Google Git
Sign in
swiftshader / SwiftShader / 425189539b883a367f2d322e6c14611e9e88a5bd / . / third_party / SPIRV-Tools / source / fuzz / fuzzer_pass.h
blob: 800b88861640619a62de78133d5225b728a14cd4 [file] [log] [blame]
// Copyright (c) 2019 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef SOURCE_FUZZ_FUZZER_PASS_H_
#define SOURCE_FUZZ_FUZZER_PASS_H_
#include <functional>
#include <vector>
#include "source/fuzz/fuzzer_context.h"
#include "source/fuzz/protobufs/spirvfuzz_protobufs.h"
#include "source/fuzz/transformation.h"
#include "source/fuzz/transformation_context.h"
#include "source/opt/ir_context.h"
namespace spvtools {
namespace fuzz {
// Interface for applying a pass of transformations to a module.
class FuzzerPass {
public:
FuzzerPass(opt::IRContext* ir_context,
TransformationContext* transformation_context,
FuzzerContext* fuzzer_context,
protobufs::TransformationSequence* transformations);
virtual ~FuzzerPass();
// Applies the pass to the module |ir_context_|, assuming and updating
// information from |transformation_context_|, and using |fuzzer_context_| to
// guide the process. Appends to |transformations_| all transformations that
// were applied during the pass.
virtual void Apply() = 0;
protected:
opt::IRContext* GetIRContext() const { return ir_context_; }
TransformationContext* GetTransformationContext() const {
return transformation_context_;
}
FuzzerContext* GetFuzzerContext() const { return fuzzer_context_; }
protobufs::TransformationSequence* GetTransformations() const {
return transformations_;
}
// Returns all instructions that are *available* at |inst_it|, which is
// required to be inside block |block| of function |function| - that is, all
// instructions at global scope and all instructions that strictly dominate
// |inst_it|.
//
// Filters said instructions to return only those that satisfy the
// |instruction_is_relevant| predicate. This, for instance, could ignore all
// instructions that have a particular decoration.
std::vector<opt::Instruction*> FindAvailableInstructions(
opt::Function* function, opt::BasicBlock* block,
const opt::BasicBlock::iterator& inst_it,
std::function<bool(opt::IRContext*, opt::Instruction*)>
instruction_is_relevant) const;
// A helper method that iterates through each instruction in each block, at
// all times tracking an instruction descriptor that allows the latest
// instruction to be located even if it has no result id.
//
// The code to manipulate the instruction descriptor is a bit fiddly. The
// point of this method is to avoiding having to duplicate it in multiple
// transformation passes.
//
// The function |action| is invoked for each instruction |inst_it| in block
// |block| of function |function| that is encountered. The
// |instruction_descriptor| parameter to the function object allows |inst_it|
// to be identified.
//
// In most intended use cases, the job of |action| is to randomly decide
// whether to try to apply some transformation, and then - if selected - to
// attempt to apply it.
void ForEachInstructionWithInstructionDescriptor(
std::function<
void(opt::Function* function, opt::BasicBlock* block,
opt::BasicBlock::iterator inst_it,
const protobufs::InstructionDescriptor& instruction_descriptor)>
action);
// A generic helper for applying a transformation that should be applicable
// by construction, and adding it to the sequence of applied transformations.
void ApplyTransformation(const Transformation& transformation) {
assert(transformation.IsApplicable(GetIRContext(),
*GetTransformationContext()) &&
"Transformation should be applicable by construction.");
transformation.Apply(GetIRContext(), GetTransformationContext());
*GetTransformations()->add_transformation() = transformation.ToMessage();
}
// Returns the id of an OpTypeBool instruction. If such an instruction does
// not exist, a transformation is applied to add it.
uint32_t FindOrCreateBoolType();
// Returns the id of an OpTypeInt instruction, with width 32 and signedness
// specified by |is_signed|. If such an instruction does not exist, a
// transformation is applied to add it.
uint32_t FindOrCreate32BitIntegerType(bool is_signed);
// Returns the id of an OpTypeFloat instruction, with width 32. If such an
// instruction does not exist, a transformation is applied to add it.
uint32_t FindOrCreate32BitFloatType();
// Returns the id of an OpTypeFunction %<return_type_id> %<...argument_id>
// instruction. If such an instruction doesn't exist, a transformation
// is applied to create a new one.
uint32_t FindOrCreateFunctionType(uint32_t return_type_id,
const std::vector<uint32_t>& argument_id);
// Returns the id of an OpTypeVector instruction, with |component_type_id|
// (which must already exist) as its base type, and |component_count|
// elements (which must be in the range [2, 4]). If such an instruction does
// not exist, a transformation is applied to add it.
uint32_t FindOrCreateVectorType(uint32_t component_type_id,
uint32_t component_count);
// Returns the id of an OpTypeMatrix instruction, with |column_count| columns
// and |row_count| rows (each of which must be in the range [2, 4]). If the
// float and vector types required to build this matrix type or the matrix
// type itself do not exist, transformations are applied to add them.
uint32_t FindOrCreateMatrixType(uint32_t column_count, uint32_t row_count);
// Returns the id of a pointer type with base type |base_type_id| (which must
// already exist) and storage class |storage_class|. A transformation is
// applied to add the pointer if it does not already exist.
uint32_t FindOrCreatePointerType(uint32_t base_type_id,
SpvStorageClass storage_class);
// Returns the id of an OpTypePointer instruction, with a 32-bit integer base
// type of signedness specified by |is_signed|. If the pointer type or
// required integer base type do not exist, transformations are applied to add
// them.
uint32_t FindOrCreatePointerTo32BitIntegerType(bool is_signed,
SpvStorageClass storage_class);
// Returns the id of an OpConstant instruction, with 32-bit integer type of
// signedness specified by |is_signed|, with |word| as its value. If either
// the required integer type or the constant do not exist, transformations are
// applied to add them.
uint32_t FindOrCreate32BitIntegerConstant(uint32_t word, bool is_signed);
// Returns the id of an OpConstant instruction, with 32-bit floating-point
// type, with |word| as its value. If either the required floating-point type
// or the constant do not exist, transformations are applied to add them.
uint32_t FindOrCreate32BitFloatConstant(uint32_t word);
// Returns the id of an OpConstantTrue or OpConstantFalse instruction,
// according to |value|. If either the required instruction or the bool
// type do not exist, transformations are applied to add them.
uint32_t FindOrCreateBoolConstant(bool value);
// Returns the id of an OpConstant instruction of type with |type_id|
// that consists of |words|. If that instruction doesn't exist,
// transformations are applied to add it. |type_id| must be a valid
// result id of either scalar or boolean OpType* instruction that exists
// in the module.
uint32_t FindOrCreateConstant(const std::vector<uint32_t>& words,
uint32_t type_id);
// Returns the result id of an instruction of the form:
// %id = OpUndef %|type_id|
// If no such instruction exists, a transformation is applied to add it.
uint32_t FindOrCreateGlobalUndef(uint32_t type_id);
// Define a *basic type* to be an integer, boolean or floating-point type,
// or a matrix, vector, struct or fixed-size array built from basic types. In
// particular, a basic type cannot contain an opaque type (such as an image),
// or a runtime-sized array.
//
// Yields a pair, (basic_type_ids, basic_type_ids_to_pointers), such that:
// - basic_type_ids captures every basic type declared in the module.
// - basic_type_ids_to_pointers maps every such basic type to the sequence
// of all pointer types that have storage class |storage_class| and the
// given basic type as their pointee type. The sequence may be empty for
// some basic types if no pointers to those types are defined for the given
// storage class, and the sequence will have multiple elements if there are
// repeated pointer declarations for the same basic type and storage class.
std::pair<std::vector<uint32_t>, std::map<uint32_t, std::vector<uint32_t>>>
GetAvailableBasicTypesAndPointers(SpvStorageClass storage_class) const;
// Given a type id, |scalar_or_composite_type_id|, which must correspond to
// some scalar or composite type, returns the result id of an instruction
// defining a constant of the given type that is zero or false at everywhere.
// If such an instruction does not yet exist, transformations are applied to
// add it.
//
// Examples:
// --------------+-------------------------------
// TYPE | RESULT is id corresponding to
// --------------+-------------------------------
// bool | false
// --------------+-------------------------------
// bvec4 | (false, false, false, false)
// --------------+-------------------------------
// float | 0.0
// --------------+-------------------------------
// vec2 | (0.0, 0.0)
// --------------+-------------------------------
// int[3] | [0, 0, 0]
// --------------+-------------------------------
// struct S { |
// int i; | S(0, false, (0u, 0u))
// bool b; |
// uint2 u; |
// } |
// --------------+-------------------------------
uint32_t FindOrCreateZeroConstant(uint32_t scalar_or_composite_type_id);
private:
// Array, matrix and vector are *homogeneous* composite types in the sense
// that every component of one of these types has the same type. Given a
// homogeneous composite type instruction, |composite_type_instruction|,
// returns the id of a composite constant instruction for which every element
// is zero/false. If such an instruction does not yet exist, transformations
// are applied to add it.
uint32_t GetZeroConstantForHomogeneousComposite(
const opt::Instruction& composite_type_instruction,
uint32_t component_type_id, uint32_t num_components);
// Helper to find an existing composite constant instruction of the given
// composite type with the given constant components, or to apply
// transformations to create such an instruction if it does not yet exist.
// Parameter |composite_type_instruction| must be a composite type
// instruction. The parameters |constants| and |constant_ids| must have the
// same size, and it must be the case that for each i, |constant_ids[i]| is
// the result id of an instruction that defines |constants[i]|.
uint32_t FindOrCreateCompositeConstant(
const opt::Instruction& composite_type_instruction,
const std::vector<const opt::analysis::Constant*>& constants,
const std::vector<uint32_t>& constant_ids);
opt::IRContext* ir_context_;
TransformationContext* transformation_context_;
FuzzerContext* fuzzer_context_;
protobufs::TransformationSequence* transformations_;
};
} // namespace fuzz
} // namespace spvtools
#endif // SOURCE_FUZZ_FUZZER_PASS_H_