commit 45510ad8a77862c1ce2e33f0efed41544f5f048b
author Nicolas Capens <capn@google.com> Thu Jun 04 22:26:40 2020 -0400
committer Nicolas Capens <nicolascapens@google.com> Thu Jun 11 03:17:40 2020 +0000
tree 88fe7c378ee7082d5596a4c210143815121a5a51
parent f3b74473010b85ace647c7c302b21d82fb91e399

Validate the SPIR-V code in debug builds

https://www.khronos.org/registry/vulkan/specs/1.2-extensions/man/html/VkShaderModuleCreateInfo.html
states that the "code must adhere to the validation rules described by
the Validation Rules within a Module section of the SPIR-V Environment
appendix"

This makes it the application's responsibility to only pass valid SPIR-V
code to vkCreateShaderModule. However, improperly validated code
may cause bugs which are hard to root cause, so validate in our
implementation as well in debug builds. This can also help with fuzzing
efforts.

Bug: b/158228522
Change-Id: Ib4f41fa70a021fb902e1f8504005b87c92286942
Reviewed-on: https://swiftshader-review.googlesource.com/c/SwiftShader/+/45569
Tested-by: Nicolas Capens <nicolascapens@google.com>
Kokoro-Result: kokoro <noreply+kokoro@google.com>
Reviewed-by: Alexis Hétu <sugoi@google.com>

src/Vulkan/VkShaderModule.cpp

diff --git a/src/Vulkan/VkShaderModule.cpp b/src/Vulkan/VkShaderModule.cpp
index 337e188..55c091d 100644
--- a/src/Vulkan/VkShaderModule.cpp
+++ b/src/Vulkan/VkShaderModule.cpp
@@ -14,6 +14,8 @@
 
 #include "VkShaderModule.hpp"
 
+#include "spirv-tools/libspirv.hpp"
+
 #include <cstring>
 
 namespace vk {
@@ -26,6 +28,11 @@
 {
 	memcpy(code, pCreateInfo->pCode, pCreateInfo->codeSize);
 	wordCount = static_cast<uint32_t>(pCreateInfo->codeSize / sizeof(uint32_t));
+
+#if !defined(NDEBUG) || defined(DCHECK_ALWAYS_ON)
+	spvtools::SpirvTools spirvTools(SPV_ENV_VULKAN_1_1);
+	ASSERT(spirvTools.Validate(getCode()));  // The SPIR-V code passed to vkCreateShaderModule must be valid (b/158228522)
+#endif
 }
 
 void ShaderModule::destroy(const VkAllocationCallbacks *pAllocator)