Finding and understanding bugs in C compilers [pdf] (2011)

https://www.cse.unr.edu/~fredh/class/460/S2013/class/Papers/tanna.pdf

17•todsacerdoti•7mo ago

Comments

qualeed•7mo ago

(2011)

pfdietz•7mo ago

Ah, Csmith! A well known and much read paper which inspired a lot of work.

Differential testing of compilers via random generation of correct programs goes back a ways before this paper. For C, it's made more difficult by the need to avoid undefined behaviors in the generated code (which C is loaded with). So much of the work here was how to generate sufficiently diverse programs that still have defined behavior.

A follow on paper (from 2012) described creduce, the failing test input reducer than can be used with csmith. It's also useful for other purposes, and for languages other that C. Reducing the inputs requires preserving the condition that they are valid C without undefined behaviors.

https://users.cs.utah.edu/~regehr/papers/pldi12-preprint.pdf

anitil•7mo ago

Reading and learning about these is like peering in to a world of mystery. I know I'm looking at something interesting and important but it always sits just out of reach

pfdietz•7mo ago

The big question here is why is the approach so effective. Do random testing on a compiler that has never been subject to it and you will quickly find bugs, unless it's some extreme case like the compiler having been proved correct. Even CompCert, which had correctness guarantees, still had bugs that were outside the scope of those guarantees.

Back before this was realized compilers were a buggy mess and people just lived with it. Now, they're still buggy, but less so. Random testing with billions of inputs is practical now and tends to rapidly "mine out" significant chunks of potential bug space. One could view this as an example of the Bitter Lesson, where dumb search coupled with massive amounts of computing power solves a problem that had seemed to require more knowledge.

Anyone making a production quality compiler these days needs to be using high volume random testing.

anitil•7mo ago

> Anyone making a production quality compiler these days needs to be using high volume random testing

How is this done these days, do people just set up CI workflows for this or have dedicated machines running tests 24/7?

Queueing Theory v2: DORA metrics, queue-of-queues, chi-alpha-beta-sigma notation

Show HN: Hibana – choreography-first protocol safety for Rust

Haniri: A live autonomous world where AI agents survive or collapse

GPT-5.3-Codex System Card [pdf]

Atlas: Manage your database schema as code

Geist Pixel

Show HN: MCP to get latest dependency package and tool versions

The better you get at something, the harder it becomes to do

Show HN: WP Float – Archive WordPress blogs to free static hosting

Show HN: I Hacked My Family's Meal Planning with an App

Sony BMG copy protection rootkit scandal

The Future of Systems

NASA now allowing astronauts to bring their smartphones on space missions

Claude Code Is the Inflection Point

Show HN: MicroClaw – Agentic AI Assistant for Telegram, Built in Rust

Show HN: Omni-BLAS – 4x faster matrix multiplication via Monte Carlo sampling

The AI-Ready Software Developer: Conclusion – Same Game, Different Dice

AI Agent Automates Google Stock Analysis from Financial Reports

Voxtral Realtime 4B Pure C Implementation

I Was Trapped in Chinese Mafia Crypto Slavery [video]

U.S. CBP Reported Employee Arrests (FY2020 – FYTD)

Show HN: I built a free UCP checker – see if AI agents can find your store

Show HN: SVGV – A Real-Time Vector Video Format for Budget Hardware

Study of 150 developers shows AI generated code no harder to maintain long term

Spotify now requires premium accounts for developer mode API access

When Albert Einstein Moved to Princeton

Agents.md as a Dark Signal

System time, clocks, and their syncing in macOS

McCLIM and 7GUIs – Part 1: The Counter

So whats the next word, then? Almost-no-math intro to transformer models