Finding and Understanding Bugs in C Compilers
Compilers should be correct. To improve the quality of C compilers, the authors created Csmith, a randomized test-case generation tool, and spent three years using it to find compiler bugs. During this period they reported more than 325 previously unknown bugs to compiler developers. Every compiler they tested was found to crash and also to silently generate wrong code when presented with valid input. In this paper they present the compiler-testing tool and the results of the bug-hunting study. The first contribution is to advance the state of the art in compiler testing. Unlike previous tools, Csmith generates programs that cover a large subset of C while avoiding the undefined and unspecified behaviors that would destroy its ability to automatically find wrong-code bugs.