Fuzzer discovered that it was possible to send invalid IndexFormats
to SetIndexBuffer and cause IndexFormatSize to hit an UNREACHABLE().
This validates that the passed format is part of the enum before
doing any further operations on it.
Bug: 1254571
Change-Id: I1e4075f8d26afdb8e4bcae3cfc72e6219ff28f78
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/65610
Commit-Queue: Brandon Jones <bajones@chromium.org>
Reviewed-by: Kai Ninomiya <kainino@chromium.org>
Reviewed-by: Austin Eng <enga@chromium.org>
For size parameter in setIndexBuffer and setVertexBuffer, use
wgpu::kWholeSize rather than 0 to indicate using the default
size, i.e. remaining buffer size after offset. Using size=0 is still
avaliable but will cause a deprecation warning.
Bug: dawn:1058
Change-Id: I4c4f6ca6fc7346c225815bdcd607fed110ce2b9a
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/65020
Commit-Queue: Zhaoming Jiang <zhaoming.jiang@intel.com>
Reviewed-by: Corentin Wallez <cwallez@chromium.org>
Every render pass which invokes DrawIndexedIndirect, either directly or
through a RenderBundle execution, is now preceded immediately by at
least one validation pass.
All indirect buffer offests used with DII are validated, and their
validated values are copied into a separate scratch buffer (or zeroed
out there, in the case of validation failure). All encoded DII commands
are rewritten to use the validated parameters instead of the original
ones.
Bug: dawn:809
Change-Id: I5eead937f19536f84f89e2c8e6fed7f18f0aee9f
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/63461
Commit-Queue: Ken Rockot <rockot@google.com>
Reviewed-by: Austin Eng <enga@chromium.org>
This is a simple RefCounted holder of a Buffer ref and offset. Encoded
commands can store a ref to this object instead of directly storing an
inline Buffer ref and offset, allowing other commands to dynamically
patch in a different buffer+offset as needed, in a memory-safe way;
as opposed to e.g. retaining an unmanaged pointer to the encoded
command itself and modifying it in-place.
Validation commands will use this to rewrite buffer references in
encoded commands, so that they execute over validated inputs rather
than over their original client-provided inputs.
No net functional changes in this CL, just some groundwork for indirect
draw/dispatch validation.
Bug: dawn:809
Change-Id: I0570521a610fe3ea08190a525b4904749d7b7f24
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/64420
Reviewed-by: Austin Eng <enga@chromium.org>
Reviewed-by: Corentin Wallez <cwallez@chromium.org>
Commit-Queue: Ken Rockot <rockot@google.com>
In this patch OOB validation in draw and drawIndexed is added for vertex
buffer with zero array stride. For such case, both vertex step and
instance step mode buffer can be validated for both draw and drawIndexed,
as we don't care about actual vertex count and instance count for buffer
with zero array stride.
Related unit test is also added. Also fix the DrawIndexedVertexBufferOOB
unit test.
Bug: dawn:1065
Change-Id: Id302dc0c443dec965347c8ae9f3f4d73aeddc38c
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/62200
Reviewed-by: Corentin Wallez <cwallez@chromium.org>
Reviewed-by: Austin Eng <enga@chromium.org>
Commit-Queue: Zhaoming Jiang <zhaoming.jiang@intel.com>
1. Validate the buffer range for both vertex step mode and instance step mode vertex buffers in Draw,
2. Validate the buffer range for instance step mode vertex buffers and the range of index buffer in DrawIndexed, and
3. Add related validation unit tests DrawVertexAndIndexBufferOOBValidationTests, and remove out-of-date vertex buffer robustness tests.
Bug: dawn:808
Change-Id: Ic27a95138cb1e21b72a1da392b7828368bfe2010
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/56361
Commit-Queue: Zhaoming Jiang <zhaoming.jiang@intel.com>
Reviewed-by: Austin Eng <enga@chromium.org>
Fixes locations that explicitly have TODOs about
checking for overflow. Also fixup other locations found while
searching the code for arithmetic operations.
Fixes: dawn:830
Change-Id: I4ef6b97a9cde14439e573a1da8d569ab985efc53
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/55605
Reviewed-by: Jiawei Shao <jiawei.shao@intel.com>
Reviewed-by: Corentin Wallez <cwallez@chromium.org>
Commit-Queue: Austin Eng <enga@chromium.org>
The vertex buffer alignment in particular is helps make the
implementation of programmable pulling much easier on Metal since the
vertex data will be able to be represented as array<u32>.
Bug: dawn:805
Change-Id: I2bf2742db3b8fa478be620c892925b8b75dc514c
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/54659
Reviewed-by: Stephen White <senorblanco@chromium.org>
Reviewed-by: Kai Ninomiya <kainino@chromium.org>
Commit-Queue: Kai Ninomiya <kainino@chromium.org>
This change is a preparation for making the compute pass track the
synchronization scope usages per dispatch instead of for the whole pass.
This CL just separates the Compute and RenderPassResourceUsage types.
This requires making the difference between
SyncScope/ComputePass/RenderPass ResourceUsageTracker instead of having
a single combined tracker.
This change also duplicates SetBindGroup by removing the common handling
in ProgrammablePassEncoder and putting it in ComputePassEncoder and
RenderEncoderBase. This is necessary because the UsageTracker types are
now split, but it will also help have different handling of SetBindGroup
for compute and render in follow-up CLs.
There are no functional changes.
Bug: dawn:632
Change-Id: I482c04483d8b734fb10e44e717071eedcff2f15f
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/49884
Reviewed-by: Corentin Wallez <cwallez@chromium.org>
Commit-Queue: Corentin Wallez <cwallez@chromium.org>
This means that calling wgpu::Object::DoStuff will translate to a call
to dawn_native::ObjectBase::APIDoStuff. This will clarify the
difference between reentrant calls and internal calls in dawn_native.
Avoiding issues in the future.
This CL only changes the code generator to prefix with "API", performs
renames needed to make the code compile, and adds TODOs for things that
should be fixed in follow-up CLs.
Bug: dawn:723
Change-Id: Ie24471fa093adc4179d33d13323429847d076ecb
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/45921
Commit-Queue: Corentin Wallez <cwallez@chromium.org>
Auto-Submit: Corentin Wallez <cwallez@chromium.org>
Reviewed-by: Austin Eng <enga@chromium.org>
Reviewed-by: Stephen White <senorblanco@chromium.org>
Store index buffer size in CommandBufferStateTracker and skip
issuing drawIndexed call if it's out of bounds.
Bug: dawn:622
Change-Id: I8f4bd8ba03dea931815dc0db87ffacb9936a123d
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/42000
Reviewed-by: Corentin Wallez <cwallez@chromium.org>
Commit-Queue: Shrek Shao <shrekshao@google.com>
This is the last piece of validation that was done in a separate
validation pass so the validation pass is removed.
Bug: dawn:635
Change-Id: I91ce5d5a512ac188f3dd56c90db9e69aee518844
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/38845
Commit-Queue: Corentin Wallez <cwallez@chromium.org>
Reviewed-by: Austin Eng <enga@chromium.org>
The overarching goal with this CL is to do validation at encoding time
which will help produce SyncScopeResourceUsage in the frontend for
dispatch() calls so that they can be reused by the backends.
Bug: dawn:635
Change-Id: Ifb8b7883abe18089dc3d632baebbcc79b3f324f7
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/38843
Commit-Queue: Corentin Wallez <cwallez@chromium.org>
Reviewed-by: Stephen White <senorblanco@chromium.org>
Also cache the boolean for IsValidationEnabled in the
ProgrammablePassEncoder.
Bug: dawn:635
Change-Id: I5f095d003d28b84eacbc488a7f8f3c346c646187
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/38521
Commit-Queue: Austin Eng <enga@chromium.org>
Auto-Submit: Corentin Wallez <cwallez@chromium.org>
Reviewed-by: Stephen White <senorblanco@chromium.org>
Reviewed-by: Austin Eng <enga@chromium.org>
In a future CL the PassResourceUsage structure will become a
SyncScopeResourceUsage and will be used to validate at each
synchronization scope. For separation of concerns, the validation that
resource have the correct usage shouldn't be done at the sync scope
level but at each entrypoint that uses the resource.
The validation tests had no coverage of usage validation for pass usage
so validation tests are added for Indirct/Index/Vertex usages. (Uniform
and Storage are validated at bindgroup creation and already had
validation tests)
Bug: dawn:635
Change-Id: I5058ad30eb041809f0f60d9403f3cc2d5d7e7c96
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/38380
Reviewed-by: Austin Eng <enga@chromium.org>
Reviewed-by: Corentin Wallez <cwallez@chromium.org>
Commit-Queue: Corentin Wallez <cwallez@chromium.org>
Auto-Submit: Corentin Wallez <cwallez@chromium.org>
Use the correct toggle when checking for support.
Also disable a test which tests it unconditionally.
Change-Id: I5f98004865df5e1f4dd6cf6eaa4769444b90e9c2
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/34980
Reviewed-by: Corentin Wallez <cwallez@chromium.org>
Reviewed-by: Austin Eng <enga@chromium.org>
Commit-Queue: Stephen White <senorblanco@chromium.org>
This also simplifies a bunch of code in backends that was used to handle
getting the indexFormat from the pipeline "late".
Bug: dawn:502
Change-Id: Ibae50c8df21323fd391515f6036552e9fb868d93
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/32023
Commit-Queue: Corentin Wallez <cwallez@chromium.org>
Reviewed-by: Austin Eng <enga@chromium.org>
Reviewed-by: Stephen White <senorblanco@chromium.org>
Some APIs exposed by Dawn are not expected to be fully secured until
after the first Origin Trial of WebGPU. To prevent their usage we add a
new toggle that will be set by default by Chromium. This toggle throws a
validation error when an unsafe API is used.
Bug: chromium:1138528
Change-Id: I831db70bdac5128ebc32d36d55a0eaefc42c1807
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/31443
Reviewed-by: Corentin Wallez <cwallez@chromium.org>
Commit-Queue: Corentin Wallez <cwallez@chromium.org>
First step of a multi-part change to bring the setIndexBuffer
method up-to-date with the current WebGPU spec. This change
preserves the previous setIndexBuffer semantics for backwards
compatibility until developers have been notified and given
a grace period to transition to the new signature.
BUG=dawn:502
Change-Id: Ia8c665639494d244f52296ceadaedb320fa6c985
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/27182
Commit-Queue: Brandon Jones <bajones@chromium.org>
Reviewed-by: Kai Ninomiya <kainino@chromium.org>
This patch enables one texture to be used as both write-only storage
texture and sampled texture in one compute pass.
Note that while we don't need to check the usage scope of a texture in
the whole compute pass scope, we still need to verify one texture cannot
be bound to multiple bindings that are used in one dispatch at the same
time. This check will be added in the following patches.
This patch also adds tests to ensure a texture can be used as the
following binding types in one compute pass:
- read-only storage + sampled
- write-only storage + sampled
- read-only storage + write-only storage
BUG=dawn:267
TEST=dawn_unittests
Change-Id: Ibff2b005a5269a0bfa254e0417de4920758add39
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/20120
Commit-Queue: Jiawei Shao <jiawei.shao@intel.com>
Reviewed-by: Austin Eng <enga@chromium.org>
These are not supported on some older OpenGL, OpenGL ES, and iOS
devices.
Bug: dawn:343
Change-Id: I70def749ae57fcfe2895f8556674dd241941d3d3
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/16163
Reviewed-by: Austin Eng <enga@chromium.org>
Reviewed-by: Jiawei Shao <jiawei.shao@intel.com>
Reviewed-by: Corentin Wallez <cwallez@chromium.org>
Commit-Queue: Corentin Wallez <cwallez@chromium.org>
This patch factors resource usage tracking so it is separate from
command validation, allowing the bulk of command validation to be
completely skipped.
In DrawCallPerfRun/Vulkan_DynamicPipeline_DynamicBindGroup, disabling
validation cuts roughly 74 nanoseconds (20%) of CPU time, per draw.
In DrawCallPerfRun/Vulkan_DynamicBindGroup, disabling validation
cuts roughly 35 nanoseconds (17%) of CPU time, per draw.
In DrawCallPerfRun/Vulkan_MultipleBindGroups, disabling validation
cuts roughly 45 nanoseconds (14%) of CPU time, per draw.
Bug: dawn:271
Change-Id: I517b85840ba18c6a554b83f34a1d0aef1a8c56a6
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/13520
Commit-Queue: Austin Eng <enga@chromium.org>
Reviewed-by: Corentin Wallez <cwallez@chromium.org>
Following WebGPU spec change at
https://github.com/gpuweb/gpuweb/pull/468, this CL changes all
occurrences of setVertexBuffers to setVertexBuffer.
Bug: dawn:22
Change-Id: I48b551a89dc0934dfa61e661e9546a2b7eafd2fc
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/12020
Commit-Queue: François Beaufort <beaufort.francois@gmail.com>
Reviewed-by: Austin Eng <enga@chromium.org>
This patch factors the CommandAllocator, CommandIterator, and error
handling out of CommandEncoderBase so it can later be used by the
RenderBundleEncoder.
Bug: dawn:154
Change-Id: Ia4f8c3ce7f432f0887b619bd8090aa9bec7330fc
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/9181
Reviewed-by: Corentin Wallez <cwallez@chromium.org>
Reviewed-by: Kai Ninomiya <kainino@chromium.org>
Commit-Queue: Austin Eng <enga@chromium.org>
This is needed so that RenderBundleEncoder and RenderPassEncoder can
share code. This patch also moves EndPass out of ProgrammablePassEncoder
and into both RenderPassEncoder and ComputePassEncoder. Render bundles
do not have EndPass.
Bug: dawn:154
Change-Id: Ib7126b2ba718b0b93e3d6f15c429ac910c0d5d31
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/9180
Commit-Queue: Austin Eng <enga@chromium.org>
Reviewed-by: Kai Ninomiya <kainino@chromium.org>
Brandon Jones
Austin Eng
Zhaoming Jiang
Ken Rockot
Corentin Wallez
shrekshao
Stephen White
Enrico Galli
Jiawei Shao
François Beaufort