Fuzzing is a popular bug detection technique achieved by testing software executables with random inputs. This technique can also be extended to libraries by constructing executables that call library APIs, known as fuzz drivers. Automated fuzz driver synthesis has been an important research topic in recent years since it can facilitate the library fuzzing process. Nevertheless, existing approaches generally ignore generic APIs or simply treat them as normal APIs. As a result, they cannot generate effective fuzz drivers for generic APIs. This paper studies the automated fuzz driver synthesis problem for Rust libraries with generic APIs. The problem is essential because Rust emphasizes security, and generic APIs are widely employed in Rust crates. Each generic API can have numerous monomorphic versions as long as the type constraints are satisfied. The critical challenge to this problem lies in prioritizing these monomorphic versions and providing valid inputs for them. To address the problem, we extend existing API-dependency graphs to support generic APIs. By solving such dependencies and type constraints, we can generate a collection of candidate monomorphic APIs. Further, we apply a similarity-based filter to prune redundant versions, particularly if multiple monomorphic APIs adopt the identical trait implementation. Experimental results with 29 popular open-source libraries show that our approach can achieve promising generic API coverage with a low rate of invalid fuzz drivers. Besides, we find 23 bugs previously unknown in these libraries, with 18 bugs related to generic APIs.

翻译：模糊测试是一种通过向软件可执行文件输入随机数据来检测漏洞的流行技术。该技术也可扩展至库函数，通过构建调用库API的可执行文件（即模糊测试驱动程序）实现。近年来，自动化模糊测试驱动程序合成已成为重要研究方向，因其能够简化库模糊测试流程。然而，现有方法通常忽略泛型API或将其视为普通API处理，导致无法为泛型API生成有效的模糊测试驱动程序。本文研究针对包含泛型API的Rust库的自动化模糊测试驱动程序合成问题。该问题具有关键意义，因为Rust强调安全性且泛型API在Rust crate中广泛使用。每个泛型API在满足类型约束条件下均可生成多个单态版本。解决该问题的核心挑战在于优先级排序这些单态版本并为其提供有效输入。为此，我们扩展了现有的API依赖图以支持泛型API。通过求解依赖关系与类型约束，可生成候选单态API集合。进一步，我们采用基于相似度的过滤器剔除冗余版本，特别针对多个单态API采用相同特型实现的情况。在29个流行开源库上的实验结果表明，本方法能以较低的无效模糊测试驱动程序比例实现良好的泛型API覆盖率。此外，我们还在这些库中发现23个此前未报告的缺陷，其中18个与泛型API相关。