Don't Look UB: Exposing Sanitizer-Eliding Compiler Optimizations

Explore a groundbreaking 18-minute conference talk from PLDI 2023 that uncovers the critical issue of sanitizer-eliding compiler optimizations. Delve into the research conducted by Raphael Isemann and colleagues from Vrije Universiteit Amsterdam, which reveals how optimizations can inadvertently remove sanitizer failures, potentially hiding bugs or introducing new ones. Learn about LookUB, a differential-testing based framework developed to identify these problematic optimizations in Clang. Discover how the researchers uncovered 17 sanitizer-eliding optimizations and subsequently found 20 new bugs in popular open-source projects like Linux Containers and WINE. Gain insights into their proposed mitigation strategy, which customizes the Clang optimizer with only a 4% overhead increase. This talk is essential for developers, compiler engineers, and security researchers interested in the intersection of compiler optimizations and code sanitization techniques.

[PLDI'23] Don't Look UB: Exposing Sanitizer-Eliding Compiler Optimizations