English
Related papers

Related papers: A Systematic Impact Study for Fuzzer-Found Compile…

200 papers

False-positive bug reports represent a significant yet underexplored challenge in the development and maintenance of the Linux kernel. They occur when correct system behavior is mistakenly flagged as a defect, consuming developer effort…

Software Engineering · Computer Science 2026-05-11 Jiashuo Tian , Dong Wang , Chen Yang , Haichi Wang , Zan Wang , Junjie Chen

In this paper, we propose a testing framework for validating sanitizer implementations in compilers. Our core components are (1) a program generator specifically designed for producing programs containing undefined behavior (UB), and (2) a…

Cryptography and Security · Computer Science 2024-01-10 Shaohua Li , Zhendong Su

A compiler bug arises if the behaviour of a compiled concurrent program, as allowed by its architecture memory model, is not a behaviour permitted by the source program under its source model. One might reasonably think that most compiler…

Programming Languages · Computer Science 2024-01-19 Luke Geeson

Fuzzing has achieved tremendous success in discovering bugs and vulnerabilities in various software systems. Systems under test (SUTs) that take in programming or formal language as inputs, e.g., compilers, runtime engines, constraint…

Software Engineering · Computer Science 2024-12-11 Chunqiu Steven Xia , Matteo Paltenghi , Jia Le Tian , Michael Pradel , Lingming Zhang

Software developers attempt to reproduce software bugs to understand their erroneous behaviours and to fix them. Unfortunately, they often fail to reproduce (or fix) them, which leads to faulty, unreliable software systems. However, to…

Software Engineering · Computer Science 2021-08-12 Mohammad Masudur Rahman , Foutse Khomh , Marco Castelluccio

Fuzzing is a technique of finding bugs by executing a software recurrently with a large number of abnormal inputs. Most of the existing fuzzers consider all parts of a software equally, and pay too much attention on how to improve the code…

Cryptography and Security · Computer Science 2019-01-07 Yuwei Li , Shouling Ji , Chenyang Lv , Yuan Chen , Jianhai Chen , Qinchen Gu , Chunming Wu

Compilers play a foundational role in building reliable software systems, and bugs within them can lead to catastrophic consequences. The compilation process typically involves hundreds of files, making traditional automated bug isolation…

Software Engineering · Computer Science 2025-06-24 Yixian Qi , Jiajun Jiang , Fengjie Li , Bowen Chen , Hongyu Zhang , Junjie Chen

Computer programs are not executed in isolation, but rather interact with the execution environment which drives the program behaviors. Software validation methods thus need to capture the effect of possibly complex environmental…

Software Engineering · Computer Science 2024-09-04 Ruijie Meng , Gregory J. Duck , Abhik Roychoudhury

Modern processors are equipped with single instruction multiple data (SIMD) instructions for fine-grained data parallelism. Compiler auto-vectorization techniques that target SIMD instructions face performance limitations due to…

Cryptography and Security · Computer Science 2025-07-08 Yibo He , Cunjian Huang , Xianmiao Qu , Hongdeng Chen , Wei Yang , Tao Xie

The rapidly developing deep learning (DL) techniques have been applied in software systems with various application scenarios. However, they could also pose new safety threats with potentially serious consequences, especially in…

Software Engineering · Computer Science 2024-05-14 Pin Ji , Yang Feng , Duo Wu , Lingyue Yan , Pengling Chen , Jia Liu , Zhihong Zhao

The correctness of the Solidity compiler is crucial for ensuring the security of smart contracts. However, the implementation complexity of its type system often introduces elusive defects. This paper presents the first systematic empirical…

Software Engineering · Computer Science 2025-12-23 Lantian Li , Yue Pan , Dan Wang , Jingwen Wu , Zhongxing Yu

Ensuring the correctness of compiler optimizations is critical, but existing fuzzers struggle to test optimizations effectively. First, most fuzzers use optimization pipelines (heuristics-based, fixed sequences of passes) as their harness.…

Software Engineering · Computer Science 2025-12-05 Zitong Zhou , Ben Limpanukorn , Hong Jin Kang , Jiyuan Wang , Yaoxuan Wu , Akos Kiss , Renata Hodovan , Miryung Kim

Testing compilers with AI models, especially large language models (LLMs), has shown great promise. However, current approaches struggle with two key problems: The generated programs for testing compilers are often too simple, and extensive…

Software Engineering · Computer Science 2025-08-27 Yunbo Ni , Shaohua Li

Taint-style vulnerabilities comprise a majority of fuzzer discovered program faults. These vulnerabilities usually manifest as memory access violations caused by tainted program input. Although fuzzers have helped uncover a majority of…

Cryptography and Security · Computer Science 2017-06-02 Bhargava Shastry , Federico Maggi , Fabian Yamaguchi , Konrad Rieck , Jean-Pierre Seifert

Identifying which software versions are affected by a vulnerability is critical for patching, risk mitigation. Despite a growing body of tools, their real-world effectiveness remains unclear due to narrow evaluation scopes often limited to…

Software Engineering · Computer Science 2025-09-10 Xingchu Chen , Chengwei Liu , Jialun Cao , Yang Xiao , Xinyue Cai , Yeting Li , Jingyi Shi , Tianqi Sun , Haiming Chen ang Wei Huo

Command-line interface (CLI) fuzzing tests programs by mutating both command-line options and input file contents, thus enabling discovery of vulnerabilities that only manifest under specific option-input combinations. Prior works of CLI…

Cryptography and Security · Computer Science 2026-03-16 Momoko Shiraishi , Yinzhi Cao , Takahiro Shinagawa

Fuzzing has proven to be very effective for discovering certain classes of software flaws, but less effective in helping developers process these discoveries. Conventional crash-based fuzzers lack enough information about failures to…

Cryptography and Security · Computer Science 2024-11-04 Allison Naaktgeboren , Sean Noble Anderson , Andrew Tolmach , Greg Sullivan

Bug datasets are vital for enabling deep learning techniques to address software maintenance tasks related to bugs. However, existing bug datasets suffer from precise and scale limitations: they are either small-scale but precise with…

Software Engineering · Computer Science 2024-03-12 He Ye , Zimin Chen , Claire Le Goues

Many software projects employ manual code review to gatekeep defects and vulnerabilities in the code before integration. However, reviewers often work under time pressure and rely primarily on static inspection, leaving the dynamic aspects…

Software Engineering · Computer Science 2025-10-20 Wachiraphan Charoenwet , Patanamon Thongtanunam , Van-Thuan Pham , Christoph Treude

Ensuring the reliability of the Rust compiler is of paramount importance, given increasing adoption of Rust for critical systems development, due to its emphasis on memory and thread safety. However, generating valid test programs for the…

Software Engineering · Computer Science 2026-05-04 Hongyan Gao , Yibiao Yang , Maolin Sun , Jiangchang Wu , Yuming Zhou , Baowen Xu