As a widely-used platform to support various Java-bytecode-based applications, Java Virtual Machine (JVM) incurs severe performance loss caused by its real-time program interpretation mechanism. To tackle this issue, the Just-in- Time compiler (JIT) has been widely adopted strengthen efficacy of JVM. Therefore, how effectively and efficiently detect JIT bugs becomes critical ensure correctness In paper, we propose coverage-guided fuzzing framework, namely JITfuzz, automatically bugs. particular, JITfuzz adopts set optimization-activating mutators trigger usage typical optimizations, e.g., function inlining simplification. Meanwhile, given optimizations are closely coupled with control flows, also enrich flows target programs. Moreover, proposes mutator scheduler which iteratively schedules according coverage updates maximize code JIT. evaluate effectiveness conduct experiments based on benchmark suite 16 popular JVM-based projects from GitHub. The experimental results suggest that outperforms state-of-the-art mutation-based generation-based JVM fuzzers 27.9 % 18.6 respectively in terms edge average. Furthermore, successfully detects 36 previously unknown (including 23 bugs) 27 18 have confirmed developers.

Load

Load