Announcement

Collapse
No announcement yet.

Fuzzing Mesa Drivers Begin To Uncover Bugs

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Fuzzing Mesa Drivers Begin To Uncover Bugs

    Phoronix: Fuzzing Mesa Drivers Begin To Uncover Bugs

    Last December we wrote about work being done on fuzzing OpenGL shaders leading to wild differences with the work being done at the Imperial College London. While they were testing other drivers on different operating systems, they have now fired up tests of Mesa...

    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite

  • #2
    I thought Nvidia was supposed to be careless about validations. Yet going by this guy's findings, there's not much difference between Nvidia and AMD. Go figure...

    In other news, great tool, it's nice to see bugs reported (and some already fixed) because of it.

    Comment


    • #3
      Originally posted by bug77 View Post
      I thought Nvidia was supposed to be careless about validations. Yet going by this guy's findings, there's not much difference between Nvidia and AMD. Go figure...
      I don't understand the connection between the reported findings and your statement. GLFuzz is not about generating invalid code, it is about generating valid (but complex / wierd) code that *should* work but sometimes does not.

      Apply some transformations to the shader that should have essentially no impact on what the shader renders. As two simple examples, we can add dead statements, or insert “+0.0” into an expression.
      Test signature

      Comment


      • #4
        Originally posted by bug77 View Post
        I thought Nvidia was supposed to be careless about validations. Yet going by this guy's findings, there's not much difference between Nvidia and AMD. Go figure...

        In other news, great tool, it's nice to see bugs reported (and some already fixed) because of it.
        Dafuq? Did you even read the article? This has nothing to do with amd.

        Comment


        • #5
          Originally posted by bug77 View Post
          I thought Nvidia was supposed to be careless about validations. Yet going by this guy's findings, there's not much difference between Nvidia and AMD. Go figure...
          The nvidia issue is about specification/OpenGL API utilization strictness, not about the shader compiler bugs, which is being tested by GLFuzz AFAIK

          Comment


          • #6
            Originally posted by SaucyJack View Post
            Dafuq? Did you even read the article? This has nothing to do with amd.
            I hope he was referring to other findings of this fuzzer https://medium.com/@afd_icl

            As there it says that both AMD and NVIDIA have critical bugs (BSOD on windows and X-server crash or similar on Ubuntu).

            It also says that AMD reacted quickly and fixed the issue, while NVIDIA is still not giving a flying fuck. Probably because AMD had issues on Windows, and NVIDIA on Linux.

            Comment


            • #7
              Originally posted by bridgman View Post

              I don't understand the connection between the reported findings and your statement. GLFuzz is not about generating invalid code, it is about generating valid (but complex / wierd) code that *should* work but sometimes does not.
              Ah, what that guy is generating is still valid code. Ok, that makes sense, my bad.
              Funny thing is, when Micheal first reported about this, I likened this tool to mutation testing, which changes the code, but still generates valid code. And still i managed to miss it.

              Comment


              • #8
                Someone needs to fuzz FFmpeg and GStreamer...

                Comment


                • #9
                  Originally posted by uid313 View Post
                  Someone needs to fuzz FFmpeg and GStreamer...
                  Sounds like a lot of work. Maybe we should start to use programing languages/subsets of languages/tools/techniques that allow us to have stronger safety guarantees at least for the parts of our software that parse random files from the internet.

                  Comment


                  • #10
                    Originally posted by uid313 View Post
                    Someone needs to fuzz FFmpeg and GStreamer...
                    This is happening already (and googling "ffmpeg fuzzing" would have given you that answer).
                    Google started fuzzing ffmpeg quite a while ago, at least 1, maybe even 2 years, and the ffmpeg maintainer and others have been fixing hundreds of discovered bugs.

                    Recently some people also started fuzzing gstreamer, though not yet at a large scale.

                    Comment

                    Working...
                    X