@unpublished{Marcozzi:2019, author = {Marcozzi, M and Tang, Q and Donaldson, A and Cadar, C}, title = {A systematic impact study for fuzzer-found compiler bugs}, url = {http://arxiv.org/abs/1902.09334v2}, year = {2019} }
TY - UNPB AB - Despite much recent interest in compiler fuzzing, the practical impact offuzzer-found miscompilations on real-world applications has barely beenassessed. We present the first quantitative and qualitative study of thetangible impact of fuzzer-found compiler bugs. We follow a novel methodologywhere the impact of a miscompilation bug is evaluated based on (1) whether thebug appears to trigger during compilation; (2) the extent to which generatedassembly code changes syntactically due to triggering of the bug; and (3) howlikely such changes are to cause runtime divergences during execution. Thestudy is conducted with respect to the compilation of more than 10 millionlines of C/C++ code from 309 Debian packages, using 12% of the historical andnow fixed miscompilation bugs found by four state-of-the-art fuzzers in theClang/LLVM compiler, as well as 18 other bugs found by the Alive formalverification tool or human users. The results show that almost half of thefuzzer-found bugs propagate to the generated binaries for some applications,but barely affect their syntax and only cause two failures in total whenrunning their regression test suites. Our manual analysis of a selection ofbugs suggests that these bugs cannot trigger on the packages considered in theanalysis, and that in general they affect only corner cases which have a lowprobability of occurring in practice. User-reported and Alive bugs do notexhibit a higher impact, with less frequently triggered bugs and one testfailure. AU - Marcozzi,M AU - Tang,Q AU - Donaldson,A AU - Cadar,C PY - 2019/// TI - A systematic impact study for fuzzer-found compiler bugs UR - http://arxiv.org/abs/1902.09334v2 UR - http://hdl.handle.net/10044/1/71472 ER -