This CL moves the ArrayCount from a variant to use inheritance. This
will allow the sem to have different array count classes from the IR.
The ArrayCounts, similar to types, are unique across the code base and
are provided by the TypeManager.
Bug: tint:1718
Change-Id: Ib9c7c9df881e7a34cc3def2ff29571f536d66244
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/112441
Commit-Queue: Dan Sinclair <dsinclair@chromium.org>
Reviewed-by: Ben Clayton <bclayton@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Overriding the alignment to 1 would cause nested structures to be
incorrectly laid out. The fix: Don't override the alignment.
All struct layout validation works on the sem offsets, so none of this
has to change.
Bug: tint:1776
Change-Id: Ic01d45fb2790cd823ed9a55e336860ebdc351aea
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/112603
Kokoro: Ben Clayton <bclayton@google.com>
Reviewed-by: Dan Sinclair <dsinclair@chromium.org>
Commit-Queue: Ben Clayton <bclayton@google.com>
This CL adds a Source to the sem::Struct. The uses of
struct->Declaration()->source now use the source stored directly on the
struct.
Bug: tint:1718
Change-Id: I860c67764f85d98b3f655247e18f93fa0fef9436
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/112447
Reviewed-by: Ben Clayton <bclayton@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Dan Sinclair <dsinclair@chromium.org>
This CL pulls the TransitivelyReferencedOverrides from sem::Array and
sem::GlobalVariable up to the sem::Info.
Moving this data outside of sem::Array removes one of the references to
non-Type sem content.
Bug: tint:1718
Change-Id: I40c1c8b2d5ec60dc2723b56cc30cd436e9b7e997
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/112324
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Commit-Queue: Dan Sinclair <dsinclair@chromium.org>
This CL adds a Source to the sem::StructMember. The uses of
member->Declaration()->source now use the source stored directly on the
struct member.
Bug: tint:1718
Change-Id: Ic97053dd3e0080f128ee411857512920d3940858
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/112446
Commit-Queue: Dan Sinclair <dsinclair@chromium.org>
Reviewed-by: Ben Clayton <bclayton@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
This CL changes the uses of Declaration()->symbol for struct members in
the sem to access the `Name` directly.
Bug: tint:1718
Change-Id: I3050147b97bea66d6c283e176a7152f36eb2b25f
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/112444
Commit-Queue: Dan Sinclair <dsinclair@chromium.org>
Reviewed-by: Ben Clayton <bclayton@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Move the validation of usage and address space to helper.
Improve diagnostics.
Fix / clean up tests.
This is in preparation for tint:1553
Change-Id: I2cbc8b851ecf02f214341f8cba6bd52413c42911
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/111880
Commit-Queue: Ben Clayton <bclayton@google.com>
Auto-Submit: Ben Clayton <bclayton@google.com>
Reviewed-by: David Neto <dneto@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Don't return a raw pointer to the map entry's value, instead return a new Reference which re-looks up the entry if the map is mutated.
Change-Id: I031749785faeac98e2a129a776493cb0371a5cb9
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/110540
Reviewed-by: Antonio Maiorano <amaiorano@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Ben Clayton <bclayton@google.com>
Since overrides can be used to size workgroup arrays and also as
initializers to module-scope variables, we cannot just consider
overrides that are directly referenced in the shader functions.
This change makes the Resolver track references to overrides whilst
resolving array types and module-scope variable declarations, so that
they are included in the set of overrides reported by the Inspector in
these scenarios.
Fixed: tint:1762
Change-Id: If7501abf3ddcb87a87134ddd578aa4904d204de6
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/110460
Reviewed-by: Ben Clayton <bclayton@google.com>
Commit-Queue: James Price <jrprice@google.com>
Auto-Submit: James Price <jrprice@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Track reads and writes to pointer parameters for each function in the
Resolver, as well as accesses to module-scope variables. At function
call sites, check the root identifiers of each pointer argument to
determine if problematic aliasing occurs.
The MSL backend passes pointers to sub-objects to functions when
handling workgroup storage variables, which triggers the alias
analysis. Add a validation override for this scenario.
Bug: tint:1675
Change-Id: I81a40d1309df65521cc5ad39764d6a09a260f51e
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/110167
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Commit-Queue: James Price <jrprice@google.com>
This Cl removes the internal infrastructor and backend code
generation for the fallthrough statement.
Bug: tint:1644
Change-Id: I2a1de7d527865e5a7221074f4e0fb106599f4c57
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/109005
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Commit-Queue: Dan Sinclair <dsinclair@chromium.org>
Passing a dereferenced value from Hashmap::Find() directly into Hashmap::Add() is a potential cause of UAF, as the insertion may reallocate the map, invalidating the input reference.
I'll try to think of ways to make this foot-gun harder to do, but this CL fixes the immediate bug found by fuzzers.
Bug: chromium:1383755
Change-Id: I4f8b2fcb0745b008a47ef9947c330afb9ac4e78f
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/110020
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: James Price <jrprice@google.com>
Commit-Queue: Ben Clayton <bclayton@google.com>
Discard statements no longer affect the behavior or uniformity
analysis. Update the resolver, validator, and several tests to reflect
this.
Some E2E tests were removed as they had loops that are now considered
to be infinite.
Use the DemoteToHelper transform to emulate the correct semantics on
platforms where discard is (or may) terminate the invocation in a
manner that would affect derivative operations.
We no longer need the UnwindDiscardFunctions transform for HLSL, which
already implements the correct semantics. However, we still run the
DemoteToHelper transform for the HLSL backend due to issues with FXC's
handling of discard statements (see crbug.com/tint/1118).
Fixed: tint:1723
Change-Id: Ib49ff187919ae81c4af8675e1b66acd57e2ff7d2
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/109003
Reviewed-by: Ben Clayton <bclayton@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: James Price <jrprice@google.com>
This is now a well-defined term in the WGSL spec, so we should use it.
Change-Id: Icc46a77f0a465afbfd39cdaec84e506b143c8c0c
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/109220
Commit-Queue: Ben Clayton <bclayton@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Auto-Submit: James Price <jrprice@google.com>
Invalid values to @binding(), @group() and @location() would fail resolving without an error diagnostic. This later triggers and ICE.
Refactor duplicate @location resolving in 4 places to a single method.
Canonicalize the diagnostic messages for attributes.
Remove a bunch of TODOs
Bug: chromium:1380212
Bug: tint:1633
Change-Id: Id2cc6ba4b807f12f350a2a31ef87fa0f185b64c3
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/108144
Commit-Queue: Ben Clayton <bclayton@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Dan Sinclair <dsinclair@chromium.org>
I got the rules around this wrong. This should be allowed, but the array types cannot compare equal if they are unnamed override-expressions.
Fixed tint:1737
Change-Id: I83dc49703eed015e9c183e804474886da5dad7b9
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/107685
Reviewed-by: James Price <jrprice@google.com>
Commit-Queue: Ben Clayton <bclayton@google.com>
Auto-Submit: Ben Clayton <bclayton@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
This fixes cases where input args of different type are mixed between
constant and runtime evaluated. We initially did this only for builtins
(https://dawn-review.googlesource.com/c/dawn/+/104545) to fix cases like
`select`, but we also need this for binary operators like shift
left/right that also take args of differing types. For consistency, this
change also includes passing in the earliest evaluation stage when
looking up unary ops and initializer/conversions.
Bug: tint:1713
Change-Id: I196c67acfe767aa01aa45298d75cfc4d345d08ea
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/107140
Reviewed-by: Ben Clayton <bclayton@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
DXC will bail if these get too deeply nested (~256).
This is also a risk for stack-overflows, so apply a limit agreed by the
WGSL working group.
Fixed: tint:1518
Change-Id: Idacdba85b36b27a0a89a3a7958fd4c6cce7dc84d
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/105964
Auto-Submit: Ben Clayton <bclayton@google.com>
Commit-Queue: Ben Clayton <bclayton@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: David Neto <dneto@google.com>
This CL adds support for `break-if` to Tint.
Bug: tint:1633, tint:1451
Change-Id: I30dfd62a3e09255624ff76ebe0cdd3a3c7cf9c5f
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/106420
Auto-Submit: Dan Sinclair <dsinclair@chromium.org>
Reviewed-by: Antonio Maiorano <amaiorano@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: dan sinclair <dsinclair@google.com>
This CL fixes up a clusterfuzz issue where the address of a
numeric was take in a case selector leading to a nullptr.
Bug: chromium:1376865
Change-Id: I3b78a17e1c47263e18d2d272ff28c2cc8be79a0e
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/106540
Auto-Submit: Dan Sinclair <dsinclair@chromium.org>
Reviewed-by: Antonio Maiorano <amaiorano@google.com>
Commit-Queue: Dan Sinclair <dsinclair@chromium.org>
Kokoro: Kokoro <noreply+kokoro@google.com>
This CL catches up the internals (along with a few error messages) to
say `initializer` instead of `constructor.
Bug: tint:1600
Change-Id: I8e56572c310d77da1130380bdd32b334f27c8e46
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/106462
Reviewed-by: Antonio Maiorano <amaiorano@google.com>
Auto-Submit: Dan Sinclair <dsinclair@chromium.org>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Antonio Maiorano <amaiorano@google.com>
This CL updates the WGSL parser to parse `default` as a case selector
value.
Bug: tint:1633
Change-Id: I57661d25924e36bec5c03f96399c557fb7bbf760
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/106382
Commit-Queue: Dan Sinclair <dsinclair@chromium.org>
Commit-Queue: Ben Clayton <bclayton@google.com>
Auto-Submit: Dan Sinclair <dsinclair@chromium.org>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
This CL moves switch case statements to store Expression instead
of an IntLiteralExpression. The SEM is updated to store the
materialized constant instead of accessing the expression value
directly.
Bug: tint:1633
Change-Id: Id79dabb806be1049f775299732bc1c7b1bf0c05f
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/106300
Commit-Queue: Dan Sinclair <dsinclair@chromium.org>
Reviewed-by: Ben Clayton <bclayton@google.com>
Auto-Submit: Dan Sinclair <dsinclair@chromium.org>
This CL updates the @location attribute to use expressions instead of
integers.
Bug: tint:1633
Change-Id: If4dfca6d39e5134bb173209414ad8d2528c8095d
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/106121
Reviewed-by: Ben Clayton <bclayton@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Dan Sinclair <dsinclair@chromium.org>
This CL updates the @id attribute to use expressions instead of
integers.
Bug: tint:1633
Change-Id: I3db9ab39f10a7f50f8d1e418ec508d4e709a24ff
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/106120
Auto-Submit: Dan Sinclair <dsinclair@chromium.org>
Commit-Queue: Ben Clayton <bclayton@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Dan Sinclair <dsinclair@chromium.org>
Standardize how we refer to @size, @align and @offset.
Change-Id: I14d462a7e96e35e6c3d6dc5a11cc09f9a95eca15
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/106200
Auto-Submit: Ben Clayton <bclayton@google.com>
Commit-Queue: Dan Sinclair <dsinclair@chromium.org>
Reviewed-by: Dan Sinclair <dsinclair@chromium.org>
Kokoro: Kokoro <noreply+kokoro@google.com>
Variables can be declared in more than just BlockStatement.
For example, for-loops can declare a variable.
Change this to be a map instead of a vector. This helps with lookups.
Change-Id: Ic9429425af70e9535c21cc0875b875f145724266
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/104040
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Antonio Maiorano <amaiorano@google.com>
Commit-Queue: Ben Clayton <bclayton@google.com>
This CL updates the @group and @binding attributes to use
expressions instead of integers.
Bug: tint:1633
Change-Id: I91068874c104d5b84390f1617cb96265dda6e1e0
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/105801
Auto-Submit: Dan Sinclair <dsinclair@chromium.org>
Commit-Queue: Dan Sinclair <dsinclair@chromium.org>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
This CL updates the size attribute to parse expressions.
Bug: tint:1633
Change-Id: Ia12650848e7041faa53013d195f4313b8d3e9969
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/103320
Commit-Queue: Dan Sinclair <dsinclair@chromium.org>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Auto-Submit: Dan Sinclair <dsinclair@chromium.org>
Raise the error on the inner-most expression that violates the required evaluation stage.
Fixed: tint:1655
Change-Id: I82186e72ed6efa1cd6d4456c04446da18e9f1850
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/105640
Commit-Queue: Ben Clayton <bclayton@google.com>
Auto-Submit: Ben Clayton <bclayton@google.com>
Reviewed-by: Dan Sinclair <dsinclair@chromium.org>
Kokoro: Kokoro <noreply+kokoro@google.com>
This is a more neutral term for an unassigned enum value.
Change-Id: Ic69d912472f26fd8a2c8348281b27edfcc145eab
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/105480
Reviewed-by: Dan Sinclair <dsinclair@chromium.org>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Ben Clayton <bclayton@google.com>
This is below the 256x256x64 limits as defined by the WebGPU spec:
https://gpuweb.github.io/gpuweb/#limits
Fixed: tint:1692
Change-Id: I3608eb41094fbc7c77a40ea32f0f7418c31e0a05
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/105401
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: David Neto <dneto@google.com>
Commit-Queue: David Neto <dneto@google.com>
Auto-Submit: Ben Clayton <bclayton@google.com>
Commit-Queue: Ben Clayton <bclayton@chromium.org>
Emits all the enum info from the single-source-of-truth `intrinsics.def` file
Change-Id: Ib9170a2337597d4d81983c446d50582b518c6d71
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/105329
Reviewed-by: Dan Sinclair <dsinclair@chromium.org>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Ben Clayton <bclayton@chromium.org>
Returns a materialization of the given argument.
Bug: tint:1697
Change-Id: Id25f7e10baa884047af21f89245884c551560f7b
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/104822
Reviewed-by: Dan Sinclair <dsinclair@chromium.org>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Ben Clayton <bclayton@google.com>
Using `array count` is closer to the language seen in the spec and
clarifies the error messages.
Bug: chromium:1367602
Change-Id: I24388496b3a58c6a4fc62cc2db91c7ad8ca1a371
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/104241
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Dan Sinclair <dsinclair@chromium.org>
Reviewed-by: Ben Clayton <bclayton@google.com>
This CL adds element count limits to arrays. In FXC there is a maximum
of 65536 elements in an array. This limit is not yet in WGSL, but adding
this here allows us to fix the issue with large arrays and GLSL.
Bug: chromium:1367602
Change-Id: I7df9d3e4f6c3e5107420d5f8e576d1f33e453161
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/104240
Commit-Queue: Dan Sinclair <dsinclair@chromium.org>
Reviewed-by: Ben Clayton <bclayton@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
This CL updates the internals to use AddressSpace instead of the old
StorageClass name.
Bug: tint:1404
Change-Id: Iecc208e839453437f4d630f65e0152206a52db7e
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/104420
Reviewed-by: Ben Clayton <bclayton@google.com>
Commit-Queue: Dan Sinclair <dsinclair@chromium.org>
Auto-Submit: Dan Sinclair <dsinclair@chromium.org>
The WGSL spec has been updated to allow attributes to be i32 or
u32. This CL updates the attribute support in Tint to follow.
Bug: tint:1633
Change-Id: Ie6caa54f26a757c374c51c7d24e54d2a476f9c84
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/103800
Auto-Submit: Dan Sinclair <dsinclair@chromium.org>
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: Ben Clayton <bclayton@google.com>
Commit-Queue: Dan Sinclair <dsinclair@chromium.org>
