Search papers, labs, and topics across Lattice.
This paper explores fuzzing as a practical approach to improve the reliability and robustness of deductive verifiers, which are complex software systems difficult to fully verify themselves. They introduce AValAnCHE, a prototype fuzzing tool integrated with the VerCors verifier, to automatically generate test cases. Experiments using AValAnCHE uncovered several issues in VerCors and demonstrated the applicability of fuzzing to other deductive verifiers, highlighting its potential for enhancing the trustworthiness of these tools.
Fuzzing, traditionally used for bug-hunting in software, can now fortify the reliability of complex deductive verifiers, tools critical for ensuring the correctness of other software.
As deductive verifiers mature, their potential user base is growing from the initial core developers to other users. To convince external users of the suitability of verifiers, these tools must run reliably out of the box, give meaningful error messages and display correct results. Yet deductive verifiers are large and complex software systems and their own full verification is often out of reach. We therefore need complementary means to provide such guarantees. This paper advocates the use of fuzzing as a practical way to improve the quality and robustness of deductive verifiers. We outline how fuzz testing can be applied to deductive verifiers, and demonstrate the idea with the prototype tool AValAnCHE, which is integrated with the VerCors verifier. We report on our experiments in which AValAnCHE uncovered several issues in VerCors and demonstrate that the approach also works for other deductive verifiers
