ScienceGate Book Chapters
JOURNAL ARTICLE

Just fuzz it: solving floating-point constraints using coverage-guided fuzzing

Daniel LiewCristian CadarAlastair F. DonaldsonJ. Ryan Stinnett

Year: 2019 Pages: 521-532
DOI: 10.1145/3338906.3338921
   Get Full-Text PDF    Get Analytical Report

Abstract

We investigate the use of coverage-guided fuzzing as a means ofproving satisfiability of SMT formulas over finite variable domains,with specific application to floating-point constraints. We show howan SMT formula can be encoded as a program containing a locationthat is reachable if and only if the program’s input corresponds toa satisfying assignment to the formula. A coverage-guided fuzzercan then be used to search for an input that reaches the location,yielding a satisfying assignment. We have implemented this ideain a tool,JustFuzz-itSolver (JFS), and we present a large experi-mental evaluation showing that JFS is both competitive with andcomplementary to state-of-the-art SMT solvers with respect tosolving floating-point constraints, and that the coverage-guidedapproach of JFS provides significant benefit over naive fuzzing inthe floating-point domain. Applied in a portfolio manner, the JFS approach thus has the potential to complement traditional SMTsolvers for program analysis tasks that involve reasoning aboutfloating-point constraints.

Keywords:
Fuzz testing Computer science Complement (music) Satisfiability modulo theories Point (geometry) Floating point Satisfiability Algorithm Domain (mathematical analysis) Solver Mathematics Programming language Software

Metrics

31
Cited By
4.07
FWCI (Field Weighted Citation Impact)
55
Refs
0.94
Citation Normalized Percentile
Is in top 1%
Is in top 10%

Citation History

Topics

Formal Methods in Verification
Physical Sciences →  Computer Science →  Computational Theory and Mathematics
Software Testing and Debugging Techniques
Physical Sciences →  Computer Science →  Software
Logic, programming, and type systems
Physical Sciences →  Computer Science →  Artificial Intelligence

Related Documents

JOURNAL ARTICLE

Scalable SMT Sampling for Floating-Point Formulas via Coverage-Guided Fuzzing

Manuel CarrascoCristian CadarAlastair F. Donaldson

Year: 2025 Pages: 69-79
JOURNAL ARTICLE

Fw‐fuzz: A code coverage‐guided fuzzing framework for network protocols on firmware

Zicong GaoWeiyu DongRui ChangYisen Wang

Journal:   Concurrency and Computation Practice and Experience Year: 2020 Vol: 34 (16)
JOURNAL ARTICLE

JITfuzz: Coverage-guided Fuzzing for JVM Just-in-Time Compilers

Mingyuan WuMinghai LuHeming CuiJunjie ChenYuqun ZhangLingming Zhang

Year: 2023 Pages: 56-68
BOOK-CHAPTER

Solving Constraints over Floating-Point Numbers

C. MichelMichel RueherYahia Lebbah

Lecture notes in computer science Year: 2001 Pages: 524-538
JOURNAL ARTICLE

Solving Floating-Point Constraints with Continuous Optimization

Qian ChenChenqi CuiFengjuan GaoYu WangKe WangLinzhang Wang

Journal:   Proceedings of the ACM on Programming Languages Year: 2025 Vol: 9 (PLDI)Pages: 725-747
© 2026 ScienceGate Book Chapters — All rights reserved.