mirror of
https://github.com/electron/electron.git
synced 2026-04-10 03:01:51 -04:00
2c822ce4ac
* chore: [23-x-y] cherry-pick 8 changes from Release-1-M113 * 91fce3345668 from v8 * 2c8a019f39d2 from v8 * b8020e1973d7 from v8 * d6272b794cbb from chromium * 48785f698b1c from chromium * d0ee0197ddff from angle * 9b6ca211234b from chromium * 675562695049 from chromium * chore: clean up patches, delete bad patch * chore: cherry-pick bb90b9cfcbca from v8 * build: fixup angle patch * build: fixup v8 patches * chore: fixup Handle empty ranges in unicode sets patch * build: drop python2 from CI (#38303) (cherry picked from commita22e2a778e) (cherry picked from commit9bdd4738ae) * chore: update patches for 110 * refactor: add WebViewGuestDelegate::GetGuestDelegateWeakPtr() Xref: https://chromium-review.googlesource.com/c/chromium/src/+/4515455 This approach copied from GuestViewBase::GetGuestDelegateWeakPtr() approach in that same commit. (cherry picked from commit 3f3ab39e3a1077f71aa90319d7a81d53cfb3c55e) * chore: cherry-pick bae60787d3e9 from dawn * chore: delete unnecessary patches * Revert "refactor: add WebViewGuestDelegate::GetGuestDelegateWeakPtr()" This reverts commit07a42e351e. * chore: remove unneeded patch * chore: update patches --------- Co-authored-by: John Kleinschmidt <jkleinsc@electronjs.org> Co-authored-by: trop[bot] <37223003+trop[bot]@users.noreply.github.com> Co-authored-by: Charles Kerr <charles@charleskerr.com> Co-authored-by: Pedro Pontes <pepontes@microsoft.com> Co-authored-by: Samuel Attard <sam@electronjs.org> Co-authored-by: PatchUp <73610968+patchup[bot]@users.noreply.github.com>
215 lines
7.0 KiB
Diff
215 lines
7.0 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Shahbaz Youssefi <syoussefi@chromium.org>
|
|
Date: Wed, 3 May 2023 13:41:36 -0400
|
|
Subject: WebGL: Limit total size of private data
|
|
|
|
... not just individual arrays.
|
|
|
|
Bug: chromium:1431761
|
|
Change-Id: I721e29aeceeaf12c3f6a67b668abffb8dfbc89b0
|
|
Reviewed-on: https://chromium-review.googlesource.com/c/angle/angle/+/4503753
|
|
Reviewed-by: Kenneth Russell <kbr@chromium.org>
|
|
Commit-Queue: Shahbaz Youssefi <syoussefi@chromium.org>
|
|
|
|
diff --git a/src/compiler/translator/ValidateTypeSizeLimitations.cpp b/src/compiler/translator/ValidateTypeSizeLimitations.cpp
|
|
index c9607db74b53487950d31f6a56d55f3e834556a0..a05e857d7111528ad7f21799e3825b9d3f488dd3 100644
|
|
--- a/src/compiler/translator/ValidateTypeSizeLimitations.cpp
|
|
+++ b/src/compiler/translator/ValidateTypeSizeLimitations.cpp
|
|
@@ -23,6 +23,7 @@ namespace
|
|
// Arbitrarily enforce that types - even local variables' - declared
|
|
// with a size in bytes of over 2 GB will cause compilation failure.
|
|
constexpr size_t kMaxTypeSizeInBytes = static_cast<size_t>(2) * 1024 * 1024 * 1024;
|
|
+constexpr size_t kMaxPrivateVariableSizeInBytes = static_cast<size_t>(1) * 1024 * 1024;
|
|
|
|
// Traverses intermediate tree to ensure that the shader does not
|
|
// exceed certain implementation-defined limits on the sizes of types.
|
|
@@ -31,7 +32,9 @@ class ValidateTypeSizeLimitationsTraverser : public TIntermTraverser
|
|
{
|
|
public:
|
|
ValidateTypeSizeLimitationsTraverser(TSymbolTable *symbolTable, TDiagnostics *diagnostics)
|
|
- : TIntermTraverser(true, false, false, symbolTable), mDiagnostics(diagnostics)
|
|
+ : TIntermTraverser(true, false, false, symbolTable),
|
|
+ mDiagnostics(diagnostics),
|
|
+ mTotalPrivateVariablesSize(0)
|
|
{
|
|
ASSERT(diagnostics);
|
|
}
|
|
@@ -85,11 +88,37 @@ class ValidateTypeSizeLimitationsTraverser : public TIntermTraverser
|
|
asSymbol->getName());
|
|
return false;
|
|
}
|
|
+
|
|
+ const bool isPrivate = variableType.getQualifier() == EvqTemporary ||
|
|
+ variableType.getQualifier() == EvqGlobal ||
|
|
+ variableType.getQualifier() == EvqConst;
|
|
+ if (isPrivate)
|
|
+ {
|
|
+ if (layoutEncoder.getCurrentOffset() > kMaxPrivateVariableSizeInBytes)
|
|
+ {
|
|
+ error(asSymbol->getLine(),
|
|
+ "Size of declared private variable exceeds implementation-defined limit",
|
|
+ asSymbol->getName());
|
|
+ return false;
|
|
+ }
|
|
+ mTotalPrivateVariablesSize += layoutEncoder.getCurrentOffset();
|
|
+ }
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
+ void validateTotalPrivateVariableSize()
|
|
+ {
|
|
+ if (mTotalPrivateVariablesSize > kMaxPrivateVariableSizeInBytes)
|
|
+ {
|
|
+ mDiagnostics->error(
|
|
+ TSourceLoc{},
|
|
+ "Total size of declared private variables exceeds implementation-defined limit",
|
|
+ "");
|
|
+ }
|
|
+ }
|
|
+
|
|
private:
|
|
void error(TSourceLoc loc, const char *reason, const ImmutableString &token)
|
|
{
|
|
@@ -198,6 +227,8 @@ class ValidateTypeSizeLimitationsTraverser : public TIntermTraverser
|
|
|
|
TDiagnostics *mDiagnostics;
|
|
std::vector<int> mLoopSymbolIds;
|
|
+
|
|
+ size_t mTotalPrivateVariablesSize;
|
|
};
|
|
|
|
} // namespace
|
|
@@ -208,6 +239,7 @@ bool ValidateTypeSizeLimitations(TIntermNode *root,
|
|
{
|
|
ValidateTypeSizeLimitationsTraverser validate(symbolTable, diagnostics);
|
|
root->traverse(&validate);
|
|
+ validate.validateTotalPrivateVariableSize();
|
|
return diagnostics->numErrors() == 0;
|
|
}
|
|
|
|
diff --git a/src/tests/gl_tests/WebGLCompatibilityTest.cpp b/src/tests/gl_tests/WebGLCompatibilityTest.cpp
|
|
index 7dc56cddbc63add1aca6fca3bfd031f3da8d04fc..64287af5834607f6819f1197e2eed1a56f712ffe 100644
|
|
--- a/src/tests/gl_tests/WebGLCompatibilityTest.cpp
|
|
+++ b/src/tests/gl_tests/WebGLCompatibilityTest.cpp
|
|
@@ -5271,11 +5271,12 @@ TEST_P(WebGLCompatibilityTest, ValidateArraySizes)
|
|
// fairly small array.
|
|
constexpr char kVSArrayOK[] =
|
|
R"(varying vec4 color;
|
|
-const int array_size = 1000;
|
|
+const int array_size = 500;
|
|
void main()
|
|
{
|
|
mat2 array[array_size];
|
|
- if (array[0][0][0] == 2.0)
|
|
+ mat2 array2[array_size];
|
|
+ if (array[0][0][0] + array2[0][0][0] == 2.0)
|
|
color = vec4(0.0, 1.0, 0.0, 1.0);
|
|
else
|
|
color = vec4(1.0, 0.0, 0.0, 1.0);
|
|
@@ -5353,6 +5354,103 @@ void main()
|
|
EXPECT_EQ(0u, program);
|
|
}
|
|
|
|
+// Reject attempts to allocate too much private memory.
|
|
+// This is an implementation-defined limit - crbug.com/1431761.
|
|
+TEST_P(WebGLCompatibilityTest, ValidateTotalPrivateSize)
|
|
+{
|
|
+ constexpr char kTooLargeGlobalMemory1[] =
|
|
+ R"(precision mediump float;
|
|
+
|
|
+// 1 MB / 16 bytes per vec4 = 65536
|
|
+vec4 array[32768];
|
|
+vec4 array2[32769];
|
|
+
|
|
+void main()
|
|
+{
|
|
+ if (array[0].x + array[1].x == 0.)
|
|
+ gl_FragColor = vec4(0.0, 1.0, 0.0, 1.0);
|
|
+ else
|
|
+ gl_FragColor = vec4(1.0, 0.0, 0.0, 1.0);
|
|
+})";
|
|
+
|
|
+ constexpr char kTooLargeGlobalMemory2[] =
|
|
+ R"(precision mediump float;
|
|
+
|
|
+// 1 MB / 16 bytes per vec4 = 65536
|
|
+vec4 array[32767];
|
|
+vec4 array2[32767];
|
|
+vec4 x, y, z;
|
|
+
|
|
+void main()
|
|
+{
|
|
+ if (array[0].x + array[1].x == x.w + y.w + z.w)
|
|
+ gl_FragColor = vec4(0.0, 1.0, 0.0, 1.0);
|
|
+ else
|
|
+ gl_FragColor = vec4(1.0, 0.0, 0.0, 1.0);
|
|
+})";
|
|
+
|
|
+ constexpr char kTooLargeGlobalAndLocalMemory1[] =
|
|
+ R"(precision mediump float;
|
|
+
|
|
+// 1 MB / 16 bytes per vec4 = 65536
|
|
+vec4 array[32768];
|
|
+
|
|
+void main()
|
|
+{
|
|
+ vec4 array2[32769];
|
|
+ if (array[0].x + array[1].x == 2.0)
|
|
+ gl_FragColor = vec4(0.0, 1.0, 0.0, 1.0);
|
|
+ else
|
|
+ gl_FragColor = vec4(1.0, 0.0, 0.0, 1.0);
|
|
+})";
|
|
+
|
|
+ // Note: The call stack is not taken into account for the purposes of total memory calculation.
|
|
+ constexpr char kTooLargeGlobalAndLocalMemory2[] =
|
|
+ R"(precision mediump float;
|
|
+
|
|
+// 1 MB / 16 bytes per vec4 = 65536
|
|
+vec4 array[32768];
|
|
+
|
|
+float f()
|
|
+{
|
|
+ vec4 array2[16384];
|
|
+ return array2[0].x;
|
|
+}
|
|
+
|
|
+float g()
|
|
+{
|
|
+ vec4 array3[16383];
|
|
+ return array3[0].x;
|
|
+}
|
|
+
|
|
+float h()
|
|
+{
|
|
+ vec4 value;
|
|
+ float value2
|
|
+ return value.x + value2;
|
|
+}
|
|
+
|
|
+void main()
|
|
+{
|
|
+ if (array[0].x + f() + g() + h() == 2.0)
|
|
+ gl_FragColor = vec4(0.0, 1.0, 0.0, 1.0);
|
|
+ else
|
|
+ gl_FragColor = vec4(1.0, 0.0, 0.0, 1.0);
|
|
+})";
|
|
+
|
|
+ GLuint program = CompileProgram(essl1_shaders::vs::Simple(), kTooLargeGlobalMemory1);
|
|
+ EXPECT_EQ(0u, program);
|
|
+
|
|
+ program = CompileProgram(essl1_shaders::vs::Simple(), kTooLargeGlobalMemory2);
|
|
+ EXPECT_EQ(0u, program);
|
|
+
|
|
+ program = CompileProgram(essl1_shaders::vs::Simple(), kTooLargeGlobalAndLocalMemory1);
|
|
+ EXPECT_EQ(0u, program);
|
|
+
|
|
+ program = CompileProgram(essl1_shaders::vs::Simple(), kTooLargeGlobalAndLocalMemory2);
|
|
+ EXPECT_EQ(0u, program);
|
|
+}
|
|
+
|
|
// Linking should fail when corresponding vertex/fragment uniform blocks have different precision
|
|
// qualifiers.
|
|
TEST_P(WebGL2CompatibilityTest, UniformBlockPrecisionMismatch)
|