1 // Copyright (c) 2015-2016 The Khronos Group Inc.
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 // http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14
15 #include "source/val/validate.h"
16
17 #include <cassert>
18 #include <cstdio>
19
20 #include <algorithm>
21 #include <functional>
22 #include <iterator>
23 #include <memory>
24 #include <sstream>
25 #include <string>
26 #include <vector>
27
28 #include "source/binary.h"
29 #include "source/diagnostic.h"
30 #include "source/enum_string_mapping.h"
31 #include "source/extensions.h"
32 #include "source/instruction.h"
33 #include "source/opcode.h"
34 #include "source/operand.h"
35 #include "source/spirv_constant.h"
36 #include "source/spirv_endian.h"
37 #include "source/spirv_target_env.h"
38 #include "source/spirv_validator_options.h"
39 #include "source/val/construct.h"
40 #include "source/val/function.h"
41 #include "source/val/instruction.h"
42 #include "source/val/validation_state.h"
43 #include "spirv-tools/libspirv.h"
44
45 namespace {
46 // TODO(issue 1950): The validator only returns a single message anyway, so no
47 // point in generating more than 1 warning.
48 static uint32_t kDefaultMaxNumOfWarnings = 1;
49 } // namespace
50
51 namespace spvtools {
52 namespace val {
53 namespace {
54
55 // TODO(umar): Validate header
56 // TODO(umar): The binary parser validates the magic word, and the length of the
57 // header, but nothing else.
setHeader(void * user_data,spv_endianness_t,uint32_t,uint32_t version,uint32_t generator,uint32_t id_bound,uint32_t)58 spv_result_t setHeader(void* user_data, spv_endianness_t, uint32_t,
59 uint32_t version, uint32_t generator, uint32_t id_bound,
60 uint32_t) {
61 // Record the ID bound so that the validator can ensure no ID is out of bound.
62 ValidationState_t& _ = *(reinterpret_cast<ValidationState_t*>(user_data));
63 _.setIdBound(id_bound);
64 _.setGenerator(generator);
65 _.setVersion(version);
66
67 return SPV_SUCCESS;
68 }
69
70 // Parses OpExtension instruction and registers extension.
RegisterExtension(ValidationState_t & _,const spv_parsed_instruction_t * inst)71 void RegisterExtension(ValidationState_t& _,
72 const spv_parsed_instruction_t* inst) {
73 const std::string extension_str = spvtools::GetExtensionString(inst);
74 Extension extension;
75 if (!GetExtensionFromString(extension_str.c_str(), &extension)) {
76 // The error will be logged in the ProcessInstruction pass.
77 return;
78 }
79
80 _.RegisterExtension(extension);
81 }
82
83 // Parses the beginning of the module searching for OpExtension instructions.
84 // Registers extensions if recognized. Returns SPV_REQUESTED_TERMINATION
85 // once an instruction which is not SpvOpCapability and SpvOpExtension is
86 // encountered. According to the SPIR-V spec extensions are declared after
87 // capabilities and before everything else.
ProcessExtensions(void * user_data,const spv_parsed_instruction_t * inst)88 spv_result_t ProcessExtensions(void* user_data,
89 const spv_parsed_instruction_t* inst) {
90 const SpvOp opcode = static_cast<SpvOp>(inst->opcode);
91 if (opcode == SpvOpCapability) return SPV_SUCCESS;
92
93 if (opcode == SpvOpExtension) {
94 ValidationState_t& _ = *(reinterpret_cast<ValidationState_t*>(user_data));
95 RegisterExtension(_, inst);
96 return SPV_SUCCESS;
97 }
98
99 // OpExtension block is finished, requesting termination.
100 return SPV_REQUESTED_TERMINATION;
101 }
102
ProcessInstruction(void * user_data,const spv_parsed_instruction_t * inst)103 spv_result_t ProcessInstruction(void* user_data,
104 const spv_parsed_instruction_t* inst) {
105 ValidationState_t& _ = *(reinterpret_cast<ValidationState_t*>(user_data));
106
107 auto* instruction = _.AddOrderedInstruction(inst);
108 _.RegisterDebugInstruction(instruction);
109
110 return SPV_SUCCESS;
111 }
112
printDot(const ValidationState_t & _,const BasicBlock & other)113 void printDot(const ValidationState_t& _, const BasicBlock& other) {
114 std::string block_string;
115 if (other.successors()->empty()) {
116 block_string += "end ";
117 } else {
118 for (auto block : *other.successors()) {
119 block_string += _.getIdName(block->id()) + " ";
120 }
121 }
122 printf("%10s -> {%s\b}\n", _.getIdName(other.id()).c_str(),
123 block_string.c_str());
124 }
125
PrintBlocks(ValidationState_t & _,Function func)126 void PrintBlocks(ValidationState_t& _, Function func) {
127 assert(func.first_block());
128
129 printf("%10s -> %s\n", _.getIdName(func.id()).c_str(),
130 _.getIdName(func.first_block()->id()).c_str());
131 for (const auto& block : func.ordered_blocks()) {
132 printDot(_, *block);
133 }
134 }
135
136 #ifdef __clang__
137 #define UNUSED(func) [[gnu::unused]] func
138 #elif defined(__GNUC__)
139 #define UNUSED(func) \
140 func __attribute__((unused)); \
141 func
142 #elif defined(_MSC_VER)
143 #define UNUSED(func) func
144 #endif
145
UNUSED(void PrintDotGraph (ValidationState_t & _,Function func))146 UNUSED(void PrintDotGraph(ValidationState_t& _, Function func)) {
147 if (func.first_block()) {
148 std::string func_name(_.getIdName(func.id()));
149 printf("digraph %s {\n", func_name.c_str());
150 PrintBlocks(_, func);
151 printf("}\n");
152 }
153 }
154
ValidateForwardDecls(ValidationState_t & _)155 spv_result_t ValidateForwardDecls(ValidationState_t& _) {
156 if (_.unresolved_forward_id_count() == 0) return SPV_SUCCESS;
157
158 std::stringstream ss;
159 std::vector<uint32_t> ids = _.UnresolvedForwardIds();
160
161 std::transform(
162 std::begin(ids), std::end(ids),
163 std::ostream_iterator<std::string>(ss, " "),
164 bind(&ValidationState_t::getIdName, std::ref(_), std::placeholders::_1));
165
166 auto id_str = ss.str();
167 return _.diag(SPV_ERROR_INVALID_ID, nullptr)
168 << "The following forward referenced IDs have not been defined:\n"
169 << id_str.substr(0, id_str.size() - 1);
170 }
171
CalculateNamesForEntryPoint(ValidationState_t & _,const uint32_t id)172 std::vector<std::string> CalculateNamesForEntryPoint(ValidationState_t& _,
173 const uint32_t id) {
174 auto id_descriptions = _.entry_point_descriptions(id);
175 auto id_names = std::vector<std::string>();
176 id_names.reserve((id_descriptions.size()));
177
178 for (auto description : id_descriptions) id_names.push_back(description.name);
179
180 return id_names;
181 }
182
ValidateEntryPointNameUnique(ValidationState_t & _,const uint32_t id)183 spv_result_t ValidateEntryPointNameUnique(ValidationState_t& _,
184 const uint32_t id) {
185 auto id_names = CalculateNamesForEntryPoint(_, id);
186 const auto names =
187 std::unordered_set<std::string>(id_names.begin(), id_names.end());
188
189 if (id_names.size() != names.size()) {
190 std::sort(id_names.begin(), id_names.end());
191 for (size_t i = 0; i < id_names.size() - 1; i++) {
192 if (id_names[i] == id_names[i + 1]) {
193 return _.diag(SPV_ERROR_INVALID_BINARY, _.FindDef(id))
194 << "Entry point name \"" << id_names[i]
195 << "\" is not unique, which is not allow in WebGPU env.";
196 }
197 }
198 }
199
200 for (const auto other_id : _.entry_points()) {
201 if (other_id == id) continue;
202 const auto other_id_names = CalculateNamesForEntryPoint(_, other_id);
203 for (const auto other_id_name : other_id_names) {
204 if (names.find(other_id_name) != names.end()) {
205 return _.diag(SPV_ERROR_INVALID_BINARY, _.FindDef(id))
206 << "Entry point name \"" << other_id_name
207 << "\" is not unique, which is not allow in WebGPU env.";
208 }
209 }
210 }
211
212 return SPV_SUCCESS;
213 }
214
ValidateEntryPointNamesUnique(ValidationState_t & _)215 spv_result_t ValidateEntryPointNamesUnique(ValidationState_t& _) {
216 for (const auto id : _.entry_points()) {
217 auto result = ValidateEntryPointNameUnique(_, id);
218 if (result != SPV_SUCCESS) return result;
219 }
220 return SPV_SUCCESS;
221 }
222
223 // Entry point validation. Based on 2.16.1 (Universal Validation Rules) of the
224 // SPIRV spec:
225 // * There is at least one OpEntryPoint instruction, unless the Linkage
226 // capability is being used.
227 // * No function can be targeted by both an OpEntryPoint instruction and an
228 // OpFunctionCall instruction.
229 //
230 // Additionally enforces that entry points for Vulkan and WebGPU should not have
231 // recursion. And that entry names should be unique for WebGPU.
ValidateEntryPoints(ValidationState_t & _)232 spv_result_t ValidateEntryPoints(ValidationState_t& _) {
233 _.ComputeFunctionToEntryPointMapping();
234 _.ComputeRecursiveEntryPoints();
235
236 if (_.entry_points().empty() && !_.HasCapability(SpvCapabilityLinkage)) {
237 return _.diag(SPV_ERROR_INVALID_BINARY, nullptr)
238 << "No OpEntryPoint instruction was found. This is only allowed if "
239 "the Linkage capability is being used.";
240 }
241
242 for (const auto& entry_point : _.entry_points()) {
243 if (_.IsFunctionCallTarget(entry_point)) {
244 return _.diag(SPV_ERROR_INVALID_BINARY, _.FindDef(entry_point))
245 << "A function (" << entry_point
246 << ") may not be targeted by both an OpEntryPoint instruction and "
247 "an OpFunctionCall instruction.";
248 }
249
250 // For Vulkan and WebGPU, the static function-call graph for an entry point
251 // must not contain cycles.
252 if (spvIsWebGPUEnv(_.context()->target_env) ||
253 spvIsVulkanEnv(_.context()->target_env)) {
254 if (_.recursive_entry_points().find(entry_point) !=
255 _.recursive_entry_points().end()) {
256 return _.diag(SPV_ERROR_INVALID_BINARY, _.FindDef(entry_point))
257 << "Entry points may not have a call graph with cycles.";
258 }
259 }
260
261 // For WebGPU all entry point names must be unique.
262 if (spvIsWebGPUEnv(_.context()->target_env)) {
263 const auto result = ValidateEntryPointNamesUnique(_);
264 if (result != SPV_SUCCESS) return result;
265 }
266 }
267
268 return SPV_SUCCESS;
269 }
270
ValidateBinaryUsingContextAndValidationState(const spv_context_t & context,const uint32_t * words,const size_t num_words,spv_diagnostic * pDiagnostic,ValidationState_t * vstate)271 spv_result_t ValidateBinaryUsingContextAndValidationState(
272 const spv_context_t& context, const uint32_t* words, const size_t num_words,
273 spv_diagnostic* pDiagnostic, ValidationState_t* vstate) {
274 auto binary = std::unique_ptr<spv_const_binary_t>(
275 new spv_const_binary_t{words, num_words});
276
277 spv_endianness_t endian;
278 spv_position_t position = {};
279 if (spvBinaryEndianness(binary.get(), &endian)) {
280 return DiagnosticStream(position, context.consumer, "",
281 SPV_ERROR_INVALID_BINARY)
282 << "Invalid SPIR-V magic number.";
283 }
284
285 spv_header_t header;
286 if (spvBinaryHeaderGet(binary.get(), endian, &header)) {
287 return DiagnosticStream(position, context.consumer, "",
288 SPV_ERROR_INVALID_BINARY)
289 << "Invalid SPIR-V header.";
290 }
291
292 if (header.version > spvVersionForTargetEnv(context.target_env)) {
293 return DiagnosticStream(position, context.consumer, "",
294 SPV_ERROR_WRONG_VERSION)
295 << "Invalid SPIR-V binary version "
296 << SPV_SPIRV_VERSION_MAJOR_PART(header.version) << "."
297 << SPV_SPIRV_VERSION_MINOR_PART(header.version)
298 << " for target environment "
299 << spvTargetEnvDescription(context.target_env) << ".";
300 }
301
302 if (header.bound > vstate->options()->universal_limits_.max_id_bound) {
303 return DiagnosticStream(position, context.consumer, "",
304 SPV_ERROR_INVALID_BINARY)
305 << "Invalid SPIR-V. The id bound is larger than the max id bound "
306 << vstate->options()->universal_limits_.max_id_bound << ".";
307 }
308
309 // Look for OpExtension instructions and register extensions.
310 // This parse should not produce any error messages. Hijack the context and
311 // replace the message consumer so that we do not pollute any state in input
312 // consumer.
313 spv_context_t hijacked_context = context;
314 hijacked_context.consumer = [](spv_message_level_t, const char*,
315 const spv_position_t&, const char*) {};
316 spvBinaryParse(&hijacked_context, vstate, words, num_words,
317 /* parsed_header = */ nullptr, ProcessExtensions,
318 /* diagnostic = */ nullptr);
319
320 // Parse the module and perform inline validation checks. These checks do
321 // not require the the knowledge of the whole module.
322 if (auto error = spvBinaryParse(&context, vstate, words, num_words, setHeader,
323 ProcessInstruction, pDiagnostic)) {
324 return error;
325 }
326
327 for (auto& instruction : vstate->ordered_instructions()) {
328 {
329 // In order to do this work outside of Process Instruction we need to be
330 // able to, briefly, de-const the instruction.
331 Instruction* inst = const_cast<Instruction*>(&instruction);
332
333 if (inst->opcode() == SpvOpEntryPoint) {
334 const auto entry_point = inst->GetOperandAs<uint32_t>(1);
335 const auto execution_model = inst->GetOperandAs<SpvExecutionModel>(0);
336 const char* str = reinterpret_cast<const char*>(
337 inst->words().data() + inst->operand(2).offset);
338
339 ValidationState_t::EntryPointDescription desc;
340 desc.name = str;
341
342 std::vector<uint32_t> interfaces;
343 for (size_t j = 3; j < inst->operands().size(); ++j)
344 desc.interfaces.push_back(inst->word(inst->operand(j).offset));
345
346 vstate->RegisterEntryPoint(entry_point, execution_model,
347 std::move(desc));
348 }
349 if (inst->opcode() == SpvOpFunctionCall) {
350 if (!vstate->in_function_body()) {
351 return vstate->diag(SPV_ERROR_INVALID_LAYOUT, &instruction)
352 << "A FunctionCall must happen within a function body.";
353 }
354
355 const auto called_id = inst->GetOperandAs<uint32_t>(2);
356 if (spvIsWebGPUEnv(context.target_env) &&
357 !vstate->IsFunctionCallDefined(called_id)) {
358 return vstate->diag(SPV_ERROR_INVALID_LAYOUT, &instruction)
359 << "For WebGPU, functions need to be defined before being "
360 "called.";
361 }
362
363 vstate->AddFunctionCallTarget(called_id);
364 }
365
366 if (vstate->in_function_body()) {
367 inst->set_function(&(vstate->current_function()));
368 inst->set_block(vstate->current_function().current_block());
369
370 if (vstate->in_block() && spvOpcodeIsBlockTerminator(inst->opcode())) {
371 vstate->current_function().current_block()->set_terminator(inst);
372 }
373 }
374
375 if (auto error = IdPass(*vstate, inst)) return error;
376 }
377
378 if (auto error = CapabilityPass(*vstate, &instruction)) return error;
379 if (auto error = DataRulesPass(*vstate, &instruction)) return error;
380 if (auto error = ModuleLayoutPass(*vstate, &instruction)) return error;
381 if (auto error = CfgPass(*vstate, &instruction)) return error;
382 if (auto error = InstructionPass(*vstate, &instruction)) return error;
383
384 // Now that all of the checks are done, update the state.
385 {
386 Instruction* inst = const_cast<Instruction*>(&instruction);
387 vstate->RegisterInstruction(inst);
388 }
389 if (auto error = UpdateIdUse(*vstate, &instruction)) return error;
390 }
391
392 if (!vstate->has_memory_model_specified())
393 return vstate->diag(SPV_ERROR_INVALID_LAYOUT, nullptr)
394 << "Missing required OpMemoryModel instruction.";
395
396 if (vstate->in_function_body())
397 return vstate->diag(SPV_ERROR_INVALID_LAYOUT, nullptr)
398 << "Missing OpFunctionEnd at end of module.";
399
400 // Catch undefined forward references before performing further checks.
401 if (auto error = ValidateForwardDecls(*vstate)) return error;
402
403 // Validate individual opcodes.
404 for (size_t i = 0; i < vstate->ordered_instructions().size(); ++i) {
405 auto& instruction = vstate->ordered_instructions()[i];
406
407 // Keep these passes in the order they appear in the SPIR-V specification
408 // sections to maintain test consistency.
409 // Miscellaneous
410 if (auto error = DebugPass(*vstate, &instruction)) return error;
411 if (auto error = AnnotationPass(*vstate, &instruction)) return error;
412 if (auto error = ExtensionPass(*vstate, &instruction)) return error;
413 if (auto error = ModeSettingPass(*vstate, &instruction)) return error;
414 if (auto error = TypePass(*vstate, &instruction)) return error;
415 if (auto error = ConstantPass(*vstate, &instruction)) return error;
416 if (auto error = MemoryPass(*vstate, &instruction)) return error;
417 if (auto error = FunctionPass(*vstate, &instruction)) return error;
418 if (auto error = ImagePass(*vstate, &instruction)) return error;
419 if (auto error = ConversionPass(*vstate, &instruction)) return error;
420 if (auto error = CompositesPass(*vstate, &instruction)) return error;
421 if (auto error = ArithmeticsPass(*vstate, &instruction)) return error;
422 if (auto error = BitwisePass(*vstate, &instruction)) return error;
423 if (auto error = LogicalsPass(*vstate, &instruction)) return error;
424 if (auto error = ControlFlowPass(*vstate, &instruction)) return error;
425 if (auto error = DerivativesPass(*vstate, &instruction)) return error;
426 if (auto error = AtomicsPass(*vstate, &instruction)) return error;
427 if (auto error = PrimitivesPass(*vstate, &instruction)) return error;
428 if (auto error = BarriersPass(*vstate, &instruction)) return error;
429 // Group
430 // Device-Side Enqueue
431 // Pipe
432 if (auto error = NonUniformPass(*vstate, &instruction)) return error;
433
434 if (auto error = LiteralsPass(*vstate, &instruction)) return error;
435 }
436
437 // Validate the preconditions involving adjacent instructions. e.g. SpvOpPhi
438 // must only be preceeded by SpvOpLabel, SpvOpPhi, or SpvOpLine.
439 if (auto error = ValidateAdjacency(*vstate)) return error;
440
441 if (auto error = ValidateEntryPoints(*vstate)) return error;
442 // CFG checks are performed after the binary has been parsed
443 // and the CFGPass has collected information about the control flow
444 if (auto error = PerformCfgChecks(*vstate)) return error;
445 if (auto error = CheckIdDefinitionDominateUse(*vstate)) return error;
446 if (auto error = ValidateDecorations(*vstate)) return error;
447 if (auto error = ValidateInterfaces(*vstate)) return error;
448 // TODO(dsinclair): Restructure ValidateBuiltins so we can move into the
449 // for() above as it loops over all ordered_instructions internally.
450 if (auto error = ValidateBuiltIns(*vstate)) return error;
451 // These checks must be performed after individual opcode checks because
452 // those checks register the limitation checked here.
453 for (const auto inst : vstate->ordered_instructions()) {
454 if (auto error = ValidateExecutionLimitations(*vstate, &inst)) return error;
455 }
456
457 return SPV_SUCCESS;
458 }
459
460 } // namespace
461
ValidateBinaryAndKeepValidationState(const spv_const_context context,spv_const_validator_options options,const uint32_t * words,const size_t num_words,spv_diagnostic * pDiagnostic,std::unique_ptr<ValidationState_t> * vstate)462 spv_result_t ValidateBinaryAndKeepValidationState(
463 const spv_const_context context, spv_const_validator_options options,
464 const uint32_t* words, const size_t num_words, spv_diagnostic* pDiagnostic,
465 std::unique_ptr<ValidationState_t>* vstate) {
466 spv_context_t hijack_context = *context;
467 if (pDiagnostic) {
468 *pDiagnostic = nullptr;
469 UseDiagnosticAsMessageConsumer(&hijack_context, pDiagnostic);
470 }
471
472 vstate->reset(new ValidationState_t(&hijack_context, options, words,
473 num_words, kDefaultMaxNumOfWarnings));
474
475 return ValidateBinaryUsingContextAndValidationState(
476 hijack_context, words, num_words, pDiagnostic, vstate->get());
477 }
478
479 } // namespace val
480 } // namespace spvtools
481
spvValidate(const spv_const_context context,const spv_const_binary binary,spv_diagnostic * pDiagnostic)482 spv_result_t spvValidate(const spv_const_context context,
483 const spv_const_binary binary,
484 spv_diagnostic* pDiagnostic) {
485 return spvValidateBinary(context, binary->code, binary->wordCount,
486 pDiagnostic);
487 }
488
spvValidateBinary(const spv_const_context context,const uint32_t * words,const size_t num_words,spv_diagnostic * pDiagnostic)489 spv_result_t spvValidateBinary(const spv_const_context context,
490 const uint32_t* words, const size_t num_words,
491 spv_diagnostic* pDiagnostic) {
492 spv_context_t hijack_context = *context;
493 if (pDiagnostic) {
494 *pDiagnostic = nullptr;
495 spvtools::UseDiagnosticAsMessageConsumer(&hijack_context, pDiagnostic);
496 }
497
498 // This interface is used for default command line options.
499 spv_validator_options default_options = spvValidatorOptionsCreate();
500
501 // Create the ValidationState using the context and default options.
502 spvtools::val::ValidationState_t vstate(&hijack_context, default_options,
503 words, num_words,
504 kDefaultMaxNumOfWarnings);
505
506 spv_result_t result =
507 spvtools::val::ValidateBinaryUsingContextAndValidationState(
508 hijack_context, words, num_words, pDiagnostic, &vstate);
509
510 spvValidatorOptionsDestroy(default_options);
511 return result;
512 }
513
spvValidateWithOptions(const spv_const_context context,spv_const_validator_options options,const spv_const_binary binary,spv_diagnostic * pDiagnostic)514 spv_result_t spvValidateWithOptions(const spv_const_context context,
515 spv_const_validator_options options,
516 const spv_const_binary binary,
517 spv_diagnostic* pDiagnostic) {
518 spv_context_t hijack_context = *context;
519 if (pDiagnostic) {
520 *pDiagnostic = nullptr;
521 spvtools::UseDiagnosticAsMessageConsumer(&hijack_context, pDiagnostic);
522 }
523
524 // Create the ValidationState using the context.
525 spvtools::val::ValidationState_t vstate(&hijack_context, options,
526 binary->code, binary->wordCount,
527 kDefaultMaxNumOfWarnings);
528
529 return spvtools::val::ValidateBinaryUsingContextAndValidationState(
530 hijack_context, binary->code, binary->wordCount, pDiagnostic, &vstate);
531 }
532