{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,19]],"date-time":"2026-02-19T07:17:21Z","timestamp":1771485441431,"version":"3.50.1"},"reference-count":83,"publisher":"Association for Computing Machinery (ACM)","issue":"3","funder":[{"DOI":"10.13039\/501100012166","name":"National Key R&D Program of China","doi-asserted-by":"crossref","award":["#2022YFB4501801"],"award-info":[{"award-number":["#2022YFB4501801"]}],"id":[{"id":"10.13039\/501100012166","id-type":"DOI","asserted-by":"crossref"}]},{"name":"Frontier Technologies R&D Program of Jiangsu","award":["#BF2024059"],"award-info":[{"award-number":["#BF2024059"]}]},{"name":"Leading-edge Technology Program of Jiangsu Natural Science Foundation","award":["#BK20202001"],"award-info":[{"award-number":["#BK20202001"]}]},{"name":"Collaborative Innovation Center of Novel Software Technology and Industrialization"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Comput. Syst."],"published-print":{"date-parts":[[2025,8,31]]},"abstract":"<jats:p>\n            We introduce the concept of\n            <jats:italic toggle=\"yes\">compilation space<\/jats:italic>\n            as a new pivot for the comprehensive validation of just-in-time (JIT) compilers in modern language virtual machines (LVMs). The compilation space of a program encompasses a wide range of equivalent JIT-compilation choices, which can be cross-validated to ensure the correctness of the program\u2019s JIT compilations. To thoroughly explore the compilation space in a lightweight and LVM-agnostic manner, we strategically mutate test programs with JIT-relevant but semantics-preserving code constructs, aiming to provoke diverse JIT compilation optimizations. We primarily implement this approach in\n            <jats:monospace>Artemis<\/jats:monospace>\n            , a tool for validating Java Virtual Machines (JVMs). Within three months,\n            <jats:monospace>Artemis<\/jats:monospace>\n            successfully discovered 85 bugs in three widely used production JVMs\u2014HotSpot, OpenJ9, and the Android Runtime\u2014where 53 were already confirmed or fixed and many of which were classified as critical. It is noteworthy that all reported bugs concern JIT compilers, highlighting the effectiveness and practicality of our technique. Building on the promising results with JVMs, we experimentally applied our technique to a state-of-the-art JavaScript Engine (JSE) fuzzer called Fuzzilli, aiming to augment it to find mis-compilation bugs without significantly sacrificing its ability to detect crashes. Our experiments demonstrate that our enhanced version of Fuzzilli namely\n            <jats:monospace>Apollo<\/jats:monospace>\n            could achieve comparable code coverage with a considerably smaller number of generated programs with a similar number of crashes. Additionally,\n            <jats:monospace>Apollo<\/jats:monospace>\n            successfully uncovered four mis-compilations in JavaScriptCore and SpiderMonkey within seven days. Following\n            <jats:monospace>Artemis<\/jats:monospace>\n            \u2019 and\n            <jats:monospace>Apollo<\/jats:monospace>\n            \u2019s success, we are expecting that the generality and practicability of our approach will make it broadly applicable for understanding and validating the JIT compilers of other LVMs.\n          <\/jats:p>","DOI":"10.1145\/3715102","type":"journal-article","created":{"date-parts":[[2025,2,14]],"date-time":"2025-02-14T06:09:35Z","timestamp":1739513375000},"page":"1-37","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":4,"title":["Validating JIT Compilers via Compilation Space Exploration"],"prefix":"10.1145","volume":"43","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-9576-100X","authenticated-orcid":false,"given":"Cong","family":"Li","sequence":"first","affiliation":[{"name":"Nanjing University","place":["Nanjing, China"]}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7651-9560","authenticated-orcid":false,"given":"Yanyan","family":"Jiang","sequence":"additional","affiliation":[{"name":"Nanjing University","place":["Nanjing, China"]}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6299-4704","authenticated-orcid":false,"given":"Chang","family":"Xu","sequence":"additional","affiliation":[{"name":"Nanjing University","place":["Nanjing, China"]}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2970-1391","authenticated-orcid":false,"given":"Zhendong","family":"Su","sequence":"additional","affiliation":[{"name":"ETH Zurich","place":["Zurich, Switzerland"]}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2025,7,26]]},"reference":[{"key":"e_1_3_3_2_2","volume-title":"JFuzz","year":"2018","unstructured":"ART. 2018. JFuzz. Retrieved Feb. 25, 2025 fromhttps:\/\/android.googlesource.com\/platform\/art\/+\/refs\/heads\/master\/tools\/jfuzz"},{"key":"e_1_3_3_3_2","volume-title":"Proceedings of the 2019 ISOC Network and Distributed System Security Symposium (NDSS\u201919)","author":"Aschermann Cornelius","year":"2019","unstructured":"Cornelius Aschermann, Tommaso Frassetto, Thorsten Holz, Patrick Jauernig, Ahmad-Reza Sadeghi, and Daniel Teuchert. 2019. NAUTILUS: Fishing for deep bugs with grammars. In Proceedings of the 2019 ISOC Network and Distributed System Security Symposium (NDSS\u201919)."},{"key":"e_1_3_3_4_2","volume-title":"Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security (CCS\u201922)","author":"Bernhard Lukas","year":"2022","unstructured":"Lukas Bernhard, Tobias Scharnowski, Moritz Schloegel, Tim Blazytko, and Thorsten Holz. 2022. JIT-picking: Differential fuzzing of JavaScript engines. In Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security (CCS\u201922)."},{"key":"e_1_3_3_5_2","volume-title":"Proceedings of the 2020 IEEE Symposium on Security and Privacy (SP\u201920)","author":"Brennan Tegan","year":"2020","unstructured":"Tegan Brennan, Nicol\u00e1s Rosner, and Tevfik Bultan. 2020. JIT leaks: Inducing timing side channels through just-in-time compilation. In Proceedings of the 2020 IEEE Symposium on Security and Privacy (SP\u201920)."},{"key":"e_1_3_3_6_2","volume-title":"Proceedings of the 2020 ACM\/IEEE International Conference on Software Engineering (ICSE\u201920)","author":"Brennan Tegan","year":"2020","unstructured":"Tegan Brennan, Seemanta Saha, and Tevfik Bultan. 2020. JVM fuzzing for JIT-induced side-channel detection. In Proceedings of the 2020 ACM\/IEEE International Conference on Software Engineering (ICSE\u201920)."},{"key":"e_1_3_3_7_2","article-title":"Well-typed programs can go wrong: A study of typing-related bugs in JVM compilers","volume":"5","author":"Chaliasos Stefanos","year":"2021","unstructured":"Stefanos Chaliasos, Thodoris Sotiropoulos, Georgios-Petros Drosos, Charalambos Mitropoulos, Dimitris Mitropoulos, and Diomidis Spinellis. 2021. Well-typed programs can go wrong: A study of typing-related bugs in JVM compilers. Proc. ACM Program. Lang. 5, OOPSLA (2021), 1\u201330.","journal-title":"Proc. ACM Program. Lang."},{"key":"e_1_3_3_8_2","volume-title":"Proceedings of the 2022 ACM SIGPLAN International Conference on Programming Language Design and Implementation (PLDI\u201922)","author":"Chaliasos Stefanos","year":"2022","unstructured":"Stefanos Chaliasos, Thodoris Sotiropoulos, Diomidis Spinellis, Arthur Gervais, Benjamin Livshits, and Dimitris Mitropoulos. 2022. Finding typing compiler bugs. In Proceedings of the 2022 ACM SIGPLAN International Conference on Programming Language Design and Implementation (PLDI\u201922)."},{"key":"e_1_3_3_9_2","volume-title":"Proceedings of the 1989 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI\u201989)","author":"Chambers Craig David","year":"1989","unstructured":"Craig David Chambers and David Michael Ungar. 1989. Customization: Optimizing compiler technology for SELF, a dynamically-typed object-oriented programming language. In Proceedings of the 1989 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI\u201989)."},{"key":"e_1_3_3_10_2","article-title":"Metamorphic Testing: A New Approach for Generating Next Test Cases","author":"Chen Tsong Yueh","year":"1998","unstructured":"Tsong Yueh Chen, Shing Chi Cheung, and Shiu Ming Yiu. 1998. Metamorphic Testing: A New Approach for Generating Next Test Cases. Technical Report HKUST-CS98-01. Department of Computer Science, The Hong Kong University of Science and Technology.","journal-title":"Technical Report HKUST-CS98-01"},{"key":"e_1_3_3_11_2","volume-title":"Proceedings of the 2019 International Conference on Software Engineering (ICSE\u201919)","author":"Chen Yuting","year":"2019","unstructured":"Yuting Chen, Ting Su, and Zhendong Su. 2019. Deep differential testing of JVM implementations. In Proceedings of the 2019 International Conference on Software Engineering (ICSE\u201919)."},{"key":"e_1_3_3_12_2","volume-title":"Proceedings of the 2016 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI\u201916)","author":"Chen Yuting","year":"2016","unstructured":"Yuting Chen, Ting Su, Chengnian Sun, Zhendong Su, and Jianjun Zhao. 2016. Coverage-directed differential testing of JVM implementations. In Proceedings of the 2016 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI\u201916)."},{"issue":"3","key":"e_1_3_3_13_2","article-title":"Compiling Java just in time","volume":"17","author":"Cramer Timothy","year":"1997","unstructured":"Timothy Cramer, Richard Friedman, Terrence Miller, David Seberger, Robert Wilson, and Mario Wolczko. 1997. Compiling Java just in time. IEEE Micro 17, 3 (1997), 36\u201343.","journal-title":"IEEE Micro"},{"key":"e_1_3_3_14_2","volume-title":"Android Statistics (2022)","author":"Curry David","year":"2022","unstructured":"David Curry. 2022. Android Statistics (2022). Retrieved Feb. 25, 2025 fromhttps:\/\/www.businessofapps.com\/data\/android-statistics"},{"key":"e_1_3_3_15_2","volume-title":"Security Vulnerabilities (Memory Corruption)","year":"2023","unstructured":"CVE. 2023. Security Vulnerabilities (Memory Corruption). Retrieved Feb. 25, 2025 fromhttps:\/\/www.cvedetails.com\/vulnerability-list\/opmemc-1\/memory-corruption.html"},{"key":"e_1_3_3_16_2","volume-title":"Issue #273 - ES2015 Template Strings","year":"2024","unstructured":"Duktape. 2024. Issue #273 - ES2015 Template Strings. Retrieved Feb. 25, 2025 from https:\/\/github.com\/svaarala\/duktape\/issues\/273"},{"key":"e_1_3_3_17_2","volume-title":"Proceedings of the 2024 ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA\u201924)","author":"Eom Jueon","year":"2024","unstructured":"Jueon Eom, Seyeon Jeong, and Taekyoung Kwon. 2024. Fuzzing JavaScript interpreters with coverage-guided reinforcement learning for LLM-based mutation. In Proceedings of the 2024 ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA\u201924)."},{"key":"e_1_3_3_18_2","volume-title":"Proceedings of the 2003 International Symposium on Code Generation and Optimization: Feedback-Directed and Runtime Optimization (CGO\u201903)","author":"Fink Stephen J.","year":"2003","unstructured":"Stephen J. Fink and Feng Qian. 2003. Design, implementation and evaluation of adaptive recompilation with on-stack replacement. In Proceedings of the 2003 International Symposium on Code Generation and Optimization: Feedback-Directed and Runtime Optimization (CGO\u201903)."},{"key":"e_1_3_3_19_2","volume-title":"Proceedings of the 2019 ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC\/FSE\u201919)","author":"Fu Ying","year":"2019","unstructured":"Ying Fu, Meng Ren, Fuchen Ma, Heyuan Shi, Xin Yang, Yu Jiang, Huizhong Li, and Xiang Shi. 2019. EVMFuzzer: Detect EVM vulnerabilities via fuzz testing. In Proceedings of the 2019 ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC\/FSE\u201919)."},{"key":"e_1_3_3_20_2","volume-title":"Proceedings of the 2023 ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA\u201923)","author":"Gao Tianchang","year":"2023","unstructured":"Tianchang Gao, Junjie Chen, Yingquan Zhao, Yuqun Zhang, and Lingming Zhang. 2023. Vectorizing program ingredients for better JVM testing. In Proceedings of the 2023 ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA\u201923)."},{"key":"e_1_3_3_21_2","volume-title":"FuzzIL: Coverage Guided Fuzzing for JavaScript Engines","author":"Gro\u00df Samuel","year":"2018","unstructured":"Samuel Gro\u00df. 2018. FuzzIL: Coverage Guided Fuzzing for JavaScript Engines. Master\u2019s thesis. Karlsruhe Institute of Technology."},{"key":"e_1_3_3_22_2","volume-title":"JavaFuzzer","author":"Haghighat Mohammad R.","year":"2018","unstructured":"Mohammad R. Haghighat, Dmitry Khukhro, Andrey Yakovlev, Nina Rinskaya, and Ivan Popov. 2018. JavaFuzzer. Retrieved Feb. 25, 2025 from https:\/\/github.com\/AzulSystems\/JavaFuzzer"},{"key":"e_1_3_3_23_2","volume-title":"Proceedings of the 2019 ISOC Network and Distributed System Security Symposium (NDSS\u201919)","author":"Han HyungSeok","year":"2019","unstructured":"HyungSeok Han, DongHyeon Oh, and Sang Cha. 2019. CodeAlchemist: Semantics-aware code generation to find vulnerabilities in JavaScript engines. In Proceedings of the 2019 ISOC Network and Distributed System Security Symposium (NDSS\u201919)."},{"key":"e_1_3_3_24_2","volume-title":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security (CCS\u201921)","author":"He Xiaoyu","year":"2021","unstructured":"Xiaoyu He, Xiaofei Xie, Yuekang Li, Jianwen Sun, Feng Li, Wei Zou, Yang Liu, Lei Yu, Jianhua Zhou, Wenchang Shi, and Wei Huo. 2021. SoFi: Reflection-augmented fuzzing for JavaScript engines. In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security (CCS\u201921)."},{"key":"e_1_3_3_25_2","volume-title":"Proceedings of the 2012 USENIX Conference on Security Symposium (SEC\u201912)","author":"Holler Christian","year":"2012","unstructured":"Christian Holler, Kim Herzig, and Andreas Zeller. 2012. Fuzzing with code fragments. In Proceedings of the 2012 USENIX Conference on Security Symposium (SEC\u201912)."},{"key":"e_1_3_3_26_2","volume-title":"Proceedings of the 1992 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI\u201992)","author":"H\u00f6lzle Urs","year":"1992","unstructured":"Urs H\u00f6lzle, Craig Chambers, and David Ungar. 1992. Debugging optimized code with dynamic deoptimization. In Proceedings of the 1992 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI\u201992)."},{"key":"e_1_3_3_27_2","volume-title":"Tiered Compilation","year":"2022","unstructured":"HotSpot. 2022. Tiered Compilation. Retrieved Feb. 25, 2025 from https:\/\/github.com\/openjdk\/jdk11u-dev\/blob\/master\/src\/hotspot\/share\/runtime\/tieredThresholdPolicy.hpp"},{"key":"e_1_3_3_28_2","volume-title":"Proceedings of the 2023 International Conference on Software Engineering (ICSE\u201923)","author":"Jia Haoxiang","year":"2023","unstructured":"Haoxiang Jia, Ming Wen, Zifan Xie, Xiaochen Guo, Rongxin Wu, Maolin Sun, Kang Chen, and Hai Jin. 2023. Detecting JVM JIT compiler bugs via exploring two-dimensional input spaces. In Proceedings of the 2023 International Conference on Software Engineering (ICSE\u201923)."},{"key":"e_1_3_3_29_2","volume-title":"Proceedings of the 2022 USENIX Annual Technical Conference (ATC\u201922)","author":"Khrabrov Alexey","year":"2022","unstructured":"Alexey Khrabrov, Marius Pirvu, Vijay Sundaresan, and Eyal de Lara. 2022. JITServer: Disaggregated caching JIT compiler for the JVM in the cloud. In Proceedings of the 2022 USENIX Annual Technical Conference (ATC\u201922)."},{"key":"e_1_3_3_30_2","volume-title":"Proceedings of the 2015 ACM SIGPLAN\/SIGOPS International Conference on Virtual Execution Environments (VEE\u201915)","author":"Kyle Stephen","year":"2015","unstructured":"Stephen Kyle, Hugh Leather, Bj\u00f6rn Franke, Dave Butcher, and Stuart Monteith. 2015. Application of domain-aware binary fuzzing to aid android virtual machine testing. In Proceedings of the 2015 ACM SIGPLAN\/SIGOPS International Conference on Virtual Execution Environments (VEE\u201915)."},{"key":"e_1_3_3_31_2","volume-title":"Proceedings of the 2014 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI\u201914)","author":"Le Vu","year":"2014","unstructured":"Vu Le, Mehrdad Afshari, and Zhendong Su. 2014. Compiler validation via equivalence modulo inputs. In Proceedings of the 2014 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI\u201914)."},{"key":"e_1_3_3_32_2","volume-title":"Proceedings of the 2015 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA\u201915)","author":"Le Vu","year":"2015","unstructured":"Vu Le, Chengnian Sun, and Zhendong Su. 2015. Finding deep compiler bugs via guided stochastic program mutation. In Proceedings of the 2015 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA\u201915)."},{"key":"e_1_3_3_33_2","volume-title":"Proceedings of the 2020 USENIX Security Symposium (SEC\u201920)","author":"Lee Suyoung","year":"2020","unstructured":"Suyoung Lee, HyungSeok Han, Sang Kil Cha, and Sooel Son. 2020. Montage: A neural network language model-guided JavaScript engine fuzzer. In Proceedings of the 2020 USENIX Security Symposium (SEC\u201920)."},{"key":"e_1_3_3_34_2","volume-title":"Proceedings of the 2023 Symposium on Operating Systems Principles (SOSP\u201923)","author":"Li Cong","year":"2023","unstructured":"Cong Li, Yanyan Jiang, Chang Xu, and Zhendong Su. 2023. Validating JIT compilers via compilation space exploration. In Proceedings of the 2023 Symposium on Operating Systems Principles (SOSP\u201923)."},{"key":"e_1_3_3_35_2","article-title":"Boosting compiler testing by injecting real-world code","volume":"8","author":"Li Shaohua","year":"2024","unstructured":"Shaohua Li, Theodoros Theodoridis, and Zhendong Su. 2024. Boosting compiler testing by injecting real-world code. Proc. ACM Program. Lang. 8, PLDI (2024), 223\u2013245.","journal-title":"Proc. ACM Program. Lang."},{"key":"e_1_3_3_36_2","volume-title":"Proceedings of the 2015 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI\u201915)","author":"Lidbury Christopher","year":"2015","unstructured":"Christopher Lidbury, Andrei Lascu, Nathan Chong, and Alastair F. Donaldson. 2015. Many-core compiler fuzzing. In Proceedings of the 2015 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI\u201915)."},{"key":"e_1_3_3_37_2","volume-title":"Proceedings of the 2022 USENIX Annual Technical Conference (ATC\u201922)","author":"Lion David","year":"2022","unstructured":"David Lion, Adrian Chiu, Michael Stumm, and Ding Yuan. 2022. Investigating managed language runtime performance: Why JavaScript and Python are 8x and 29x slower than c++, yet Java and Go can be faster?. In Proceedings of the 2022 USENIX Annual Technical Conference (ATC\u201922)."},{"key":"e_1_3_3_38_2","volume-title":"Proceedings of the 2016 USENIX Symposium on Operating Systems Design and Implementation (OSDI\u201916)","author":"Lion David","year":"2016","unstructured":"David Lion, Adrian Chiu, Hailong Sun, Xin Zhuang, Nikola Grcevski, and Ding Yuan. 2016. Don\u2019t get caught in the cold, warm-up your JVM: Understand and eliminate JVM warm-up overhead in data-parallel systems. In Proceedings of the 2016 USENIX Symposium on Operating Systems Design and Implementation (OSDI\u201916)."},{"key":"e_1_3_3_39_2","article-title":"Random testing for C and C++ compilers with YARPGen","volume":"4","author":"Livinskii Vsevolod","year":"2020","unstructured":"Vsevolod Livinskii, Dmitry Babokin, and John Regehr. 2020. Random testing for C and C++ compilers with YARPGen. Proc. ACM Program. Lang. 4, OOPSLA (2020), 1\u201325.","journal-title":"Proc. ACM Program. Lang."},{"key":"e_1_3_3_40_2","doi-asserted-by":"crossref","DOI":"10.1145\/3591295","article-title":"Fuzzing loop optimizations in compilers for c++ and data-parallel languages","author":"Livinskii Vsevolod","year":"2023","unstructured":"Vsevolod Livinskii, Dmitry Babokin, and John Regehr. 2023. Fuzzing loop optimizations in compilers for c++ and data-parallel languages. Proc. ACM Program. Lang. 7, PLDI (2023), 1826\u20131847.","journal-title":"Proc. ACM Program. Lang."},{"key":"e_1_3_3_41_2","volume-title":"Proceedings of the 2021 ACM SIGPLAN International Conference on Programming Language Design and Implementation (PLDI\u201921)","author":"Lopes Nuno P.","year":"2021","unstructured":"Nuno P. Lopes, Juneyoung Lee, Chung-Kil Hur, Zhengyang Liu, and John Regehr. 2021. Alive2: Bounded translation validation for LLVM. In Proceedings of the 2021 ACM SIGPLAN International Conference on Programming Language Design and Implementation (PLDI\u201921)."},{"key":"e_1_3_3_42_2","volume-title":"Proceedings of the 2015 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI\u201915)","author":"Lopes Nuno P.","year":"2015","unstructured":"Nuno P. Lopes, David Menendez, Santosh Nagarakatte, and John Regehr. 2015. Provably correct peephole optimizations with alive. In Proceedings of the 2015 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI\u201915)."},{"issue":"4","key":"e_1_3_3_43_2","article-title":"Recursive functions of symbolic expressions and their computation by machine, part I","volume":"3","author":"McCarthy John","year":"1960","unstructured":"John McCarthy. 1960. Recursive functions of symbolic expressions and their computation by machine, part I. Commun. ACM 3, 4 (1960), 184\u2013195.","journal-title":"Commun. ACM"},{"key":"e_1_3_3_44_2","volume-title":"Super Duper Secure Mode","year":"2021","unstructured":"Microsoft. 2021. Super Duper Secure Mode. Retrieved Feb. 25, 2025 from https:\/\/microsoftedge.github.io\/edgevr\/posts\/Super-Duper-Secure-Mode"},{"key":"e_1_3_3_45_2","volume-title":"funfuzz","year":"2016","unstructured":"MozillaSecurity. 2016. funfuzz. Retrieved Feb. 25, 2025 from https:\/\/github.com\/MozillaSecurity\/funfuzz"},{"key":"e_1_3_3_46_2","volume-title":"Proceedings of the 2019 ACM Symposium on Operating Systems Principles (SOSP\u201919)","author":"Nelson Luke","year":"2019","unstructured":"Luke Nelson, James Bornholt, Ronghui Gu, Andrew Baumann, Emina Torlak, and Xi Wang. 2019. Scaling symbolic evaluation for automated verification of systems code with serval. In Proceedings of the 2019 ACM Symposium on Operating Systems Principles (SOSP\u201919)."},{"key":"e_1_3_3_47_2","volume-title":"Proceedings of the 2020 USENIX Symposium on Operating Systems Design and Implementation (OSDI\u201920)","author":"Nelson Luke","year":"2020","unstructured":"Luke Nelson, Jacob Van Geffen, Emina Torlak, and Xi Wang. 2020. Specification and verification in the field: Applying formal methods to BPF just-in-time compilers in the Linux kernel. In Proceedings of the 2020 USENIX Symposium on Operating Systems Design and Implementation (OSDI\u201920)."},{"key":"e_1_3_3_48_2","volume-title":"Proceedings of the 2016 USENIX Conference on Operating Systems Design and Implementation (OSDI\u201916)","author":"Nguyen Khanh","year":"2016","unstructured":"Khanh Nguyen, Lu Fang, Guoqing Xu, Brian Demsky, Shan Lu, Sanazsadat Alamian, and Onur Mutlu. 2016. Yak: A high-performance big-data-friendly garbage collector. In Proceedings of the 2016 USENIX Conference on Operating Systems Design and Implementation (OSDI\u201916)."},{"key":"e_1_3_3_49_2","volume-title":"Recompilation","year":"2020","unstructured":"OpenJ9. 2020. Recompilation. Retrieved Feb. 25, 2025 from https:\/\/github.com\/eclipse-openj9\/openj9\/blob\/master\/doc\/compiler\/runtime\/Recompilation.md"},{"key":"e_1_3_3_50_2","volume-title":"Optimization Levels","year":"2022","unstructured":"OpenJ9. 2022. Optimization Levels. Retrieved Feb. 25, 2025 fromhttps:\/\/www.eclipse.org\/openj9\/docs\/jit"},{"key":"e_1_3_3_51_2","volume-title":"Autoboxing","year":"2023","unstructured":"Oracle. 2023. Autoboxing. Retrieved Feb. 25, 2025 fromhttps:\/\/docs.oracle.com\/javase\/8\/docs\/technotes\/guides\/language\/autoboxing.html"},{"key":"e_1_3_3_52_2","volume-title":"Proceedings of the 2024 ACM Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS\u201924)","author":"Ou Xianfei","year":"2024","unstructured":"Xianfei Ou, Cong Li, Yanyan Jiang, and Chang Xu. 2024. The mutators reloaded: Fuzzing compilers with large language model generated mutation operators. In Proceedings of the 2024 ACM Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS\u201924)."},{"key":"e_1_3_3_53_2","volume-title":"Proceedings of the 2021 IEEE\/ACM International Conference on Software Engineering (ICSE\u201921)","author":"Park Jihyeok","year":"2021","unstructured":"Jihyeok Park, Seungmin An, Dongjun Youn, Gyeongwon Kim, and Sukyoung Ryu. 2021. JEST: N+1-version differential testing of both JavaScript engines and specification. In Proceedings of the 2021 IEEE\/ACM International Conference on Software Engineering (ICSE\u201921)."},{"key":"e_1_3_3_54_2","volume-title":"Proceedings of the 2020 IEEE Symposium on Security and Privacy (SP\u201920)","author":"Park Soyeon","year":"2020","unstructured":"Soyeon Park, Wen Xu, Insu Yun, Daehee Jang, and Taesoo Kim. 2020. Fuzzing JavaScript engines with aspect-preserving mutation. In Proceedings of the 2020 IEEE Symposium on Security and Privacy (SP\u201920)."},{"key":"e_1_3_3_55_2","article-title":"SPOON: A library for implementing analyses and transformations of Java source code","volume":"46","author":"Pawlak Renaud","year":"2015","unstructured":"Renaud Pawlak, Martin Monperrus, Nicolas Petitprez, Carlos Noguera, and Lionel Seinturier. 2015. SPOON: A library for implementing analyses and transformations of Java source code. Software: Practice and Experience 46, 9 (2015), 1155\u20131179.","journal-title":"Software: Practice and Experience"},{"key":"e_1_3_3_56_2","volume-title":"Proceedings of the 2022 ACM SIGPLAN International Conference on Programming Language Design and Implementation (PLDI\u201922)","author":"Polito Guillermo","year":"2022","unstructured":"Guillermo Polito, St\u00e9phane Ducasse, and Pablo Tesone. 2022. Interpreter-guided differential JIT compiler unit testing. In Proceedings of the 2022 ACM SIGPLAN International Conference on Programming Language Design and Implementation (PLDI\u201922)."},{"key":"e_1_3_3_57_2","volume-title":"Proceedings of the 2012 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI\u201912)","author":"Regehr John","year":"2012","unstructured":"John Regehr, Yang Chen, Pascal Cuoq, Eric Eide, Chucky Ellison, and Xuejun Yang. 2012. Test-case reduction for C compiler bugs. In Proceedings of the 2012 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI\u201912)."},{"key":"e_1_3_3_58_2","volume-title":"Proceedings of the 1999 Conference on Domain-Specific Languages (DSL\u201999)","author":"Sirer Emin G\u00fcn","year":"2000","unstructured":"Emin G\u00fcn Sirer and Brian N. Bershad. 2000. Using production grammars in software testing. In Proceedings of the 1999 Conference on Domain-Specific Languages (DSL\u201999)."},{"key":"e_1_3_3_59_2","volume-title":"Program Synthesis by Sketching","author":"Solar-Lezama Armando","year":"2008","unstructured":"Armando Solar-Lezama. 2008. Program Synthesis by Sketching. Ph. D. Dissertation. Advisor(s) Bodik, Rastislav."},{"key":"e_1_3_3_60_2","volume-title":"Proceedings of the 2016 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA\u201916)","author":"Sun Chengnian","year":"2016","unstructured":"Chengnian Sun, Vu Le, and Zhendong Su. 2016. Finding compiler bugs via live code mutation. In Proceedings of the 2016 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA\u201916)."},{"key":"e_1_3_3_61_2","volume-title":"Proceedings of the 2018 International Conference on Software Engineering (ICSE\u201918)","author":"Sun Chengnian","year":"2018","unstructured":"Chengnian Sun, Yuanbo Li, Qirun Zhang, Tianxiao Gu, and Zhendong Su. 2018. Perses: Syntax-guided program reduction. In Proceedings of the 2018 International Conference on Software Engineering (ICSE\u201918)."},{"key":"e_1_3_3_62_2","volume-title":"Proceedings of the 2022 ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS\u201922)","author":"Theodoridis Theodoros","year":"2022","unstructured":"Theodoros Theodoridis, Manuel Rigger, and Zhendong Su. 2022. Finding missed optimizations through the lens of dead code elimination. In Proceedings of the 2022 ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS\u201922)."},{"key":"e_1_3_3_63_2","volume-title":"Maglev - V8\u2019s Fastest Optimizing JIT","year":"2023","unstructured":"V8. 2023. Maglev - V8\u2019s Fastest Optimizing JIT. Retrieved Feb. 25, 2025 from https:\/\/webkit.org\/blog\/3362\/introducing-the-webkit-ftl-jit"},{"key":"e_1_3_3_64_2","volume-title":"Proceedings of the 2022 USENIX Symposium on Operating Systems Design and Implementation (OSDI\u201922)","author":"Wang Chenxi","year":"2022","unstructured":"Chenxi Wang, Haoran Ma, Shi Liu, Yifan Qiao, Jonathan Eyolfson, Christian Navasca, Shan Lu, and Guoqing Harry Xu. 2022. MemLiner: Lining up tracing and application for a far-memory-friendly runtime. In Proceedings of the 2022 USENIX Symposium on Operating Systems Design and Implementation (OSDI\u201922)."},{"key":"e_1_3_3_65_2","volume-title":"Proceedings of the 2017 IEEE Symposium on Security and Privacy (SP\u201917)","author":"Wang Junjie","year":"2017","unstructured":"Junjie Wang, Bihuan Chen, Lei Wei, and Yang Liu. 2017. Skyfire: Data-driven seed generation for fuzzing. In Proceedings of the 2017 IEEE Symposium on Security and Privacy (SP\u201917)."},{"key":"e_1_3_3_66_2","volume-title":"Proceedings of the 2019 International Conference on Software Engineering (ICSE\u201919)","author":"Wang Junjie","year":"2019","unstructured":"Junjie Wang, Bihuan Chen, Lei Wei, and Yang Liu. 2019. Superion: Grammar-aware greybox fuzzing. In Proceedings of the 2019 International Conference on Software Engineering (ICSE\u201919)."},{"key":"e_1_3_3_67_2","volume-title":"Proceedings of the 2024 USENIX Security Symposium (SEC\u201924)","author":"Wang Jiming","year":"2024","unstructured":"Jiming Wang, Yan Kang, Chenggang Wu, Yuhao Hu, Yue Sun, Jikai Ren, Yuanming Lai, Mengyao Xie, Charles Zhang, Tao Li, and Zhe Wang. 2024. OptFuzz: Optimization path guided fuzzing for JavaScript JIT compilers. In Proceedings of the 2024 USENIX Security Symposium (SEC\u201924)."},{"key":"e_1_3_3_68_2","volume-title":"Proceedings of the 2023 USENIX Security Symposium (SEC\u201923)","author":"Wang Junjie","year":"2023","unstructured":"Junjie Wang, Zhiyi Zhang, Shuang Liu, Xiaoning Du, and Junjie Chen. 2023. FuzzJIT: Oracle-enhanced fuzzing for JavaScript engine JIT compiler. In Proceedings of the 2023 USENIX Security Symposium (SEC\u201923)."},{"key":"e_1_3_3_69_2","volume-title":"Proceedings of the 2014 USENIX Conference on Operating Systems Design and Implementation (OSDI\u201914)","author":"Wang Xi","year":"2014","unstructured":"Xi Wang, David Lazar, Nickolai Zeldovich, Adam Chlipala, and Zachary Tatlock. 2014. Jitk: A trustworthy in-kernel interpreter infrastructure. In Proceedings of the 2014 USENIX Conference on Operating Systems Design and Implementation (OSDI\u201914)."},{"key":"e_1_3_3_70_2","volume-title":"Introducing the WebKit FTL JIT","year":"2014","unstructured":"Webkit. 2014. Introducing the WebKit FTL JIT. Retrieved Feb. 25, 2025 from https:\/\/webkit.org\/blog\/3362\/introducing-the-webkit-ftl-jit"},{"key":"e_1_3_3_71_2","volume-title":"Introducing the B3 JIT Compiler","year":"2016","unstructured":"Webkit. 2016. Introducing the B3 JIT Compiler. Retrieved Feb. 25, 2025 from https:\/\/webkit.org\/blog\/5852\/introducing-the-b3-jit-compiler"},{"key":"e_1_3_3_72_2","volume-title":"Proceedings of the 2023 International Conference on Software Engineering (ICSE\u201923)","author":"Wu Mingyuan","year":"2023","unstructured":"Mingyuan Wu, Minghai Lu, Heming Cui, Junjie Chen, Yuqun Zhang, and Lingming Zhang. 2023. JITfuzz: Coverage-guided fuzzing for JVM just-in-time compilers. In Proceedings of the 2023 International Conference on Software Engineering (ICSE\u201923)."},{"key":"e_1_3_3_73_2","volume-title":"Proceedings of the 2023 ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC\/FSE\u201923)","author":"Wu Mingyuan","year":"2023","unstructured":"Mingyuan Wu, Yicheng Ouyang, Minghai Lu, Junjie Chen, Yingquan Zhao, Heming Cui, Guowei Yang, and Yuqun Zhang. 2023. SJFuzz: Seed and mutator scheduling for JVM fuzzing. In Proceedings of the 2023 ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC\/FSE\u201923)."},{"key":"e_1_3_3_74_2","volume-title":"Proceedings of the 2024 ACM Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS\u201924)","author":"Xie Zifan","year":"2024","unstructured":"Zifan Xie, Ming Wen, Shiyu Qiu, and Hai Jin. 2024. Validating JVM compilers via maximizing optimization interactions. In Proceedings of the 2024 ACM Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS\u201924)."},{"key":"e_1_3_3_75_2","volume-title":"Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security (CCS\u201924)","author":"Xu Haoran","year":"2024","unstructured":"Haoran Xu, Zhiyuan Jiang, Yongjun Wang, Shuhui Fan, Shenglin Xu, Peidai Xie, Shaojing Fu, and Mathias Payer. 2024. Fuzzing JavaScript engines with a graph-based IR. In Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security (CCS\u201924)."},{"key":"e_1_3_3_76_2","volume-title":"Proceedings of the 2011 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI\u201911)","author":"Yang Xuejun","year":"2011","unstructured":"Xuejun Yang, Yang Chen, Eric Eide, and John Regehr. 2011. Finding and understanding bugs in C compilers. In Proceedings of the 2011 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI\u201911)."},{"key":"e_1_3_3_77_2","volume-title":"Proceedings of the 2021 ACM SIGPLAN International Conference on Programming Language Design and Implementation (PLDI\u201921)","author":"Ye Guixin","year":"2021","unstructured":"Guixin Ye, Zhanyong Tang, Shin Hwei Tan, Songfang Huang, Dingyi Fang, Xiaoyang Sun, Lizhong Bian, Haibo Wang, and Zheng Wang. 2021. Automated conformance testing for JavaScript engines via deep compiler fuzzing. In Proceedings of the 2021 ACM SIGPLAN International Conference on Programming Language Design and Implementation (PLDI\u201921)."},{"key":"e_1_3_3_78_2","volume-title":"Proceedings of the 2003 International Conference on Quality Software (QSIC\u201903)","author":"Yoshikawa Takahide","year":"2003","unstructured":"Takahide Yoshikawa, Kouya Shimura, and Toshihiro Ozawa. 2003. Random program generator for Java JIT compiler test system. In Proceedings of the 2003 International Conference on Quality Software (QSIC\u201903)."},{"key":"e_1_3_3_79_2","volume-title":"American Fuzzy Lop - Whitepaper","author":"Zalewski Micha\u0142","year":"2016","unstructured":"Micha\u0142 Zalewski. 2016. American Fuzzy Lop - Whitepaper. Retrieved Feb. 25, 2025 from https:\/\/lcamtuf.coredump.cx\/afl\/technical_details.txt"},{"key":"e_1_3_3_80_2","article-title":"Java JIT testing with template extraction","volume":"1","author":"Zang Zhiqiang","year":"2024","unstructured":"Zhiqiang Zang, Fu-Yao Yu, Aditya Thimmaiah, August Shi, and Milos Gligoric. 2024. Java JIT testing with template extraction. Proc. ACM Softw. Eng. 1, FSE (2024), 1129\u20131151.","journal-title":"Proc. ACM Softw. Eng."},{"key":"e_1_3_3_81_2","volume-title":"Proceedings of the 2017 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI\u201917)","author":"Zhang Qirun","year":"2017","unstructured":"Qirun Zhang, Chengnian Sun, and Zhendong Su. 2017. Skeletal program enumeration for rigorous compiler testing. In Proceedings of the 2017 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI\u201917)."},{"key":"e_1_3_3_82_2","volume-title":"Proceedings of the 2022 International Conference on Automated Software Engineering (ASE\u201922)","author":"Zhang Zhiqiang","year":"2022","unstructured":"Zhiqiang Zhang, Nathan Wiatrek, Milos Gligoric, and August Shi. 2022. Compiler testing via template Java programs. In Proceedings of the 2022 International Conference on Automated Software Engineering (ASE\u201922)."},{"key":"e_1_3_3_83_2","volume-title":"Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security (CCS\u201924)","author":"Zhao Yingquan","year":"2024","unstructured":"Yingquan Zhao, Zan Wang, Junjie Chen, Ruifeng Fu, Yanzhou Lu, Tianchang Gao, and Haojie Ye. 2024. Program ingredients abstraction and instantiation for synthesis-based JVM testing. In Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security (CCS\u201924)."},{"key":"e_1_3_3_84_2","volume-title":"Proceedings of the 2022 International Conference on Software Engineering (ICSE\u201922)","author":"Zhao Yingquan","year":"2022","unstructured":"Yingquan Zhao, Zan Wang, Junjie Chen, Mengdi Liu, Mingyuan Wu, Yuqun Zhang, and Lingming Zhang. 2022. History-driven test program synthesis for JVM testing. In Proceedings of the 2022 International Conference on Software Engineering (ICSE\u201922)."}],"container-title":["ACM Transactions on Computer Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3715102","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,26]],"date-time":"2025-07-26T14:08:14Z","timestamp":1753538894000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3715102"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,7,26]]},"references-count":83,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2025,8,31]]}},"alternative-id":["10.1145\/3715102"],"URL":"https:\/\/doi.org\/10.1145\/3715102","relation":{},"ISSN":["0734-2071","1557-7333"],"issn-type":[{"value":"0734-2071","type":"print"},{"value":"1557-7333","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,7,26]]},"assertion":[{"value":"2024-10-28","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2025-01-17","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2025-07-26","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}