Commit Graph

3047 Commits

Author SHA1 Message Date
Alastair Donaldson 4d18c6b7c5 spirv-tools fuzzers: Avoid passing target backend
Changes the spirv-tools fuzzer targets so that the target back-end
language (HLSL, MSL, SPIR-V or WGSL) is no longer passed as a command
line argument, but instead baked into the fuzzer's binary. This avoids
a problem whereby an OSS-Fuzz bug reproducer does not use the required
back-end command line argument.

Change-Id: I69970dfa7f133f8e310ec063c9b6869bd774e7d3
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63343
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Alastair Donaldson <afdx@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
2021-09-21 16:41:58 +00:00
Alastair Donaldson 0118b964f3 Fix generation of random indices in regex fuzzer
Random indices were being generated in a manner that assumed the upper
bound to a Random::GetUInt call was inclusive. Also, GetUInt64 was
being used needlessly when GetUInt32 would suffice. This change
addresses both issues.

Fixes https://crbug.com/1250904

Change-Id: I9ad8e5beb3b52bcb867aeb745dec520c251cba60
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/64744
Auto-Submit: Alastair Donaldson <afdx@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Alastair Donaldson <afdx@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
2021-09-21 16:16:58 +00:00
David Neto 1d81f83704 spirv-reader: only generate aliases for array types
Refactoring only.

Change-Id: Ia931870a337cf93a54c5f2154754ef549c8559d7
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/64680
Auto-Submit: David Neto <dneto@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Commit-Queue: David Neto <dneto@google.com>
2021-09-21 15:05:13 +00:00
Ben Clayton d1c6f83341 CMake: Massage CMakeLists for use by NodeJS bindings
Allow the third_party directory to be controlled by the outer sub-project.

Change-Id: I11030c75254c264c1955150bdf1983771b33b614
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/64500
Reviewed-by: Antonio Maiorano <amaiorano@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Ben Clayton <bclayton@google.com>
2021-09-20 19:47:05 +00:00
Ben Clayton 17720fdec7 Kokoro: Move the clean checkout to tmpfs
tmpfs is where the real disk space lives.
Fixes spurious out-of-disk errors.

Change-Id: Icd82b58888f5ffa26680c9f68cd65e7b53874bf5
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/64541
Reviewed-by: Antonio Maiorano <amaiorano@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Ben Clayton <bclayton@google.com>
2021-09-20 19:30:35 +00:00
David Neto ddc9eb2b85 wgsl-reader: reject identifiers starting with underscrore
Update one test to avoid this error.

Fixed: tint:1179
Change-Id: Id41b0eb0f404648de4e86a835fe43f1729cb4696
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/64464
Auto-Submit: David Neto <dneto@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: David Neto <dneto@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
2021-09-20 14:38:45 +00:00
Alastair Donaldson 871570bc7b Tolerate some errors while building SPIR-V corpus
When preparing a corpus of SPIR-V shaders for fuzzing, spirv-as is
invoked repeatedly. It could be that a bug in spirv-as leads to
conversion failing for some of the shaders. This should not prevent the
overall corpus from being generated, as long as the number of overall
failures is reasonably small. This change adds some tolerance for such
failures.

Change-Id: I77750fdeab15a252201bff33e952e1bd44c42331
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/64543
Auto-Submit: Alastair Donaldson <afdx@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Commit-Queue: Alastair Donaldson <afdx@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
2021-09-17 14:32:20 +00:00
Antonio Maiorano dad26395d8 spirv backend: do not generate a load for ignored expressions
Fixes spirv-val failing on loads of dynamic arrays.

Bug: chromium:1249602
Change-Id: Ic15af9f9ef2beb45bc732e4e45f023651544a1c7
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/64400
Reviewed-by: Ben Clayton <bclayton@google.com>
Kokoro: Antonio Maiorano <amaiorano@google.com>
Commit-Queue: Antonio Maiorano <amaiorano@google.com>
2021-09-16 13:32:57 +00:00
Ben Clayton d1d99bc7de Resolver: Validate that type sizes fit in uint32_t
Bug: chromium:1249708
Bug: tint:1177
Change-Id: I31c52f160e4952475e977453206ab4224fd20df7
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/64320
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: David Neto <dneto@google.com>
Commit-Queue: Ben Clayton <bclayton@google.com>
2021-09-15 17:37:00 +00:00
Alastair Donaldson 6556ba0e94 Move black-box fuzz target into fuzzers group
This makes it possible to build the fuzzer in Chromium's asan builder
group by having it depend on the tint fuzzers group, and means that the
logic for when particular fuzz targets are built remains encapsulated in
the tint fuzzer build rules.

Change-Id: Ic8d6131ccf1759a25fc3d736ae507cd173931616
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/64181
Auto-Submit: Alastair Donaldson <afdx@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Commit-Queue: Ben Clayton <bclayton@google.com>
2021-09-15 05:26:14 +00:00
Sarah 7f4d02c7ab cts: fix generated test names in get-test-plan tool
testnames: sectionX_ruleY
fix init value

Bug: tint:1159 tint:1158
Change-Id: Icc92668ee141b2631d9705f41a5155d6483f9713
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/64041
Reviewed-by: Sarah Mashayekhi <sarahmashay@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Sarah Mashayekhi <sarahmashay@google.com>
2021-09-13 23:26:00 +00:00
James Price acaecab29d msl: Handle workgroup matrix allocations
Use a threadgroup memory argument for any workgroup variable that
contains a matrix.

The generator now provides a list of threadgroup memory arguments for
each entry point, so that the runtime knows how many bytes to allocate
for each argument.

Bug: tint:938
Change-Id: Ia4af33cd6a44c4f74258793443eb737c2931f5eb
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/64042
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Commit-Queue: James Price <jrprice@google.com>
2021-09-13 19:56:01 +00:00
Sarah de767b1842 validation: fix arrayAcceor/memberAccessor error msg and add unit-tests
Bug: tint:1172
Change-Id: Icbc920dbc6adc9a5c78b8ae7d700b527a4fa48f7
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/64100
Reviewed-by: Ben Clayton <bclayton@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Sarah Mashayekhi <sarahmashay@google.com>
2021-09-13 19:30:19 +00:00
James Price c306cda4db inspector: reflect num_workgroups builtin usage
Dawn needs to know if a given entry point uses this builtin, so that
it can pass this information via a root constant for HLSL.

Bug: tint:752
Change-Id: I8bcd3a343db16774ffedd9db9813451f97f10aba
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/64040
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
2021-09-13 17:11:58 +00:00
James Price 922fce7295 Implement and test num_workgroups for all backends
For HLSL, use the new NumWorkgroupsFromUniform transform, and expose
the binding point to use for the generated uniform as a backend
option.

The MSL mapping is trivial, and it was already implemented for WGSL
and SPIR-V.

Bug: tint:752
Change-Id: I4bd37b5d26181629d72b152fe064a60caf8ecdc5
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63962
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
2021-09-13 17:11:58 +00:00
James Price 77a25c060f transform: Add NumWorkgroupsFromUniform transform
This transform scans entry points for struct parameters that contain
the num_workgroups builtin, and replace accesses to these members with
a value loaded from a uniform buffer.

This will be used by the HLSL backend to implement the num_workgroups
builtin.

Bug: tint:752
Change-Id: Iefab3b14af8a08a6135348fded368a06d932e915
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63961
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
2021-09-13 17:11:58 +00:00
James Price 1bb637195b resolver: Enable the num_workgroups builtin
The subsequent commits will implement this for all remaining backends.

Bug: tint:752
Change-Id: Id26f920fea93b5678466705612dcbfc229dc878a
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63921
Reviewed-by: Ben Clayton <bclayton@google.com>
Kokoro: James Price <jrprice@google.com>
2021-09-13 17:11:58 +00:00
David Neto d705a13599 Fix typo in a comment
Change-Id: I85aa498e6f593567b361f01734af1e8eb586ceba
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/64080
Auto-Submit: David Neto <dneto@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Commit-Queue: Ben Clayton <bclayton@google.com>
2021-09-13 15:18:59 +00:00
James Price f66f651374 transform/BindingRemapper: Validate access mode
Ensure that remapped access modes are valid enum values.

NB: This is hard to test, as UBSan flags an out-of-range enum value as
a hard error.

Fixed: chromium:1248754, chromium:1248755
Change-Id: I2e686843134e6a285fb8316a1960fc4eadff2a93
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/64120
Auto-Submit: James Price <jrprice@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Ben Clayton <bclayton@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
2021-09-13 14:58:39 +00:00
Ben Clayton 2ebcb93cb3 reader/spiv: Fix typo in entry-point IO sorting
We were sorting the inputs twice.
Also make use the UniqueVector::operator std::vector() to simplify the code a little.

Doesn't appear to change any tests.
Just spotted while looking through code.

Change-Id: Iddb433b9c8c429f32b40a10cf466c712fde7a317
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63701
Auto-Submit: Ben Clayton <bclayton@google.com>
Commit-Queue: David Neto <dneto@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: David Neto <dneto@google.com>
2021-09-10 15:25:13 +00:00
James Price ebab7d2f7a spirv: Remove the sanitizer transform
Invoke the required transforms directly in the SPIR-V backend.

Change-Id: I78dc667d5c4c9c1d4da13ef5a99ece831c103982
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63801
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
2021-09-09 14:40:07 +00:00
James Price 5b3be6a64a hlsl: Remove the sanitizer transform
Invoke the required transforms directly in the HLSL backend.

Change-Id: I9465fef375dd4dad6a91c1e7e16ede6401b9bfc0
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63800
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
2021-09-09 14:40:07 +00:00
Ben Clayton 25517e9ce8 resolver: Validate unreachable stmts when terminator is in block(s)
Will requires updating the WGSL spec, which currently has rules looser than SPIR-V.

Fixed: tint:1167
Bug: chromium:1246163
Change-Id: Ie8fcfabc0bb89c7fb69c345475ff99c07fa04172
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63560
Commit-Queue: Ben Clayton <bclayton@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: David Neto <dneto@google.com>
Auto-Submit: Ben Clayton <bclayton@google.com>
2021-09-09 12:38:19 +00:00
James Price 733addc20f msl: Remove the sanitizer transform
Invoke the required transforms directly in the MSL backend.

Change-Id: Id8026b1a64415fbe363f8f8a5790e8216cd12c68
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63620
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Commit-Queue: James Price <jrprice@google.com>
2021-09-08 19:57:47 +00:00
James Price 5910ec1e8a Output WGSL instead of SPIR-V in transform fuzzers
Generating SPIR-V can cause validation failures when out-of-bounds
accesses are performed, since we are not running the robustness
transform.

Bug: chromium:1246061
Change-Id: Ied58d77d90079d10d5579d2d55854c3cfbc18db5
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63640
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Commit-Queue: James Price <jrprice@google.com>
2021-09-08 18:08:36 +00:00
Ben Clayton b7bcbf0d20 Resolver: Traverse expressions without recursion
This CL changes the way that the resolver traverses expressions to avoid stack overflows for deeply nested expressions.

Instead of having the expression resolver methods call back into
Expression(), add a TraverseExpressions() method that collects all the
expression nodes with a simple DFS.

This currently only changes the way that Expressions are traversed. We
may need to do the same for statements.

Bug: chromium:1246375
Change-Id: Ie81905da1b790b6dd1df9f1ac42e06593d397c21
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63700
Auto-Submit: Ben Clayton <bclayton@google.com>
Reviewed-by: David Neto <dneto@google.com>
Commit-Queue: Ben Clayton <bclayton@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
2021-09-08 15:18:36 +00:00
David Neto be514a1efb wgsl-reader: hex float: zero mantissa results in zero result
When the magnitude is zero, then we don't care about the magnitude
of the exponent. The result value is always zero, without emitting
an error.

Fixed: tint:1166
Change-Id: I303d7c336e7ea42719571854f0a22cbfd19da32c
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63520
Kokoro: Kokoro <noreply+kokoro@google.com>
Auto-Submit: David Neto <dneto@google.com>
Reviewed-by: Antonio Maiorano <amaiorano@google.com>
Commit-Queue: Antonio Maiorano <amaiorano@google.com>
2021-09-08 13:46:51 +00:00
James Price 676ec7cf99 spirv: Handle sample_mask in shader IO transform
This is easy to do while we are processing builtins in the main
transform now that we use wrapper functions.

This is step towards removing the sanitizers completely.

Change-Id: If5472ce552e3cce1e5905916eeffa8fef90461c9
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63585
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
2021-09-07 18:59:21 +00:00
James Price 1b9ed7de4a msl/module-scope-var: Add unit test for folding &*
As noted in the CL that folded &* during this transform, we were
missing a unit test for this:
https://dawn-review.googlesource.com/c/tint/+/60520

Bug: tint:1086
Change-Id: I61941d40dbcc478e8cc2672144186e5c0f10e587
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63584
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
2021-09-07 18:59:21 +00:00
James Price 3646400342 transform: Add ModuleScopeVarToEntryPointParam
This is the HandleModuleScopeVars() part of the MSL sanitizer moved
verbatim to a standalone transform. The transform code is unchanged,
but some expected test outputs are different as this is now tested in
isolation instead of along with the rest of the sanitizer transforms.

This is step towards removing the sanitizers completely.

Change-Id: I7be826e2119451fc2ce2891740cc94f978e7d5a1
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63583
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
2021-09-07 18:59:21 +00:00
James Price b584b374a1 transform: Add transform to add empty entry point
Use this from the HLSL and SPIR-V sanitizers, instead of duplicating
this logic for them.

This is step towards removing the sanitizers completely.

Change-Id: Ifa9f23d84fd3505d30a928c260181a699c5f1783
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63582
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
2021-09-07 18:59:21 +00:00
Sarah e980ac1699 tools: parses wgsl spec and outputs a test plan (get-test-plan)
Change-Id: Id05013c862d168afbd7820a36a67d81ef0b7b01f
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/62980
Auto-Submit: Sarah Mashayekhi <sarahmashay@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Sarah Mashayekhi <sarahmashay@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
2021-09-07 17:14:54 +00:00
James Price c77214d52d Move array accessor tests to their own file
No new tests or any changes, just moving to a separate file in
preparation for adding lots more of these tests soon.

Change-Id: Iaa7eef52384e702c395a6db312fef19e22507644
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63580
Kokoro: Kokoro <noreply+kokoro@google.com>
Auto-Submit: James Price <jrprice@google.com>
Reviewed-by: Antonio Maiorano <amaiorano@google.com>
Commit-Queue: James Price <jrprice@google.com>
2021-09-07 14:48:24 +00:00
Sarah ed18f2f8c3 fix roller: added missed renames of tint_regex_fuzzer_libfuzzer_options
Missed rename from https://dawn-review.googlesource.com/c/tint/+/63180
In a prior CL I fixed tint_ast_fuzzer_libfuzzer_options

Change-Id: I4c3bc6e2046fc986ff2ce749ecbdae2a860f8d93
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63521
Reviewed-by: Sarah Mashayekhi <sarahmashay@google.com>
Commit-Queue: Sarah Mashayekhi <sarahmashay@google.com>
Auto-Submit: Sarah Mashayekhi <sarahmashay@google.com>
Kokoro: Sarah Mashayekhi <sarahmashay@google.com>
2021-09-03 23:26:48 +00:00
Sarah 485a45dc05 fix roller: added missed renames of tint_fuzzer_common_libfuzzer_options
Missed in https://dawn-review.googlesource.com/c/tint/+/63180

Change-Id: I7f51fc91617feb481e69713ad4c9fc0297b7f235
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63500
Reviewed-by: Antonio Maiorano <amaiorano@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Sarah Mashayekhi <sarahmashay@google.com>
2021-09-03 22:19:26 +00:00
Antonio Maiorano 17e83de54f Fix UB when parsing HexFloat with large exponents
During HexFloat parsing, if exponent was too large, we would overflow
the signed integer being used to store its value. We now use an uint32_t
to avoid UB, then convert to int32_t when it's safe to do so.

Also error out if the input exponent is > INT_MAX - 127, which ensures
we will not wrap around and produce an invalid result when adding the
exponent bias of 127.

Bug: chromium:1240048
Bug: tint:1150
Change-Id: I1b57b2c965358b803ebb68ea70b76e759cdd3939
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63120
Reviewed-by: David Neto <dneto@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Antonio Maiorano <amaiorano@google.com>
2021-09-03 19:40:36 +00:00
Antonio Maiorano 604c70d3e6 Fix build when TINT_BUILD_[WGSL|SPV|MSL|HLSL]_[READER|WRITER] are toggled off
- Locally tested with each of the 6 options turned off alone, and fixed
the build.

- Added an incremental build to the Linux Kokoro build with all these
flags disabled, which will help catch a subset of build issues related
to these flags.

Bug: tint:1139
Change-Id: I40eaaea31d88879aa19eac3f17c47b7e7d7a477f
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63241
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Commit-Queue: Antonio Maiorano <amaiorano@google.com>
2021-09-03 14:16:56 +00:00
Alastair Donaldson 937a658b58 Avoid i386 compile error related to comparison
Adds casts to uint64_t so that a comparison between size_t and the
largest possible uint32_t value does not lead to a tautological warning
when building for i386.

Fixes tint:1162

Change-Id: Ib18140805d443d51bb7e48c9e345b21b9d5651fb
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63440
Auto-Submit: Alastair Donaldson <afdx@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Commit-Queue: Alastair Donaldson <afdx@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
2021-09-03 12:31:30 +00:00
Ryan Harrison 5dc0ea7cce Unify fuzzer random number generation into a single class
BUG=tint:1098

Change-Id: I84931804515487d931bbbb5f0d5239d03ca76dfc
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63300
Auto-Submit: Ryan Harrison <rharrison@chromium.org>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Alastair Donaldson <afdx@google.com>
2021-09-03 00:59:35 +00:00
Alastair Donaldson 6a1eb45961 Adapt fuzzer CMake rules for OSS-Fuzz
Refactors the CMake rules for the tint fuzzers so that when OSS-Fuzz is
controlling the build process no specific fuzzer options are used. This
allows OSS-Fuzz to fully control the fuzzing engine.

Change-Id: Ic4423b981df12e66a14ca8f53c97168ac28bfa39
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63342
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Alastair Donaldson <afdx@google.com>
Auto-Submit: Alastair Donaldson <afdx@google.com>
Reviewed-by: Antonio Maiorano <amaiorano@google.com>
2021-09-02 23:49:25 +00:00
Ryan Harrison 5093b9fe4d Add options to fuzzer to improve performance
Since the APIs being tested take in strings, using
onlyascii.
Restricting the size of test cases, so that we get more
diverse smaller test cases, instead of generating 1MB of 0s.

BUG=tint:1095,tint:1096

Change-Id: I0590bf0146c3395278ead362e2add328f669aea7
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63180
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Ben Clayton <bclayton@google.com>
Auto-Submit: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Ben Clayton <bclayton@google.com>
2021-09-02 19:59:35 +00:00
Alastair Donaldson 3e70f3e2ac Add black box fuzzer target
Adds a stand-alone executable that serves as an entry point for black
box fuzzing. It reads data from a given file, and then calls into the
same code that the libFuzzer fuzzer targets do.

Fixes: tint:1151
Change-Id: I23f4c5b4aa7040f434c791404136422f5c8ee12a
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63341
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
2021-09-02 15:55:01 +00:00
Alastair Donaldson 03cd484247 Fix typo in comment
Change-Id: Ib084dd47a7ad37a64d8abe9cc577f6b05b91a913
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63340
Auto-Submit: Alastair Donaldson <afdx@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
2021-09-02 14:50:50 +00:00
James Price 4cc4315d6c Allow array size to be a module-scope constant
Change ast::Array to use an ast::Expression for its `size` field. The
WGSL frontend now parses the array size as an `primary_expression`,
and the Resolver is responsible for validating the expression is a
signed or unsigned integer, and either a literal or a non-overridable
module-scope constant.

The Resolver evaluates the constant value of the size expression, and
so the resolved sem::Array type still has a constant size as before.

Fixed: tint:1068
Fixed: tint:1117

Change-Id: Icfa141482ea1e47ea8c21a25e9eb48221f176e9a
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63061
Auto-Submit: James Price <jrprice@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: James Price <jrprice@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
2021-09-02 13:49:59 +00:00
James Price 69ce5f74ed validation: Reject constructors in workgroup_size
WGSL only allows literals and identifiers as arguments to
workgroup_size.

Also, change "parameter" to "argument" in the workgroup_size error
messages.

Change-Id: Ibd252a7c2f08464d9cdea62707e64a8e4f12893a
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63320
Auto-Submit: James Price <jrprice@google.com>
Commit-Queue: Ben Clayton <bclayton@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
2021-09-02 10:05:19 +00:00
James Price cf57896d52 writer/wgsl: Simplify workgroup_size emission
We can just use the top-level EmitExpression() here.

Change-Id: I3ab346525b6d49f6a986abb5d89aa792171c1db3
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63060
Auto-Submit: James Price <jrprice@google.com>
Commit-Queue: Ben Clayton <bclayton@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
2021-09-02 09:49:50 +00:00
Alastair Donaldson 44a0adf9b4 Fuzzers: Avoid passing target backend as parameter
Changes various fuzz targets so that the target back-end language (HLSL,
MSL, SPIR-V or WGSL) is no longer passed as a command line argument, but
instead baked into the fuzzer's binary. This avoids a problem whereby a
ClusterFuzz bug reproducer does not use the required back-end command
line argument.

Change-Id: I64402a23391ca0f24c9d1ffd2aa2f218cc7106b1
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63163
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Alastair Donaldson <afdx@google.com>
2021-08-31 22:07:17 +00:00
Ben Clayton 14ac047d45 transform/BindingRemapper: Error if attempting to change access control of non-storage var
The clusterfuzz fuzzers are attempting to change the access control of a uniform variable, which produces a program that does not validate.

Create an error diagnostic tagged with diag::System::Transform, which the fuzzers recognise as being invalid configuration to the transform.

Fixed: chromium:1244999
Change-Id: I2d4f2dfd4f2218ac81172003872494acb027323b
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63141
Auto-Submit: Ben Clayton <bclayton@google.com>
Commit-Queue: David Neto <dneto@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: David Neto <dneto@google.com>
2021-08-31 20:27:56 +00:00
Ben Clayton 16edcf9b03 reader/wgsl: Error for unconsumed decorations
When applied to valid module-scope declarations.

Fixed: chromium:1244349
Change-Id: Icb19200cae751ac70974481693ecbcf48fd627f0
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63160
Auto-Submit: Ben Clayton <bclayton@google.com>
Commit-Queue: James Price <jrprice@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: James Price <jrprice@google.com>
2021-08-31 18:58:26 +00:00
Antonio Maiorano 0eaee0cda2 CMake: add TINT_BUILD_SAMPLES option (default ON)
If enabled, will build targets in the samples subfolder, which currently
only includes the "tint" executable.

Bug: tint:1140
Change-Id: I354d9b6e39ca2cd243649effedaebe3e0b97fc2f
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63240
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Commit-Queue: Antonio Maiorano <amaiorano@google.com>
2021-08-31 18:43:36 +00:00