CuFuzz: An API-Knowledge-Graph Coverage-Driven Fuzzing Framework for CUDA Libraries
Ximing Fan, Yong Fang, Peng Jia, Yang Liu, Yijia Xu, Xi Peng, Yuhao ZhouIn the AI-driven era, NVIDIA CUDA libraries have become indispensable for accelerating compute-intensive tasks, yet their security assessment remains critically understudied due to closed-source code and unique programming paradigms. Existing efforts primarily target CUDA compiler vulnerabilities (e.g., NVCC), but overlook broader library-specific risks. This paper addresses the challenges of fuzzing CUDA libraries: (1) context-dependent API ordering and closed-source opacity hinder the synthesis of valid, diverse API sequences; and (2) implicit parameter dependencies reduce the effectiveness of mutation for LLM-generated harnesses. Anewtool called CuFuzz has been proposed, aimed at uncovering potential vulnerabilities in the CUDA libraries. CuFuzz has the ability to generate testing harnesses for various CUDA library functions from scratch, perform efficient parameter mutation, and adapt to the needs of multiple CUDA libraries. First, LLMs are used to extract semantic relationships from CUDA documentation and sample codes, constructing a knowledge graph that prioritizes API interactions and contextual dependencies. The API coverage bitmap is proposed to guide the fuzzer to explore under-tested library functions. In addition to harness generation, the API knowledge graph is also combined with compiler diagnostics to repair erroneous harnesses, thereby improving compilation success rates. Subsequently, CuFuzz employs the LLMs to analyze and decouple parameter dependencies, separates out the mutable parameters, and performs parameter-isolated mutation on them to enhance mutation efficiency. Evaluated across three CUDA releases (12.4, 12.7, and 13.0) on eight widely adopted libraries (e.g., cuBLAS, cuFFT), CuFuzz achieves 2.97× higher API coverage and 4.0× superior API edge coverage relative to baseline (Fuzz4all), on average. The experiments uncovered 6 unknown bugs, validated by NVIDIA’s security team and obtained 2 CVEs.