Compilers are programs that translate programs written in a high level programming language into machine code. The Solidity compiler accepts smart contracts written in the Solidity programming language and generates optimized Ethereum virtual machine (EVM) bytecode.
There are multiple components of the compiler that can introduce security issues: the optimiser and the code generator being the most security sensitive because they influence the binary code. Testing the codegen and the optimiser within the compiler requires a structured approach. Arbitrary character sequences as input-what a COTS fuzzer can easily provide-will simply be rejected by the compiler as invalid programs.
Second, finding bugs in the optimiser requires program interpretation and differential testing: side effects of the unoptimized and optimized programs need to be identical, otherwise the optimized program contains a bug. Testing the code generator is aided by the fact that the Solidity compiler has two implementations of the code generator, the legacy code generator and the new Yul intermediate representation (IR) based code generator. We employ a similar technique to find security relevant bugs in either codegens.