Fuzzing the Solidity Compiler Solc with Fuzz4All
摘要
Fuzz testing (fuzzing) is an established technique for identifying software vulnerabilities by automatically generating a large volume of test inputs to uncover bugs. However, traditional compiler fuzzers are often designed for a specific language, making them difficult to adapt to others. To address this challenge, fuzzers that use Large Language Models (LLMs) to generate inputs for a wide variety of languages have emerged. This research aims to evaluate the effectiveness of Fuzz4All, an LLM-based universal compiler fuzzer, by applying it to Solc, the compiler for the smart contract language Solidity. Specifically, we selected five distinct features of Solidity as fuzzing targets, implemented a script to enable testing of these features, and generated 10,000 fuzzing inputs for each. The experimental results show that while the validity rate of the generated code was low, a substantial code coverage of approximately 47% was achieved. This suggests that Fuzz4All can generate high-quality test inputs that cover complex execution paths of the compiler, even for a novel language like Solidity.