Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore a critical security vulnerability in WebGPU Shading Language (WGSL) through this 15-minute conference presentation from OOPSLA 2025. Discover how data races in WGSL code can compromise memory safety when compiled to intermediate representations, creating potential security exploits in web browsers and other untrusted execution environments. Learn about the comprehensive threat assessment conducted by researchers from UC Santa Cruz and Microsoft, which revealed how optimizing compilers could legitimately remove memory safety guardrails in the presence of data races. Examine the proposed SafeRace Memory Safety Guarantee (SMSG), a two-component solution designed to preserve memory safety across the WGSL execution stack even when data races occur. Understand the first component's implementation through a compiler pass that ensures program slices contributing to memory indexing remain race-free, and explore the second component's requirements for intermediate representations to limit data race effects. Review the extensive validation process, including 81 hours of fuzzing across 21 compilation stacks, which demonstrated the feasibility of implementing these safety measures with minimal performance overhead. Gain insights into the security vulnerabilities discovered in Apple and AMD GPUs during this research, as well as a critical miscompilation issue found in a pre-release version of Firefox, highlighting the practical importance of addressing these memory safety concerns in GPU programming environments.
