Finding Compiler Bugs through Cross-Language Code Generator and Differential Testing

TL;DR

This paper introduces CrossLangFuzzer, a framework for detecting bugs in cross-language compilers by generating diverse test programs and applying mutation techniques, successfully finding multiple bugs in popular JVM languages.

Contribution

It presents the first dedicated approach for identifying and diagnosing compiler bugs in cross-language compilation scenarios using a novel IR and mutation strategies.

Findings

Discovered 24 bugs across Kotlin, Groovy, Scala, and Java compilers.

TypeChanger mutation was the most effective, detecting 11 bugs.

Analyzed symptoms and root causes of cross-compilation bugs.

Abstract

Compilers play a central role in translating high-level code into executable programs, making their correctness essential for ensuring code safety and reliability. While extensive research has focused on verifying the correctness of compilers for single-language compilation, the correctness of cross-language compilation - which involves the interaction between two languages and their respective compilers - remains largely unexplored. To fill this research gap, we propose CrossLangFuzzer, a novel framework that introduces a universal intermediate representation (IR) for JVM-based languages and automatically generates cross-language test programs with diverse type parameters and complex inheritance structures. After generating the initial IR, CrossLangFuzzer applies three mutation techniques - LangShuffler, FunctionRemoval, and TypeChanger - to enhance program diversity. By evaluating both the original and mutated programs across multiple compiler versions, CrossLangFuzzer successfully uncovered 10 confirmed bugs in the Kotlin compiler, 4 confirmed bugs in the Groovy compiler, 7 confirmed bugs in the Scala 3 compiler, 2 confirmed bugs in the Scala 2 compiler, and 1 confirmed bug in the Java compiler. Among all mutators, TypeChanger is the most effective, detecting 11 of the 24 compiler bugs. Furthermore, we analyze the symptoms and root causes of cross-compilation bugs, examining the respective responsibilities of language compilers when incorrect behavior occurs during cross-language compilation. To the best of our knowledge, this is the firstwork specifically focused on identifying and diagnosing compiler bugs in cross-language compilation scenarios. Our research helps to understand these challenges and contributes to improving compiler correctness in multi-language environments.