Announcement

Collapse
No announcement yet.

The Disturbing Results With Automated Fuzzing Of OpenGL Shaders

Collapse
X
Collapse
 
  • Page of 4
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 4 template Next
  • #11
    Are all of these specific to Mesa? If so, do the same problems appear on every GPU? In the event they used any non-Mesa drivers, it makes me wonder if maybe the test platform itself is to blame. After all, if every single driver (open or otherwise) has a problem, maybe there's nothing wrong with OpenGL. Besides, how often do we ever actually see these problems in real-world applications?

    I find these results somewhat irrelevant.
    • Likes 1

    Comment

    • #12
      Originally posted by starshipeleven View Post
      My point is that the justification for it being closed (because they allegedly want to keep it from falling into hacker hands) is bullshit, not that they should not be paid for their work.
      Well, if you agree they're entitled to compensation, who cares if the reason the cite holds water or not?
      Plus, if the tool exists, someone else will probably make one and release the source code sooner or later.

      Comment

      • #13
        I wonder how this works out when something Vulkan-like will get into web standards.

        Comment

        • #14
          Originally posted by schmidtbag View Post
          Are all of these specific to Mesa?
          They did not even test Mesa, but multiple closed source drivers. There is a table of tested platforms including OS and driver versions on the paper.
          • Likes 6

          Comment

          • #15
            Originally posted by kravemir View Post
            Creators are probably programmers, which would like to get paid for their work. ...
            The authors of the according paper, A. Donaldson and A. Lascu which are probably also the programmers, are employed at Imperial College London, so I would guess that doing this kind of research is part o there job. Now if they would have written that due to licensing issues with this employer they can not publish the software as open source, I would understand, but apparently this is not the problem.

            Originally posted by wagaf View Post
            It's common practice to not publish exploits until a fix is broadly distributed.
            The tool is not an exploit, it is just an tool to find possible exploits, and this method is (supposedly) disclosed in their paper, which means one should be able to re-implement it.

            In any case, I for one think that without at least a "free for non-commercial use" source code version of the tool the paper should not have been accepted at the conference where it was presented, but that's another problem, that's the sad state of "scientific" publication.
            • Likes 4

            Comment

            • #16
              Originally posted by schmidtbag View Post
              Besides, how often do we ever actually see these problems in real-world applications?
              Maybe not entirely related, but there's this little problem where swapping out a compute shader that computes some stuff in parallel with one that computes the same stuff in a serial manner fixes rendering in a game. And this is in Mesa.

              It really is a shame that they didn't test Mesa, especially on AMD and Intel (!) GPUs.

              Comment

              • #17
                Originally posted by bug77 View Post
                Well, if you agree they're entitled to compensation, who cares if the reason the cite holds water or not?
                Bullshit is bullshit and I still hate it.
                • Likes 1

                Comment

                • #18
                  Originally posted by schmidtbag View Post
                  Are all of these specific to Mesa?
                  No, they tested on all OSes.
                  In the event they used any non-Mesa drivers, it makes me wonder if maybe the test platform itself is to blame.
                  No, as the program generates stuff (shaders) that is read by the drivers directly.
                  After all, if every single driver (open or otherwise) has a problem
                  Problems were diverse and usually not cross-platform.

                  maybe there's nothing wrong with OpenGL.
                  The issues are in the drivers, not in the OpenGL specification.

                  Besides, how often do we ever actually see these problems in real-world applications?
                  On mobile it's relatively common to have such glitches, on PC it is unknown but I wouldn't be surprised if there were enough around.

                  These glitches are caused by the drivers not reading the same way stuff that should be permutations of the same code (and should therefore be the same). This is plain bad and should be fixed.

                  I find these results somewhat irrelevant.
                  Another great post where you just show you don't know anything, Jon Snow.

                  Comment

                  • #19
                    Originally posted by starshipeleven View Post
                    Bullshit is bullshit and I still hate it.
                    Just try to concentrate on the essentials: we got a nifty little new tool to improve our drivers.
                    • Likes 1

                    Comment

                    • #20
                      Originally posted by bug77 View Post
                      Just try to concentrate on the essentials: we got a nifty little new tool to give peasants a false sense of security.
                      fixed.

                      closed source and security are opposites.
                      • Likes 3

                      Comment

                      Previous 1 2 3 4 template Next
                      Working...
                      X