Automatically Localizing Dynamic Code Generation Bugs in JIT Compiler Back-End

Citations Over TimeTop 20% of 2023 papers

Abstract

Just-in-Time (JIT) compilers are ubiquitous in modern computing systems and are used in a wide variety of software. Dynamic code generation bugs, where the JIT compiler silently emits incorrect code, can result in exploitable vulnerabilities. They, therefore, pose serious security concerns and make quick mitigation essential. However, due to the size and complexity of JIT compilers, quickly locating and fixing bugs is often challenging. In addition, the unique characteristics of JIT compilers make existing bug localization approaches inapplicable. Therefore, this paper proposes a new approach to automatic bug localization, explicitly targeting the JIT compiler back-end. The approach is based on explicitly modeling architecture-independent back-end representation and architecture-specific code-generation. Experiments using a prototype implementation on a widely used JIT compiler (Turbofan) indicate that it can successfully localize dynamic code generation bugs in the back-end with high accuracy.

Related Papers

• → Intermediate Representation(2013)9 cited
• → Automated bug localization in JIT compilers(2021)11 cited
• → Efficient retargetable compiler code generation(2003)6 cited
• → Code generation for the AT&T DSP32(2002)5 cited
• A Case Study of Code Generator Generation for Embedded SIMD Computers(1996)