Intent to Ship: WebGL EXT_disjoint_timer_query extension

38 views
Skip to first unread message

Kenneth Russell

unread,
Nov 23, 2015, 9:33:51 PM11/23/15
to blink-dev
Contact emails


Spec


Summary
This WebGL extension exposes fine-grained GPU timing information to the application developer. It's useful for understanding which portions of WebGL applications' rendering code are taking the majority of the time.

It will enable the development of new useful tools for more web developers.

Apologies, there wasn't an "intent to implement" this feature -- it's been behind a command line flag since the code was committed.


Is this feature supported on all six Blink platforms (Windows, Mac, Linux, Chrome OS, Android, and Android WebView)?
Yes

Demo link
(currently requires --enable-webgl-draft-extensions command line flag)

Debuggability
This extension will allow the creation of new tools that provide fine-grained GPU timing information to other WebGL developers.

John Mellor

unread,
Nov 24, 2015, 5:40:28 AM11/24/15
to Kenneth Russell, blink-dev

Have security reviewed whether this makes cross-origin timing attacks easier? Or would users have to manually enable this in DevTools, in which case it's presumably less of a concern?

Brandon Jones

unread,
Nov 24, 2015, 12:03:46 PM11/24/15
to John Mellor, Kenneth Russell, blink-dev
The intention is that this would be available by default (assuming the device supported the appropriate extension), not gated by any flag or DevTool.

Rick Byers

unread,
Nov 24, 2015, 2:27:25 PM11/24/15
to Brandon Jones, John Mellor, Kenneth Russell, blink-dev
Please try to characterize the interoperability risk for this API.

Sounds to me like developers should probably care about this feature, right?  Then better file a chromestatus entry so docs get written etc.

The official intent-to-ship template is useful for pointing out these questions up front :-)

And yes it sounds like there needs to be some sort of security review.  We've had to kill/changed other web performance APIs in the past due to the potential for timing attacks.  Seems like maybe this is completely different, but I'm not qualified to make that distinction :-)

Rick

Kenneth Russell

unread,
Nov 24, 2015, 4:40:27 PM11/24/15
to Rick Byers, Brandon Jones, John Mellor, blink-dev
On Tue, Nov 24, 2015 at 11:27 AM, Rick Byers <rby...@chromium.org> wrote:
Please try to characterize the interoperability risk for this API.

It's widely supported on all graphics cards. All WebGL implementers are in agreement that it should ship -- that's why the WebGL extension is in the "community approved" state.

 
Sounds to me like developers should probably care about this feature, right?  Then better file a chromestatus entry so docs get written etc.



The official intent-to-ship template is useful for pointing out these questions up front :-)

I went through it but in a hurry, so apologies for missing these steps.

 

And yes it sounds like there needs to be some sort of security review.  We've had to kill/changed other web performance APIs in the past due to the potential for timing attacks.  Seems like maybe this is completely different, but I'm not qualified to make that distinction :-)

I've requested security review on http://crbug.com/560620 . The WebGL API doesn't allow cross-origin data to be uploaded to the GPU at all, because of timing attacks that were discovered early on in the development of the API, so I doubt that this extension enables any further cross-origin attacks.

-Ken

Rick Byers

unread,
Nov 24, 2015, 4:59:21 PM11/24/15
to Kenneth Russell, Brandon Jones, John Mellor, blink-dev
Thanks Ken!  Sounds fine to me.  LGTM1 to ship.

Doesn't seem necessary to block on the security review to me (there are no specific concerns), but still sounds like a good idea to get at least a sanity check from the security team.

Rick

Kenneth Russell

unread,
Nov 24, 2015, 7:46:25 PM11/24/15
to Rick Byers, Brandon Jones, John Mellor, blink-dev
On Tue, Nov 24, 2015 at 1:58 PM, Rick Byers <rby...@chromium.org> wrote:
Thanks Ken!  Sounds fine to me.  LGTM1 to ship.

Doesn't seem necessary to block on the security review to me (there are no specific concerns), but still sounds like a good idea to get at least a sanity check from the security team.

OK, thanks, I appreciate that.

Looking for other API owners' feedback. Thanks.

Dimitri Glazkov

unread,
Nov 24, 2015, 7:47:45 PM11/24/15
to Kenneth Russell, Rick Byers, Brandon Jones, John Mellor, blink-dev
LGTM2.

:DG<

Chris Harrelson

unread,
Nov 24, 2015, 8:11:35 PM11/24/15
to Dimitri Glazkov, Kenneth Russell, Rick Byers, Brandon Jones, John Mellor, blink-dev
LGTM3

On Tue, Nov 24, 2015 at 4:47 PM Dimitri Glazkov <dgla...@chromium.org> wrote:
LGTM2.

:DG<

--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.

Kenneth Russell

unread,
Nov 24, 2015, 8:12:19 PM11/24/15
to Chris Harrelson, Dimitri Glazkov, Rick Byers, Brandon Jones, John Mellor, blink-dev
Great. Thanks everybody!

Reply all
Reply to author
Forward
0 new messages