Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 82200c87c9e07fb76d09b6f228d736a9088b9ea5
https://github.com/WebKit/WebKit/commit/82200c87c9e07fb76d09b6f228d736a9088b9ea5
Author: Mike Wyrzykowski <mwyrzykow...@apple.com>
Date: 2024-06-10 (Mon, 10 Jun 2024)
Changed paths:
A LayoutTests/fast/webgpu/nocrash/fuzz-275167-expected.txt
A LayoutTests/fast/webgpu/nocrash/fuzz-275167.html
M Source/WebGPU/WebGPU/RenderBundleEncoder.h
M Source/WebGPU/WebGPU/RenderBundleEncoder.mm
Log Message:
-----------
[WebGPU] RenderBundleEncoder::drawIndexed does not check for the buffer being
destroyed
https://bugs.webkit.org/show_bug.cgi?id=275167
<radar://129227496>
Reviewed by Tadeu Zagallo.
drawIndexed call was allowing destroyed buffer to be passed to Metal,
which resulted in a size mismatch as the destroyed buffer has a length of 1.
We can not simply return early without incrementing the command count however
since then when replay occurs in the bundle, the commands will not all be
removed.
Ensure this doesn't occur which avoids replaying the incorrect commands on the
next
frame.
* LayoutTests/fast/webgpu/regression/fuzz-275167-expected.txt: Added.
* LayoutTests/fast/webgpu/regression/fuzz-275167.html: Added.
Add regression test.
* Source/WebGPU/WebGPU/RenderBundleEncoder.h:
* Source/WebGPU/WebGPU/RenderBundleEncoder.mm:
(WebGPU::RenderBundleEncoder::draw):
(WebGPU::RenderBundleEncoder::finalizeRenderCommand):
(WebGPU::RenderBundleEncoder::drawIndexed):
(WebGPU::RenderBundleEncoder::drawIndexedIndirect):
(WebGPU::RenderBundleEncoder::drawIndirect):
Canonical link: https://commits.webkit.org/279878@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
