Solidity compiler plays a key role in enabling the development of smart contract applications on Ethereum by governing the syntax of a domain-specific language called Solidity and performing compilation and optimization of Solidity code. The correctness of Solidity compiler is critical in fostering transparency, efficiency, and trust in industries reliant on smart contracts. However, like other software systems, Solidity compiler is prone to bugs, which may produce incorrect bytecodes on blockchain platforms, resulting in severe security concerns. As a domain-specific compiler for smart contracts, Solidity compiler differs from other compilers in many perspectives, posing unique challenges to detect its bugs. To understand the bugs in Solidity compiler and benefit future research, in this paper, we present the first systematic study on 533 Solidity compiler bugs. We carefully examined their characteristics (including symptoms, root causes, and distribution), and their triggering test cases. Our study leads to seven bug-revealing takeaways for Solidity compiler. Moreover, to study the limitations of Solidity compiler fuzzers and bring our findings into practical scenarios, we evaluate three Solidity compiler fuzzers on our constructed benchmark. The results show that these fuzzers are inefficient in detecting Solidity compiler bugs. The inefficiency arises from their failure to consider the interesting bug-inducing features, bug-related compilation flags, and test oracles

翻译：Solidity编译器通过管理一种称为Solidity的领域特定语言的语法，并执行Solidity代码的编译与优化，在以太坊智能合约应用开发中扮演着关键角色。Solidity编译器的正确性对于依赖智能合约的行业实现透明度、效率和信任至关重要。然而，与其他软件系统类似，Solidity编译器也存在缺陷，这些缺陷可能导致区块链平台上生成错误的字节码，从而引发严重的安全隐患。作为智能合约的领域特定编译器，Solidity编译器在多个维度上区别于其他编译器，这为其缺陷检测带来了独特挑战。为深入理解Solidity编译器的缺陷并推动未来研究，本文首次对533个Solidity编译器缺陷进行了系统性研究。我们细致分析了这些缺陷的特征（包括症状、根本原因与分布规律）及其触发测试用例。本研究总结出七项关于Solidity编译器缺陷的重要发现。此外，为探究现有Solidity编译器模糊测试工具的局限性并将研究发现应用于实际场景，我们在构建的基准测试集上评估了三款主流模糊测试工具。结果表明，这些工具在检测Solidity编译器缺陷方面效率低下，其低效性主要源于未能充分考虑以下因素：具有缺陷诱导价值的代码特征、与缺陷相关的编译选项配置，以及有效的测试预言机制。