
A Systematic Impact Study for Fuzzer-Found Compiler Bugs (2019) - luu
https://arxiv.org/abs/1902.09334
======
gwern
'Given the rather limited impact of all the bugs considered in this study, one
hypothesis to explain this unexpected result could be that, in a mature
compiler like Clang/LLVM, all the bugs affecting code patterns that are
frequent in real code have already been fixed, so that the remaining bugs are
corner cases that do not appear more frequently in real code than in
artificial code.'

There's also the security angle: the major application of fuzzers is finding
security holes (since if it found bugs in common normal user activity, why
didn't the users already report them?), but compilers are typically not
exposed to security problems the way a, say, TCP/IP stack or image library is.

~~~
saagarjha
> compilers are typically not exposed to security problems the way a, say,
> TCP/IP stack or image library is

Not typically, but I can think of at least one case where being able to
control the output of a compiler would give you quite powerful abilities on a
certain mobile OS.

~~~
willvarfar
Another example of compilers at risk was back in the very old days when
compiling on time share systems was something people paid for.

Confused Deputy problem gave rise to the Capabilities
[https://en.wikipedia.org/wiki/Confused_deputy_problem](https://en.wikipedia.org/wiki/Confused_deputy_problem)

