The Samsung Galaxy S9, one of the most advanced smartphones in the world, can be forced into a reboot by a particularly complex shader, says research by U.K. GPU testing company GraphicsFuzz and XDA Developers.
According to GraphicsFuzz, the discovery came about during testing of the Galaxy S9’s rendering capabilities, and was not intended to be malicious. The issue stems from a problem with how the phone’s Adreno 630 graphics driver attempts to render a particularly complex shader inside Samsung’s default Samsung Internet app.
According to a deeper investigation, the graphics driver starts the process of creating the shader, but fails at one of the initial steps of allocating resources. The browser fails to terminate the process properly, which causes the phone to panic and reboot.
The issue is reproducible on other browsers — but though the shader does cause the phone to freeze, only on the Samsung Internet browser is the phone forced to reboot, meaning the problem is seemingly specific to Samsung’s browser. Since the issue only affects the Galaxy S9 models equipped with the Snapdragon 845 (unfortunately means the majority of the models in the U.S.), it seems that it’s the pairing of Samsung’s browser and Qualcomm’s graphics driver causing the problem.
This assumption can be backed up by reproducing a similar error on the Google Pixel 2 XL. That phone is equipped with the Qualcomm Snapdragon 835 and Adreno 540 graphics driver, and when subjected to the same test on Samsung Internet, the browser slows to a crawl — though a reboot isn’t forced.
A video of the problem has been made available, and shows the lengthy freeze, as well as the forced reboot of the device.
The problem here is that the bug is reproducible, and capable of being deployed to remotely attack and force affected Samsung Galaxy S9 models into reboots. Thankfully, as soon as this became apparent to GraphicsFuzz, it reached out to XDA Developers in order to contact Samsung. In a disclosure timeline, XDA reported that a Samsung engineer had been assigned to the case on April 4, and it can be hoped that a fix will be deployed to rectify this problem soon.