Deductive verifiers, as complex software systems, face significant challenges in ensuring their own reliability, which undermines the trustworthiness of their verification services. This work presents the first systematic application of fuzz testing to enhance the quality assurance of deductive verifiers. We propose and implement a prototype tool, AValAnCHE, integrated into the VerCors verifier. Our approach successfully uncovers multiple real-world bugs, substantially improving the verifier’s robustness and runtime stability. Furthermore, we demonstrate that the methodology is generalizable to other deductive verifiers, offering a practical means to strengthen the reliability of sophisticated verification tools that cannot be fully self-verified.

As deductive verifiers mature, their potential user base is growing from the initial core developers to other users. To convince external users of the suitability of verifiers, these tools must run reliably out of the box, give meaningful error messages and display correct results. Yet deductive verifiers are large and complex software systems and their own full verification is often out of reach. We therefore need complementary means to provide such guarantees. This paper advocates the use of fuzzing as a practical way to improve the quality and robustness of deductive verifiers. We outline how fuzz testing can be applied to deductive verifiers, and demonstrate the idea with the prototype tool AValAnCHE, which is integrated with the VerCors verifier. We report on our experiments in which AValAnCHE uncovered several issues in VerCors and demonstrate that the approach also works for other deductive verifiers