A conformance suite with disallowed intra-op examples would be helpful for hardening. #244
Comments
anssiko
added
the
security-tracker
|
The group discussed this issue and it was proposed to formalize these failure cases in the test suite that is under development. |
|
Thanks @quidity .
+1. The interfaces interact with user-supplied buffers including |
|
@huningxin if you think you have enough information, feel free to work with @BruceDai to prototype test cases for invalid input and invalid user-supplied output buffers. Any findings or blockers to be documented in this issue. @quidity please chime in here if you think our plan needs any course correction, or if you have any additional feedback. |
|
@BruceDai please chime in on this issue if you need more information or guidance from the group on how to add the proposed failure cases into the test suite. |
|
As discussed in Chromium CL-5017758 review for gather op, there is a request to create conformance tests which explicitly perform out-of-bounds access and validates the result conforms to the spec text. |
I agree with this, to ensure no crashes/errors.
Not sure about this though, if we're expecting the output tensor to exactly match values, as different implementations will have different behaviors for this garbage-in-garbage-out case. Some I can fathom include:
|
Much of the security of an implementation of a spec will revolve around rejecting badly formed models, and rejecting changes to tensors that might result in out of bounds accesses.
A suite of failure cases would be helpful to ensure invalid input is properly rejected, and will form useful input to a fuzzer corpus.
(very possible this lives elsewhere!)
The text was updated successfully, but these errors were encountered: