spirv-fuzz: add FuzzerPassAddCompositeInserts#3606
spirv-fuzz: add FuzzerPassAddCompositeInserts#3606paulthomson merged 28 commits intoKhronosGroup:masterfrom
Conversation
paulthomson
left a comment
There was a problem hiding this comment.
This looks like a good first attempt! The idea is correct. Please see comments.
0fbb4f0 to
90445bd
Compare
90445bd to
d8116e8
Compare
Vasniktel
left a comment
There was a problem hiding this comment.
PR is looking very nice! I left some comments on various tricky corner cases of the implementation.
6642346 to
5269fb3
Compare
| auto object_instruction = | ||
| ir_context->get_def_use_mgr()->GetDef(message_.object_id()); | ||
| if (object_instruction == nullptr) { | ||
| return false; | ||
| } | ||
|
|
||
| // We ignore pointers for now. Consider adding support for pointer types. | ||
| auto object_instruction_type = | ||
| ir_context->get_type_mgr()->GetType(object_instruction->type_id()); | ||
| // No unused variables in release mode (to keep compilers happy). | ||
| (void)object_instruction_type; | ||
| assert(object_instruction_type->kind() != opt::analysis::Type::kPointer && | ||
| "The object to be inserted cannot be a pointer."); |
There was a problem hiding this comment.
I believe we currently like to imagine that transformations could be applied to ANY module, and they should never crash. This means the IsApplicable method should not crash, but may return false (and so the Apply method will never be called). Theoretically, if Apply was somehow called even though IsApplicable would return false, we are allowed to crash (assert false).
Thus, the instruction found from message_.object_id might end up not having a type id. So you should do if (!object_instruction->type_id()) return false;.
Similarly, I think the assert should not be an assert, and we should instead just return false if object_instruction_type happens to be a pointer type. Also, I think we prefer to use ->AsPointer() (or ->AsInteger(), ->AsFloat(), etc.) to check the type; we will get nullptr if the type is not a pointer (integer, float, etc.).
There was a problem hiding this comment.
Actually, I guess you technically don't need to check that object_instruction->type_id() is non-zero because it is compared with component_to_be_replaced_type_id, which is non-zero. But in general, it does not hurt to check this.
There was a problem hiding this comment.
Indeed. I agree. It was me who requested that we add an assertion here (sorry, @antnkarp).
But now that I think about it, it might indeed be better to use an if statement here. I guess the rule of thumb here is:
if some condition is valid but not supported (like the pointer case above) - use
ifs; otherwise (if the condition is not possible in the current context) - use asserts.
The last part might seem like a waste of time but it helps the reader to understand writer's assumptions about the code.
Vasniktel
left a comment
There was a problem hiding this comment.
Looks very good! I've requested some minor changes to the comments as well as noticed some unhandled corner cases.
| auto object_instruction = | ||
| ir_context->get_def_use_mgr()->GetDef(message_.object_id()); | ||
| if (object_instruction == nullptr) { | ||
| return false; | ||
| } | ||
|
|
||
| // We ignore pointers for now. Consider adding support for pointer types. | ||
| auto object_instruction_type = | ||
| ir_context->get_type_mgr()->GetType(object_instruction->type_id()); | ||
| // No unused variables in release mode (to keep compilers happy). | ||
| (void)object_instruction_type; | ||
| assert(object_instruction_type->kind() != opt::analysis::Type::kPointer && | ||
| "The object to be inserted cannot be a pointer."); |
There was a problem hiding this comment.
Indeed. I agree. It was me who requested that we add an assertion here (sorry, @antnkarp).
But now that I think about it, it might indeed be better to use an if statement here. I guess the rule of thumb here is:
if some condition is valid but not supported (like the pointer case above) - use
ifs; otherwise (if the condition is not possible in the current context) - use asserts.
The last part might seem like a waste of time but it helps the reader to understand writer's assumptions about the code.
5269fb3 to
255de71
Compare
Vasniktel
left a comment
There was a problem hiding this comment.
I haven't done a complete review iteration but I've noticed some issues.
Vasniktel
left a comment
There was a problem hiding this comment.
The changes you made look good! I've found a potential bug, though. I also haven't checked the tests thoroughly yet.
|
I've just noticed that you haven't added your fuzzer pass to This mistake is easy to make so be sure that your other merged transformations don't have it. |
Vasniktel
left a comment
There was a problem hiding this comment.
Looks very good! I've added some minor suggestions. Thanks for your hard work on this one 👍
source/fuzz/fuzzer_pass_replace_adds_subs_muls_with_carrying_extended.cpp
Outdated
Show resolved
Hide resolved
Vasniktel
left a comment
There was a problem hiding this comment.
LGTM. Thanks for your hard work again!
ed0fc93 to
59b43ef
Compare
paulthomson
left a comment
There was a problem hiding this comment.
This looks really good! And thanks for the excellent tests! I am sorry to ask you to refactor them at this stage; perhaps I could have spotted this sooner. But I think this is something Ally would also insist on changing.
paulthomson
left a comment
There was a problem hiding this comment.
Excellent! This is really close. Just one main style violation. And I had previously missed the unrelated changes; I think you should revert those before we merge.
Also, to clarify one of my previous comments; the word "valid" (and invalid) is OK in many cases. I just want us to avoid saying things like "message.id() must be valid"; this comment is incorrect (in my opinion). Because "message.id()" is just a number. It cannot be valid or invalid. What we actually mean is: the id |message.id()| must be found in current module, must exist in the current module, must be defined in the current module, or similar. That is the only case I was concerned with, and I know that there are existing comments in other transformations that say this (and we should change them at some point). Apologies for not being clearer. But the other cases you removed look mostly fine. I have highlighted one case where I think it is a good idea to say that our changes to the module have "invalidated most analyzes".
source/fuzz/fuzzer_pass_replace_adds_subs_muls_with_carrying_extended.cpp
Outdated
Show resolved
Hide resolved
paulthomson
left a comment
There was a problem hiding this comment.
Nice! Just a few final suggestions.
source/fuzz/fuzzer_pass_replace_adds_subs_muls_with_carrying_extended.cpp
Outdated
Show resolved
Hide resolved
source/fuzz/fuzzer_pass_replace_adds_subs_muls_with_carrying_extended.cpp
Outdated
Show resolved
Hide resolved
1fa0c31 to
f1ef91d
Compare
Adds FuzzerPassAddCompositeInserts, which randomly adds new OpCompositeInsert instructions. Each OpCompositeInsert instruction yields a copy of an original composite with one subcomponent replaced with an existing or newly added object. Synonym facts are added for the unchanged components in the original and added composite, and for the replaced subcomponent and the object, if possible. Fixes KhronosGroup#2859
Roll third_party/glslang/ f257e0e..983698b (2 commits) KhronosGroup/glslang@f257e0e...983698b $ git log f257e0e..983698b --date=short --no-merges --format='%ad %ae %s' 2020-08-23 john Revert "Merge pull request KhronosGroup#2371 from RafaelMarinheiro/master" 2020-08-21 julius.ikkala Obey ENABLE_PCH CMake option Created with: roll-dep third_party/glslang Roll third_party/googletest/ adeef1929..1e315c5b1 (14 commits) google/googletest@adeef19...1e315c5 $ git log adeef1929..1e315c5b1 --date=short --no-merges --format='%ad %ae %s' 2020-08-20 absl-team Googletest export 2020-08-17 absl-team Googletest export 2020-08-12 robert.earhart Export LICENSE 2020-08-03 amatanhead Remove ThrowsMessageHasSubstr and fix some nits after review 2020-07-13 amatanhead Cleanup a bulky expression, document implementation details 2020-07-07 amatanhead Fix build under msvc 2020-07-07 amatanhead Update tests after changing an error message 2020-07-07 amatanhead Fix build under msvc 2020-07-07 amatanhead Add a test to ensure that the `Throws` matcher only invokes its argument once. 2020-07-07 amatanhead Add a test for duplicate catch clauses in throw matchers, fix a couple of nitpicks. 2020-07-03 amatanhead Add missing documentation piece 2020-06-20 amatanhead Small improvements: code style and property name 2020-06-20 amatanhead Add matchers for testing exception properties 2018-05-01 lantw44 Avoid using environ on FreeBSD Created with: roll-dep third_party/googletest Roll third_party/spirv-cross/ 4c7944bb4..685f86471 (6 commits) KhronosGroup/SPIRV-Cross@4c7944b...685f864 $ git log 4c7944bb4..685f86471 --date=short --no-merges --format='%ad %ae %s' 2020-08-24 post Run format_all.sh. 2020-08-24 post Work around annoying warning on GCC 10.2. 2020-08-21 post Overhaul how we deal with reserved identifiers. 2020-08-20 post HLSL: Fix FragCoord.w. 2020-08-20 post HLSL: Deal with partially filled 16-byte word in cbuffers. 2020-08-20 post HLSL: Fix bug in is_packing_standard for cbuffer. Created with: roll-dep third_party/spirv-cross Roll third_party/spirv-tools/ b8de4f5..4dd1223 (9 commits) KhronosGroup/SPIRV-Tools@b8de4f5...4dd1223 $ git log b8de4f5..4dd1223 --date=short --no-merges --format='%ad %ae %s' 2020-08-21 andreperezmaselco.developer spirv-fuzz: Add words instead of logical operands (KhronosGroup#3728) 2020-08-20 dnovillo CCP should mark IR changed if it created new constants. (KhronosGroup#3732) 2020-08-19 antonikarp spirv-fuzz: add FuzzerPassAddCompositeInserts (KhronosGroup#3606) 2020-08-19 antonikarp spirv-fuzz: Support pointer types in FuzzerPassAddParameters (KhronosGroup#3627) 2020-08-18 jaebaek Let ADCE pass check DebugScope (KhronosGroup#3703) 2020-08-18 andreperezmaselco.developer spirv-opt: Implement opt::Function::HasEarlyReturn function (KhronosGroup#3711) 2020-08-17 andreperezmaselco.developer spirv-fuzz: Check termination instructions when donating modules (KhronosGroup#3710) 2020-08-17 jackoalan Fix -Wrange-loop-analysis warning (KhronosGroup#3712) 2020-08-17 andreperezmaselco.developer spirv-fuzz: Check header dominance when adding dead block (KhronosGroup#3694) Created with: roll-dep third_party/spirv-tools
Adds FuzzerPassAddCompositeInserts, which randomly adds new
OpCompositeInsert instructions. Each OpCompositeInsert instruction
yields a copy of an original composite with one subcomponent replaced
with an existing or newly added object. Synonym facts are added for the
unchanged components in the original and added composite, and for the
replaced subcomponent and the object, if possible.
Fixes #2859