Commit Graph

2908 Commits

Author SHA1 Message Date
Alastair Donaldson 6a1eb45961 Adapt fuzzer CMake rules for OSS-Fuzz
Refactors the CMake rules for the tint fuzzers so that when OSS-Fuzz is
controlling the build process no specific fuzzer options are used. This
allows OSS-Fuzz to fully control the fuzzing engine.

Change-Id: Ic4423b981df12e66a14ca8f53c97168ac28bfa39
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63342
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Alastair Donaldson <afdx@google.com>
Auto-Submit: Alastair Donaldson <afdx@google.com>
Reviewed-by: Antonio Maiorano <amaiorano@google.com>
2021-09-02 23:49:25 +00:00
Ryan Harrison 5093b9fe4d Add options to fuzzer to improve performance
Since the APIs being tested take in strings, using
onlyascii.
Restricting the size of test cases, so that we get more
diverse smaller test cases, instead of generating 1MB of 0s.

BUG=tint:1095,tint:1096

Change-Id: I0590bf0146c3395278ead362e2add328f669aea7
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63180
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Ben Clayton <bclayton@google.com>
Auto-Submit: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: Ben Clayton <bclayton@google.com>
2021-09-02 19:59:35 +00:00
Alastair Donaldson 3e70f3e2ac Add black box fuzzer target
Adds a stand-alone executable that serves as an entry point for black
box fuzzing. It reads data from a given file, and then calls into the
same code that the libFuzzer fuzzer targets do.

Fixes: tint:1151
Change-Id: I23f4c5b4aa7040f434c791404136422f5c8ee12a
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63341
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
2021-09-02 15:55:01 +00:00
Alastair Donaldson 03cd484247 Fix typo in comment
Change-Id: Ib084dd47a7ad37a64d8abe9cc577f6b05b91a913
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63340
Auto-Submit: Alastair Donaldson <afdx@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
2021-09-02 14:50:50 +00:00
James Price 4cc4315d6c Allow array size to be a module-scope constant
Change ast::Array to use an ast::Expression for its `size` field. The
WGSL frontend now parses the array size as an `primary_expression`,
and the Resolver is responsible for validating the expression is a
signed or unsigned integer, and either a literal or a non-overridable
module-scope constant.

The Resolver evaluates the constant value of the size expression, and
so the resolved sem::Array type still has a constant size as before.

Fixed: tint:1068
Fixed: tint:1117

Change-Id: Icfa141482ea1e47ea8c21a25e9eb48221f176e9a
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63061
Auto-Submit: James Price <jrprice@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: James Price <jrprice@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
2021-09-02 13:49:59 +00:00
James Price 69ce5f74ed validation: Reject constructors in workgroup_size
WGSL only allows literals and identifiers as arguments to
workgroup_size.

Also, change "parameter" to "argument" in the workgroup_size error
messages.

Change-Id: Ibd252a7c2f08464d9cdea62707e64a8e4f12893a
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63320
Auto-Submit: James Price <jrprice@google.com>
Commit-Queue: Ben Clayton <bclayton@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
2021-09-02 10:05:19 +00:00
James Price cf57896d52 writer/wgsl: Simplify workgroup_size emission
We can just use the top-level EmitExpression() here.

Change-Id: I3ab346525b6d49f6a986abb5d89aa792171c1db3
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63060
Auto-Submit: James Price <jrprice@google.com>
Commit-Queue: Ben Clayton <bclayton@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
2021-09-02 09:49:50 +00:00
Alastair Donaldson 44a0adf9b4 Fuzzers: Avoid passing target backend as parameter
Changes various fuzz targets so that the target back-end language (HLSL,
MSL, SPIR-V or WGSL) is no longer passed as a command line argument, but
instead baked into the fuzzer's binary. This avoids a problem whereby a
ClusterFuzz bug reproducer does not use the required back-end command
line argument.

Change-Id: I64402a23391ca0f24c9d1ffd2aa2f218cc7106b1
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63163
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Alastair Donaldson <afdx@google.com>
2021-08-31 22:07:17 +00:00
Ben Clayton 14ac047d45 transform/BindingRemapper: Error if attempting to change access control of non-storage var
The clusterfuzz fuzzers are attempting to change the access control of a uniform variable, which produces a program that does not validate.

Create an error diagnostic tagged with diag::System::Transform, which the fuzzers recognise as being invalid configuration to the transform.

Fixed: chromium:1244999
Change-Id: I2d4f2dfd4f2218ac81172003872494acb027323b
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63141
Auto-Submit: Ben Clayton <bclayton@google.com>
Commit-Queue: David Neto <dneto@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: David Neto <dneto@google.com>
2021-08-31 20:27:56 +00:00
Ben Clayton 16edcf9b03 reader/wgsl: Error for unconsumed decorations
When applied to valid module-scope declarations.

Fixed: chromium:1244349
Change-Id: Icb19200cae751ac70974481693ecbcf48fd627f0
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63160
Auto-Submit: Ben Clayton <bclayton@google.com>
Commit-Queue: James Price <jrprice@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: James Price <jrprice@google.com>
2021-08-31 18:58:26 +00:00
Antonio Maiorano 0eaee0cda2 CMake: add TINT_BUILD_SAMPLES option (default ON)
If enabled, will build targets in the samples subfolder, which currently
only includes the "tint" executable.

Bug: tint:1140
Change-Id: I354d9b6e39ca2cd243649effedaebe3e0b97fc2f
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63240
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Commit-Queue: Antonio Maiorano <amaiorano@google.com>
2021-08-31 18:43:36 +00:00
Ryan Harrison 5ef8c45683 Check for leading zeros on decimal integer literals
Fixes:tint:1124
Change-Id: I6cab684423081889d27b266628089c55918e1f9f
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/62320
Auto-Submit: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: David Neto <dneto@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
2021-08-31 18:00:17 +00:00
Ben Clayton b09723e58b resolver: Validate that entry points are not called
Fixed: chromium:1245112
Change-Id: Ibe7e686e7688761fd681bb6b1d331adad84f8d61
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/63161
Auto-Submit: Ben Clayton <bclayton@google.com>
Commit-Queue: David Neto <dneto@google.com>
Reviewed-by: Antonio Maiorano <amaiorano@google.com>
Reviewed-by: David Neto <dneto@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
2021-08-31 16:14:46 +00:00
David Neto 293d313bbc spirv-reader: reject empty structure types
SPIR-V supports them but WGSL does not.

Fixed: chromium:1230976
Change-Id: I27dbbf4a0f584bcff7355bf513bbd2b924dc349b
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/62922
Auto-Submit: David Neto <dneto@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: James Price <jrprice@google.com>
Commit-Queue: James Price <jrprice@google.com>
2021-08-27 18:07:38 +00:00
David Neto d30c07e4df spirv-reader: check conversion of a result type
Bug: chromium:1230976
Change-Id: I793e437f298be3f34a80da7b43ee779fc122e6a8
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/62921
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: James Price <jrprice@google.com>
Commit-Queue: James Price <jrprice@google.com>
Auto-Submit: David Neto <dneto@google.com>
2021-08-27 15:26:06 +00:00
Ben Clayton 231648c6a9 resolver: Validate storage class for var initializers
Bug: chromium:1243418
Change-Id: Ia0cec7d77767783b2a3b85400a03c805b51699d8
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/62942
Commit-Queue: David Neto <dneto@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: David Neto <dneto@google.com>
2021-08-27 14:54:47 +00:00
Ben Clayton e9fdd50443 writer/spirv: Fix stack-use-after-return
Never create semantic types on the stack.
Always use ProgramBuilder::create().

These stack pointers have a tendency of being stored, either by other
types as sub-types, or by maps (see associated bug).

Also, there's a lot of logic that assumes that semantic types are
de-duplicated, and that you can compare pointers. Creating new instances
on the stack will break this in exciting ways.

Fixed: chromium:1243944
Change-Id: I40a652f8c424030106adad2e6531287af13c8714
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/62943
Auto-Submit: Ben Clayton <bclayton@google.com>
Commit-Queue: David Neto <dneto@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: David Neto <dneto@google.com>
2021-08-27 14:50:07 +00:00
Ryan Harrison 200cdd2052 Check number of digits in integer during tokenization
While looking ahead to determine if a token is an integer, check the
number of digits to make sure that it can actually fit in the internal
representation.

This is an optimization on the existing code, to cause an early exit
and prevent pathological cases with huge integers from consuming too
much processing time, when they will never succeed.

From a functional perspective this has not effect on whether or not a
token will be accepted as an integer, so almost all of the tests do no
need an update. The one exception is a case where the lexer now
catches the invalid integer earlier in the tokenization, so the error
message is a shorter.

This does not handle the equivalent problem for float literals, though
I believe that only exists for non-hex floats.

BUG=chromium:1240715

Change-Id: I27e43711d5f5eda1d54a4128ba514f810abd0313
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/62280
Auto-Submit: Ryan Harrison <rharrison@chromium.org>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Ben Clayton <bclayton@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
2021-08-27 08:29:37 +00:00
Ben Clayton 9021eb5594 resolver: Allow parameters to shadow globals
In https://dawn-review.googlesource.com/c/tint/+/62444 the Resolver validated that there are no parameters of the same function with the same name, but this also introduced validation that errors if parameters shadow a module-scope variable.

The WGSL spec allows for shadowing, but Tint so far has not implemented this support.

There are transforms that generate functions that presume parameter <-> module-scope variable shadowing is okay. DecomposeMemoryAccess is one of these.

This fixes those transforms which could generate programs that fail validation.

Bug: chromium:1242330
Fixed: tint:1136
Change-Id: Id6ec59bbdb398b3b2a23312115a7c1dadf433e98
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/62900
Reviewed-by: James Price <jrprice@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Ben Clayton <bclayton@google.com>
2021-08-26 15:40:06 +00:00
James Price f9d19719fd Implement atomicSub intrinsic
Polyfill this for HLSL using an atomic add with the operand negated.

Fixed: tint:1130
Change-Id: Ifa32d58973f1b48593ec0f6320f47f4358a5a3a9
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/62760
Auto-Submit: James Price <jrprice@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Ben Clayton <bclayton@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
2021-08-26 15:26:25 +00:00
Alastair Donaldson a96dce9c89 Remove SPIR-V reader fuzzers
Fuzzers that exercise the SPIR-V reader are being moved to OSS-Fuzz.
This change removes them from the Chromium build so that they cease to
be run by ClusterFuzz. The change also applies a small refactoring to
the fuzzer build rules, so that the tint_ast_clone fuzzer is specified
together with other fuzzers that require the WGSL reader and writer.

Bug: chromium:1243084
Change-Id: I4f5d12a679366634c7cad3e7ac18075bb046a8ba
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/62800
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Alastair Donaldson <afdx@google.com>
2021-08-25 16:14:43 +00:00
James Price 87cce20f67 test: Remove many expected files
For these tests, we only really care that we can successfully consume
them and generate valid output for each backend. Having the expected
files in the tree generates significant churn for any change to how we
generate backend code, which makes it hard to inspect diffs.

Change-Id: Ic98c248081144c0fb1791f1303eaf6d459548e3d
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/62720
Reviewed-by: Ben Clayton <bclayton@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: James Price <jrprice@google.com>
2021-08-24 22:49:42 +00:00
Ben Clayton 568136dd10 Reduce OWNERS to 4 people
only picks 5 out of N.

Change-Id: I0e9d2e4bfa1050681dd88af918d040d42484f140
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/62442
Auto-Submit: Ben Clayton <bclayton@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Corentin Wallez <cwallez@chromium.org>
Commit-Queue: Ben Clayton <bclayton@google.com>
2021-08-24 09:59:31 +00:00
James Price 85d2e448de msl: Overload matrix-vector arithmetic operators
These operators are not defined in the metal namespace when the vector
operands are packed.

Fixed: tint:1121
Change-Id: I2e8f4302e08117ca41bac6c05fb24a70d1215740
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/62480
Kokoro: Kokoro <noreply+kokoro@google.com>
Auto-Submit: James Price <jrprice@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
2021-08-23 21:45:23 +00:00
James Price 46978033a7 msl: Only emit packed vectors when the width is 3
MSL vectors with other widths already match WGSL's rules for alignment
and size.

Change-Id: I237052372463ea8323eab47c3b4ca90c6d8afcc3
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/62600
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
2021-08-23 21:45:23 +00:00
Ben Clayton 6d60c046e8 resolver: Validate that parameter names are unique
Fixed: chromium:1242330
Change-Id: I7a5c32f55b5a4d5898c1fe4efeee084dfeb15346
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/62444
Auto-Submit: Ben Clayton <bclayton@google.com>
Commit-Queue: James Price <jrprice@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: James Price <jrprice@google.com>
2021-08-23 19:01:19 +00:00
Ben Clayton 367f5df5c3 castable: Infer Is() TO type from predicate
For the Is() overload that takes a predicate function, infer the cast target type from the single parameter of the predicate.

Removes noise.

Change-Id: Ie6248c776ca1f9d50808e03e9685056fd3819217
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/62441
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Antonio Maiorano <amaiorano@google.com>
Commit-Queue: Ben Clayton <bclayton@google.com>
2021-08-23 15:16:42 +00:00
Ben Clayton 1fa6f5ce9b resolver: Validate calls to void callables
Calls to functions and intrinsics that do not return a value must only be used by a call statement.

Fixed: chromium:1241460
Change-Id: I0f940c942b55a5212367dbf9e261083beb4560ec
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/62440
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: James Price <jrprice@google.com>
Commit-Queue: Ben Clayton <bclayton@google.com>
2021-08-21 08:50:40 +00:00
James Price f6a49d69b4 msl: Add `matrix` to list of reserved keywords
This is in the metal namespace, which we import fully.

Change-Id: I986cdebbe1897ad0b433bc0260480dd8839f93e0
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/62400
Auto-Submit: James Price <jrprice@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Commit-Queue: James Price <jrprice@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
2021-08-20 13:28:09 +00:00
James Price d47a7ef0cf validation: Reject decorations on local variables
These are never valid. The WGSL parser cannot produce them, but the
SPIR-V reader can since these are not always caught by spirv-val.

Fixed: chromium:1239557
Change-Id: Ie19e4534ffb73b61beaa42046b18b2b8a3f7f65b
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/62020
Auto-Submit: James Price <jrprice@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Sarah Mashayekhi <sarahmashay@google.com>
Reviewed-by: Sarah Mashayekhi <sarahmashay@google.com>
2021-08-17 16:09:00 +00:00
James Price 91181b906f Add robustness transform to tint_inspector_fuzzer
Fixed: chromium:1239800
Change-Id: I7d60b683028773697a38454a6902a9093465ade2
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/62140
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: James Price <jrprice@google.com>
2021-08-16 20:48:39 +00:00
James Price 06c86a551e validation: disallow non-constructible assignments
The storage type of an assignment has to be constructible, which
prevents stores to atomic or runtime-sized array types.

Change-Id: Ie7bb703bb4c6953a4ddf0286f39d0d3e17b5b1d2
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/61801
Kokoro: Kokoro <noreply+kokoro@google.com>
Auto-Submit: James Price <jrprice@google.com>
Reviewed-by: Sarah Mashayekhi <sarahmashay@google.com>
2021-08-13 15:20:42 +00:00
James Price cbbb420952 validation: disallow atomic type constructors
The type of a type constructor must be constructible, which forbids
atomics. Add checks for non-constructible types when validating arrays
and structures, and then error on any type that isn't explicitly
matched in the outer function. Replaces the separate check for
pointers, which is no longer necessary.

This also removes the validation for "an expression must not evaluate
to an atomic type". The only test that we had for this is no longer
valid (since the type constructor it used is now rejected). There are
no other ways of hitting this particular error, since other validation
rules will always kick in first.

Change-Id: I2172b57ee4e8ee3066aaf0cedc4a26aaca642376
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/61800
Kokoro: Kokoro <noreply+kokoro@google.com>
Auto-Submit: James Price <jrprice@google.com>
Commit-Queue: Sarah Mashayekhi <sarahmashay@google.com>
Reviewed-by: Sarah Mashayekhi <sarahmashay@google.com>
2021-08-13 15:20:42 +00:00
James Price 8094553c8a msl: Automatically remap binding numbers in exe
Remap all resources into a flat namespace, to allow tests to pass when
multiple resources use the same binding number.

Fixed: tint:959
Change-Id: I58ed07c789e1ea90fc370ceba73b9d8292902549
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/61261
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: James Price <jrprice@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
2021-08-12 19:47:20 +00:00
Ben Clayton 080fdf2ac0 writer/hlsl: UnwrapRef() on atomic types
Fixed: tint:1113
Change-Id: I9aa255f5b308cc4d53b0ea40407cc398096a502c
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/61780
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: James Price <jrprice@google.com>
Commit-Queue: James Price <jrprice@google.com>
Auto-Submit: Ben Clayton <bclayton@google.com>
2021-08-12 18:23:10 +00:00
James Price 13463daa95 test: Add MSL result for test that now passes
The location decoration in the test source was recently changed to fit
in MSL's allowed range.

Change-Id: Ia8ff2cc453f5af3ed084ede42546ef6750bd27a9
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/61260
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
2021-08-12 18:18:41 +00:00
James Price 2cbf265aec transform: Remove unused function
This was shared by the shader IO transforms, but is no longer used
after they were refactored.

Bug: tint:920
Change-Id: I879468bbacda6ecb59c4b49ef2434753df74644c
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/61121
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
2021-08-12 18:18:41 +00:00
James Price 67473c7a6c Add test for var with inferred non-constructible type
Follow up to this bugfix:
https://dawn-review.googlesource.com/c/tint/+/61660

Change-Id: I357e1fd859c844c3285ea6077c0e58d225e01c6e
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/61682
Auto-Submit: James Price <jrprice@google.com>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
2021-08-12 03:40:49 +00:00
Ryan Harrison b73a12cc5d Ensure that string and container are initialized before use
On OSX, under ASAN the fuzzer is causing a null reference due to
.empty() being called on a null.

BUG=chromium:1237630

Change-Id: I73e627eadaa162af451f809c4abe8ec685d8b95c
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/61681
Auto-Submit: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: James Price <jrprice@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
2021-08-12 03:40:31 +00:00
Ryan Harrison 3bcbfc7862 Use foo->source() instead of foo->type()->source() in errors
In these circumstances foo->type() may be null.

BUG=chromium:1238462

Change-Id: I77ed142e3f61f6af52a07e59e290f65613af3514
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/61660
Auto-Submit: Ryan Harrison <rharrison@chromium.org>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: David Neto <dneto@google.com>
Reviewed-by: David Neto <dneto@google.com>
Reviewed-by: James Price <jrprice@google.com>
2021-08-11 19:59:44 +00:00
Shiyu Liu 36747d7046 Remove const from GetNode return type
This is to make sure that compiler won't crash when creating data
types using the result from GetNode function from node_id_map.

Change-Id: I96fad13d3494de4808e29d6952e5e88e697f8516
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/61381
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Vasyl Teliman <vasniktel@gmail.com>
Reviewed-by: Paul Thomson <paulthomson@google.com>
Commit-Queue: Paul Thomson <paulthomson@google.com>
2021-08-11 16:43:45 +00:00
Vasyl Teliman 4ebede411e Run fuzzer unit tests in Kokoro
This CL adjusts the scripts to be able to run AST and regex
fuzzer unit tests in Kokoro. Only clang is supported for now.

Change-Id: Ibc9ebb9cf0dc40f47317abf88875aa738811919d
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/61642
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Vasyl Teliman <vasniktel@gmail.com>
2021-08-11 14:10:05 +00:00
Vasyl Teliman 9e3e54b932 Reuse moved-from tint::Program variables
Currently, it's impossible to move a tint::Program instance into a
variables that has been moved. This CL fixes that.

Bug: tint:1105
Change-Id: Idc04cf2bb569d1cffc2c309117fc4615c41ac76a
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/61640
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
2021-08-11 13:50:24 +00:00
Ryan Harrison 5085efb748 Add robustness pass to ast and regex fuzzers
Fixed: tint:1104
Change-Id: I4ea3aa283c1c4b5e55f507dbc104b21c8bedb63b
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/61521
Auto-Submit: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: James Price <jrprice@google.com>
Commit-Queue: James Price <jrprice@google.com>
Kokoro: James Price <jrprice@google.com>
2021-08-11 13:02:45 +00:00
Ryan Harrison bfb27f00d7 Actually use inputs in vertex pulling fuzzer
I have checked the other fuzzers, and they appear to be correctly
using the generated inputs.

BUG=tint:1099

Fixed: 1099
Change-Id: I691e16ef4130e374894550fcf8e3d5565224a656
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/61440
Auto-Submit: Ryan Harrison <rharrison@chromium.org>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Ryan Harrison <rharrison@chromium.org>
Reviewed-by: James Price <jrprice@google.com>
2021-08-10 18:01:35 +00:00
Shiyu Liu 0c22b1aaea Update node_id_map & FindMutators structure
Added function in node_id_map to check a given id is valid and fresh.

Currently, the structure of FindMutators declares node_id_map as const, which causes issues when we want to call `GetFreshId` from the argument that is passed by reference. A simple work around is to pass a non-const node_id_map as argument directly. That way `GetFreshId` function in node_id_map can continue to be non-const and conveniently update next fresh id whenever a fresh id has been taken.

Change-Id: Ia7e1d247cf92dfefd2ef7e7c1b4bf32363d9ce3f
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/61100
Reviewed-by: Paul Thomson <paulthomson@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Paul Thomson <paulthomson@google.com>
2021-08-10 16:43:15 +00:00
James Price 34f7eedf74 test: Update expected test output
This new test was added around the same time as the entry point IO
rework, so the (now incorrect) test output made it past the bots.

Change-Id: I89fc4041b9cd00cd363ba61d07371554263eca96
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/61460
Auto-Submit: James Price <jrprice@google.com>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: James Price <jrprice@google.com>
2021-08-10 16:16:55 +00:00
Vasyl Teliman 32e905f4cb Fix infinite loop
Fix the infinite loop caused by 6e459fecb7.
That commit changed the behaviour of a sem::Statement::Block method for
sem::BlockStatement instances. Now, the method returns the block itself
instead of the outer block which causes an infinite loop when iterating
over a chain of blocks.

Change-Id: I0eab3f7f166dbe38477bbefd222edb9cf0da53b5
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/61060
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Vasyl Teliman <vasniktel@gmail.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
2021-08-07 17:33:20 +00:00
James Price b2619443d9 reader/spirv: Propagate errors during composite extraction
This prevents nullptr dereferences when invalid OpConstantComposite
instructions make it past spirv-val.

Fixed: chromium:1231650
Change-Id: Iddfe04dcfdce382096ae7dec7af8718b579f7951
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/61080
Auto-Submit: James Price <jrprice@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: James Price <jrprice@google.com>
Reviewed-by: David Neto <dneto@google.com>
2021-08-06 20:31:59 +00:00
Ben Clayton 1a1c42ef12 reader/spirv: Partially handle MatrixStride on matrix arrays
SPIR-V spec states:
> Each structure-type member that is a matrix or array-of-matrices must have be decorated with a MatrixStride Decoration

As already pointed out in https://dawn-review.googlesource.com/c/tint/+/59840, we were not handling arrays-of-matrices.
To do this correctly, we need the ast::StrideDecoration to be placed on the Matrix type, which is a much bigger change to support.
For now, chase the type, and error if we have a custom MatrixStride on an array of matrices, otherwise drop the decoration.

Bug: tint:1049
Fixed: tint:1088
Change-Id: Idcb75b3df88040836a03a14e0ca402ebee7be9a7
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/60923
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: David Neto <dneto@google.com>
Commit-Queue: David Neto <dneto@google.com>
Auto-Submit: Ben Clayton <bclayton@google.com>
2021-08-06 19:48:32 +00:00