pointer matches the enclosing IR context. Avoids a redundant
copy constructor call in TransformationDuplicateRegionWithSelection
that was leading to a bad IR context for some instructions.

Related: #4387, #4388.
Fixes #4393.
2021-07-22 23:44:29 +01:00
Alastair Donaldson
94bcae1344
spirv-fuzz: Avoid out-of-bounds access (#4395)
Fixes #4389.
2021-07-22 23:44:03 +01:00
Alastair Donaldson
cc3fe2b67b
spirv-fuzz: Fix vector wrapping fuzzer pass (#4392)
The fuzzer pass was passing the type of a scalar where a vector type
was required, and was not checking whether synonyms could be made for
the operands to the scalar instruction.
2021-07-22 23:43:45 +01:00
Alastair Donaldson
2419f3be86
spirv-fuzz: Tighten checks on null and undef pointers (#4367)
Adaps the transformations that add OpConstantUndef and OpConstantNull
to a module so that pointer undefs are not allowed, and null pointers
are only allowed if suitable capabilities are present.

Fixes #4357.
2021-07-22 21:34:11 +01:00
Shiyu Liu
033768c24b
spirv-fuzz: TransformationWrapVectorSynonym that rewrites scalar operations using vectors (#4376)
Adds a new transformation that rewrites a scalar operation (like
OpFAdd, opISub) as an equivalent vector operation, adding a synonym
between the scalar result and an appropriate component of the vector
result.

Fixes #4195.
2021-07-20 11:01:20 +01:00
Mostafa Ashraf
f084bcfe2b
spirv-fuzz: Support atomic operations opcode (#4348)
This change captures the fact that the signedness of memory semantics
and scope parameters of atomic operations does not matter.

Fixes #4345.
2021-07-20 10:03:58 +01:00
Mostafa Ashraf
e0937d7fd1
spirv-fuzz: Don't replace memory semantics / scope operands (#4349)
This change is responsible for avoiding the replacement of constant
operands with another one not constant, in the context of atomic
operations.  The related rule from the SPIR-V spec is: "All used for
Scope and Memory Semantics in shader capability must be of an
OpConstant."

Fixes #4346.
2021-07-15 19:03:51 +01:00
Alastair Donaldson
06f114d482
spirv-fuzz: Avoid out of bounds access (#4355)
In the extreme case where there are no basic types,
FuzzerPassPushIdsThroughVariables could trigger a bounds error. This
change fixes this problem.
2021-07-01 15:51:13 +01:00
Alastair Donaldson
b8587c984a
spirv-reduce: Allow merging unreachable blocks (#4303)
This change allows the reducer to merge together blocks even when they
are unreachable, but keeps the restriction of reachability in place
for the optimizer.

Fixes #4302.
2021-06-28 23:05:30 +01:00
Alastair Donaldson
4fcdc58946
Add IsReachable function to IRContext (#4323)
There was a lot of code in the codebase that would get the dominator
analysis for a function and then use it to check whether a block is
reachable. In the fuzzer, a utility method had been introduced to make
this more concise, but it was not being used consistently.

This change moves the utility method to IRContext, so that it can be
used throughout the codebase, and refactors all existing checks for
block reachability to use the utility method.
2021-06-28 20:00:14 +01:00
Mostafa Ashraf
9dbca316aa
spirv-fuzz: Improve TransformationAddBitInstructionSynonym to check integer signedness (#4312)
Fixes #4170, by checking the signedness of bitwise operands in
TransformationAddBitInstructionSynonym, to avoid an "Expected Base
Type to be equal to Result Type" validation error.
2021-06-09 19:56:56 +01:00
EGJ1996
c1a75bfabf
spirv-fuzz: Support bitwise or and xor in TransformationAddBitInstructionSynonym (#4310)
Fixes #4172.
2021-06-09 16:23:26 +01:00
Shiyu Liu
26cdce984f
spirv-fuzz: add tests for full coverage of TransformationAccessChain (#4304)
Fixes #4286 by achieving full coverage of the transformation.
2021-06-02 17:46:56 +01:00
Alastair Donaldson
0861a8fa21
spirv-fuzz: Fix OutlineFunction in presence of unreachable blocks (#4308)
This change prevents TransformationOutlineFunction from outlining a
region of blocks if some block in the region has an unreachable
predecessor. This avoids a bug whereby the region would be outlined,
and the unreachable predecessors would be left behind, referring to
blocks that are no longer in the function.
2021-06-01 11:44:21 +01:00
Alastair Donaldson
9646c733e9
spirv-fuzz: Fix def-use update in PermutePhiOperands (#4309)
The def-use manager was being incorrectly updated in
TransformationPermutePhiOperands, and this was causing future
transformations to go wrong during fuzzing. This change updates the
def-use manager in a correct manner, and adds a test exposing the
previous bug.

Fixes #4300.
2021-06-01 08:37:45 +01:00
Mostafa Ashraf
00ce2bb474
spirv-fuzz: Enhancing permute function variables and its testing (#4295)
Fixes the way instruction swapping is implemented.

Fixes #4257.
Fixes #4259.
2021-05-26 00:41:31 +01:00
Vasyl Teliman
e2ac64bdf0
spirv-fuzz: Move ApplyTransformation to .cpp file (#4258)
Sometimes, you need to change these functions during debugging (e.g.,
figure out why the transformation is inapplicable). When that happens,
you need to recompile the whole fuzzer just because these functions
are in the header file. This PR fixes the situation.
2021-05-26 00:39:51 +01:00
Alastair Donaldson
f6b59599ae
spirv-fuzz: Respect control flow rules when merging returns (#4279)
Fixes #4278.

Some minor code cleanup is incorporated.
2021-05-12 10:45:58 -04:00
Shiyu Liu
1020e394cb
spirv-fuzz: Fix underflow problem in fuzzer_pass_swap_two_functions (#4253)
Addresses a comment mentioned in #4236.

Simplifies implementation of GetFunctionIterator().
2021-05-04 09:40:55 +01:00
Shiyu Liu
6cdf07d2b3
spirv-fuzz: Swap positions of two functions in a module (#4236)
Adds a new transformation class that swaps the syntactic position of
two functions in the module, and a fuzzer pass to apply it.

Fixes #4026.
2021-04-27 12:33:08 +01:00
Mostafa Ashraf
8fe39ad581
spirv-fuzz: Permute the order of variables at function scope issue (#4248)
Fixes #4194.
2021-04-26 16:53:55 +01:00
Alastair Donaldson
a02a9205ff
spirv-fuzz: Accept limitations in AddFunction (#4226)
There are some edge cases where adding livesafe functions does not
succeed, due to loop limiter edges breaking SPIR-V dominance rules. As
these edge cases are rare it does not seem worth implementing complex
additional logic to handle all cases. This change accepts that trying
to add a function in a livesafe manner may not succeed.
2021-04-13 09:45:30 +01:00
Alastair Donaldson
61e256c9c4
spirv-fuzz: Efficiency improvements to fuzzer pass (#4188)
FuzzerPassConstructComposites is adapted to use AvailableInstructions
to manage available instructions, and to use zero constants when
trying to construct a composite for which not all fields can otherwise
be constructed. The change uncovered some cases where we create
structs and arrays with struct fields or components that are
block-decorated; these possibilities have been eliminated.
2021-03-27 12:15:59 +00:00
Alastair Donaldson
2ee21fbdee
spirv-fuzz: Avoid invalidating analyses when splitting blocks (#4218)
It is easy to avoid the need to invalidate the def-use analysis and
instruction to block mapping when splitting blocks, and profiling has
revealed that invalidation of def-use in particular is expensive when
splitting many blocks. This change avoids these invalidations.
2021-03-27 12:13:23 +00:00
Alastair Donaldson
22eb528f17
spirv-fuzz: Do not add too many dead blocks (#4217)
Profiling has shown that adding large numbers of dead block
transformations can be expensive because each on requires dominator
analysis information, and each one invalidates this information. There
is currently no obvious mechanism for incrementally updating the
dominator analysis. This change restricts the number of these
transformations that a single fuzzer pass will apply, to restrict this
performance bottleneck.
2021-03-27 10:30:23 +00:00
Alastair Donaldson
d0c73fcee1
spirv-fuzz: Optimize transformations (#4216)
Avoids blanket invalidation of analyses in several transformations,
instead updating the def-use manager and instruction to block mapping.
2021-03-26 10:22:06 +00:00
Vasyl Teliman
f227930153
spirv-fuzz: Fix comments #4215
Related to #4214.
2021-03-25 17:20:45 +00:00
Alastair Donaldson
bed84792f9
spirv-fuzz: Call by value and move in transformations (#4208)
Adapts all transformation classes so that their protobuf message is
passed by value and then moved into the message_ field.
2021-03-23 13:31:44 +00:00
Alastair Donaldson
c0833ce620
spirv-fuzz: Remove destructors from FuzzerPass subclasses (#4209)
Subclasses of FuzzerPass no longer needlessly override the default
destructor of FuzzerPass.
2021-03-23 13:31:27 +00:00
Vasyl Teliman
edb8399b0f
spirv-fuzz: Add WGSL compatibility flag to context (#4193)
The new flags allows transformations and fuzzer passes to be enabled
and applied in a WGSL-compatible fashion.
2021-03-21 09:10:15 +00:00
Alastair Donaldson
6382cbb497
spirv-fuzz: Avoid invalidating analyses in various transformations (#4205)
Avoids invalidating all analyses in transformations that add
constants, OpUndef and global and local variables.
2021-03-20 22:48:02 +00:00
Alastair Donaldson
6578899781
spirv-fuzz: Manage available instructions efficiently (#4177)
Introduces a data structure for efficient management of available
instructions in the fuzzer.
2021-03-20 18:51:18 +00:00
Alastair Donaldson
75d7c14cfb
spirv-fuzz: Remove AddType methods from fuzzerutil (#4204)
Types should only be added to the module by spirv-fuzz via
transformations, so this change removes the AddType methods from
fuzzerutil, which were only called once each from the appropriate
transformation.

The transformations have been adapted so that they avoid redundantly
invalidating all analyses - they now update the def-use manager and
invalidate only the type manager.
2021-03-20 08:54:51 +00:00
Alastair Donaldson
a732e4c03c
spirv-fuzz: Apply fuzzer pass before checking exit conditions (#4199)
Fixes #4198.
2021-03-19 05:32:54 +00:00
Alastair Donaldson
8866fd7ae2
spirv-fuzz: Locate instructions more efficiently (#4189)
Avoids redundantly searching the whome module when locating an
instruction from its descriptor - instead, only the block containing
the instruction needs to be searched.
2021-03-17 09:28:57 +00:00
Alastair Donaldson
db2a706467
spirv-fuzz: Make adding equation instructions more efficient (#4190)
Avoids unnecessary invalidation of analyses.
2021-03-17 09:28:46 +00:00
Alastair Donaldson
e8ab7101f6
spirv-fuzz: Make PermutePhiOperands more efficient (#4191)
Amends def-use information rather than invalidating all analyses in
TransformationPermutePhiOperands.
2021-03-17 09:28:36 +00:00
Alastair Donaldson
478754c005
spirv-fuzz: Avoid invalidating analyses (#4176)
The performance of spirv-fuzz is sometimes poor due to analyses being
conservatively invalidated. This can lead to quadratic time algorithms
when a fuzzer pass applies O(N) transformations, and where every
transformation e.g. depends on def-use analysis and invalidates
def-use analysis (because building def-use analysis is O(N)).

This change avoids invalidating analyses for certain transformations.
2021-03-14 01:53:21 +00:00
Alastair Donaldson
f7cf3ec2a5
spirv-fuzz: Avoid unnecessary dependency (#4165)
The fuzzer library depended on CLIMessageConsumer, due to its explicit
use in a function. This change removes that dependency so that,
instead, a message consumer parameter is passed.
2021-03-10 15:37:14 +00:00
Vasyl Teliman
e6a9f4e430
spirv-fuzz: Fix the bug in TransformationReplaceBranchFromDeadBlockWithExit (#4140)
Fixes #4136.
2021-03-05 14:27:37 +00:00
Vasyl Teliman
7d514cf1c7
spirv-fuzz: Fix PartialCount (#4159)
Fixes #4158.
2021-03-05 11:13:28 +00:00