Re: Ill-defined programs

On 16 Nov 2017, at 9:32 am, Myles C. Maxfield <mmaxfield@apple.com> wrote:
> Therefore, we cannot divorce the performance requirements from the design of this API. We need to do investigation before we make these decisions.

My observation from participating in WebGL from the beginning is that it was always “be as capable as possible, unless there’s a hardware issue then we can assess the security tradeoffs”.

So every issue was never “in a theoretical way, can we allow pointers?”. It was always “Nvidia does this, AMD does that, Intel does that, so how do we put in the right constraints for this set of hardware?”.

The critical difference was that there was no other hardware, so the range of situations for security was automatically limited to known scenarios. Also, the use of ANGLE really changed the entire game for WebGL.

Before the days of ANGLE, it was heading the same direction as you guys are now; checks at general conceptual points. After ANGLE, it was more about checking allowed states against an internal state machine.

Just a bit of historical perspective... I agree with Jeff Gilbert’s comment that aggressive reporting of issues surfaces problems early in development. It’s all about the feedback, tell me early and often.

--
  steve@adam.com.au

Received on Monday, 20 November 2017 10:56:22 UTC