3 Search Results for "Payer, Mathias"

Document
Experience Paper
DOI: 10.4230/LIPIcs.ECOOP.2025.39
WebGlitch: A Randomised Testing Tool for the WebGPU API (Experience Paper)

Authors: Matthew K. L. Wong and Alastair F. Donaldson

Published in: LIPIcs, Volume 333, 39th European Conference on Object-Oriented Programming (ECOOP 2025)

Abstract
We report on our experience designing a new technique and tool for fuzzing implementations of WebGPU, a W3C standard JavaScript API for in-browser GPU computing. We also report on our experience using our WebGlitch tool to test industrial-strength implementations of WebGPU, leading to the discovery of numerous bugs. WebGPU enables programmatic access to a device’s graphics processing unit (GPU) for in-browser GPU computing, and is being implemented by Google, Mozilla and Apple for inclusion in all of the major web browsers. Guaranteeing the security and reliability of WebGPU is crucial to avoid wide-reaching browser security vulnerabilities and to facilitate portability by ensuring uniform behaviour across different platforms. To that end - inspired by randomised compiler testing techniques - our approach to fuzzing creates random, valid-by-construction programs by continuously selecting a WebGPU API function, then recursively generating all requirements necessary for that API call to be valid based on careful modelling of the API specification. This is implemented as a new open source tool, WebGlitch, which we designed in consultation with engineers at Google who work on the Chrome WebGPU implementation. WebGlitch identifies bugs through sanitiser-boosted crash oracles, differential testing, and by identifying cases where valid-by-construction API calls lead to runtime errors. We present an evaluation showing that WebGlitch can find bugs missed by an existing WebGPU fuzzer, wg-fuzz, and across the broader WebGPU ecosystem: to date, WebGlitch has found 24 previously-unknown bugs (15 fixed so far in response to our reports). Among these, 17 bugs affected WebGPU implementations from Google, Mozilla, and the Deno project. WebGlitch found an additional 4 bugs in the shader compilers used by the graphics APIs that WebGPU interfaces with. The remaining 3 bugs affect the widely-used JavaScript runtimes Node.js and Deno. Fuzzing with WebGlitch also led us to identify an ambiguity in the specification of the WebGPU shading language, for which we proposed an amendment that was accepted by W3C and which has been adopted in the latest version of the specification. Analysing the line coverage of a WebGPU implementation by WebGlitch-generated programs revealed that WebGlitch covers code missed by wg-fuzz and the official conformance test suite. Our hope is that this report on the design of WebGlitch and its deployment in practice will be useful for practitioners and researchers interested in using API fuzzing to improve the reliability of industrial codebases.
Cite as

Matthew K. L. Wong and Alastair F. Donaldson. WebGlitch: A Randomised Testing Tool for the WebGPU API (Experience Paper). In 39th European Conference on Object-Oriented Programming (ECOOP 2025). Leibniz International Proceedings in Informatics (LIPIcs), Volume 333, pp. 39:1-39:26, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2025)

Copy BibTex To Clipboard

@InProceedings{wong_et_al:LIPIcs.ECOOP.2025.39,
  author =	{Wong, Matthew K. L. and Donaldson, Alastair F.},
  title =	{{WebGlitch: A Randomised Testing Tool for the WebGPU API}},
  booktitle =	{39th European Conference on Object-Oriented Programming (ECOOP 2025)},
  pages =	{39:1--39:26},
  series =	{Leibniz International Proceedings in Informatics (LIPIcs)},
  ISBN =	{978-3-95977-373-7},
  ISSN =	{1868-8969},
  year =	{2025},
  volume =	{333},
  editor =	{Aldrich, Jonathan and Silva, Alexandra},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/LIPIcs.ECOOP.2025.39},
  URN =		{urn:nbn:de:0030-drops-233313},
  doi =		{10.4230/LIPIcs.ECOOP.2025.39},
  annote =	{Keywords: Fuzzing, WebGPU, WGSL, API, shaders}
}
Document
DOI: 10.4230/LITES.10.1.1
GDBMiner: Mining Precise Input Grammars on (Almost) Any System

Authors: Max Eisele, Johannes Hägele, Christopher Huth, and Andreas Zeller

Published in: LITES, Volume 10, Issue 1 (2025). Leibniz Transactions on Embedded Systems, Volume 10, Issue 1

Abstract
If one knows the input language of the system to be tested, one can generate inputs in a very efficient manner. Grammar-based fuzzers, for instance, produce inputs that are syntactically valid by construction. They are thus much more likely to be accepted by the program under test and to reach code beyond the input parser. Grammar-based fuzzers, however, need a grammar in the first place. Grammar miners are set to extract such grammars from programs. However, current grammar mining tools place huge demands on the source code they are applied on, or are too imprecise, both preventing adoption in industrial practice. We present GDBMiner, a tool to mine input grammars for binaries and executables in any (compiled) programming language, on any operating system, using any processor architecture, even without source code. GDBMiner leverages the GNU debugger (GDB) to step through the program and determine which code locations access which input bytes, generalizing bytes accessed by the same location into grammar elements. GDBMiner is slow, but versatile - and precise: In our evaluation, GDBMiner produces grammars as precise as the (more demanding) Cmimid tool, while producing more precise grammars than the (less demanding) Arvada black-box approach. GDBMiner can be applied on any recursive descent parser that can be debugged via GDB and is available as open source.
Cite as

Max Eisele, Johannes Hägele, Christopher Huth, and Andreas Zeller. GDBMiner: Mining Precise Input Grammars on (Almost) Any System. In LITES, Volume 10, Issue 1 (2025). Leibniz Transactions on Embedded Systems, Volume 10, Issue 1, pp. 1:1-1:26, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2025)

Copy BibTex To Clipboard

@Article{eisele_et_al:LITES.10.1.1,
  author =	{Eisele, Max and H\"{a}gele, Johannes and Huth, Christopher and Zeller, Andreas},
  title =	{{GDBMiner: Mining Precise Input Grammars on (Almost) Any System}},
  journal =	{Leibniz Transactions on Embedded Systems},
  pages =	{1:1--1:26},
  ISSN =	{2199-2002},
  year =	{2025},
  volume =	{10},
  number =	{1},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/LITES.10.1.1},
  URN =		{urn:nbn:de:0030-drops-230134},
  doi =		{10.4230/LITES.10.1.1},
  annote =	{Keywords: program analysis, testing, input grammar, fuzzing, grammar mining}
}
Document
DOI: 10.4230/DagRep.11.10.173
Secure Compilation (Dagstuhl Seminar 21481)

Authors: David Chisnall, Deepak Garg, Catalin Hritcu, and Mathias Payer

Published in: Dagstuhl Reports, Volume 11, Issue 10 (2022)

Abstract
Secure compilation is an emerging field that puts together advances in security, programming languages, compilers, verification, systems, and hardware architectures in order to devise more secure compilation chains that eliminate many of today’s security vulnerabilities and that allow sound reasoning about security properties in the source language. For a concrete example, all modern languages provide a notion of structured control flow and an invoked procedure is expected to return to the right place. However, today’s compilation chains (compilers, linkers, loaders, runtime systems, hardware) cannot efficiently enforce this abstraction against linked low-level code, which can call and return to arbitrary instructions or smash the stack, blatantly violating the high-level abstraction. Other problems arise because today’s languages fail to specify security policies, such as data confidentiality, and the compilation chains thus fail to enforce them, especially against powerful side-channel attacks. The emerging secure compilation community aims to address such problems by identifying precise security goals and attacker models, designing more secure languages, devising efficient enforcement and mitigation mechanisms, and developing effective verification techniques for secure compilation chains. This seminar strived to take a broad and inclusive view of secure compilation and to provide a forum for discussion on the topic. The goal was to identify interesting research directions and open challenges by bringing together people working on building secure compilation chains, on designing security enforcement and attack-mitigation mechanisms in both software and hardware, and on developing formal verification techniques for secure compilation.
Cite as

David Chisnall, Deepak Garg, Catalin Hritcu, and Mathias Payer. Secure Compilation (Dagstuhl Seminar 21481). In Dagstuhl Reports, Volume 11, Issue 10, pp. 173-204, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2022)

Copy BibTex To Clipboard

@Article{chisnall_et_al:DagRep.11.10.173,
  author =	{Chisnall, David and Garg, Deepak and Hritcu, Catalin and Payer, Mathias},
  title =	{{Secure Compilation (Dagstuhl Seminar 21481)}},
  pages =	{173--204},
  journal =	{Dagstuhl Reports},
  ISSN =	{2192-5283},
  year =	{2022},
  volume =	{11},
  number =	{10},
  editor =	{Chisnall, David and Garg, Deepak and Hritcu, Catalin and Payer, Mathias},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/DagRep.11.10.173},
  URN =		{urn:nbn:de:0030-drops-159332},
  doi =		{10.4230/DagRep.11.10.173},
  annote =	{Keywords: secure compilation, low-level attacks, source-level reasoning, attacker models, full abstraction, hyperproperties, enforcement mechanisms, compartmentalization, security architectures, side-channels}
}
  • Refine by Type
  • 3 Document/PDF
  • 2 Document/HTML

  • Refine by Publication Year
  • 2 2025
  • 1 2022

  • Refine by Author
  • 1 Chisnall, David
  • 1 Donaldson, Alastair F.
  • 1 Eisele, Max
  • 1 Garg, Deepak
  • 1 Hritcu, Catalin
  • Show More...

  • Refine by Series/Journal
  • 1 LIPIcs
  • 1 LITES
  • 1 DagRep

  • Refine by Classification
  • 2 Software and its engineering → Software testing and debugging
  • 1 Computer systems organization → Embedded software
  • 1 Security and privacy → Formal security models
  • 1 Software and its engineering → Object oriented languages
  • 1 Software and its engineering → Operational analysis
  • Show More...

  • Refine by Keyword
  • 1 API
  • 1 Fuzzing
  • 1 WGSL
  • 1 WebGPU
  • 1 attacker models
  • Show More...

Any Issues?
X

Feedback on the Current Page

CAPTCHA

Thanks for your feedback!

Feedback submitted to Dagstuhl Publishing

Could not send message

Please try again later or send an E-mail
© 2023-2025 Schloss Dagstuhl – LZI GmbH About DROPS Imprint Privacy Contact