Integrating Testing and Interactive Theorem Proving

Chamarthi, Harsh Raju; Dillinger, Peter C.; Kaufmann, Matt; Manolios, Panagiotis

doi:10.4204/eptcs.70.1

Cited by 40 publications

(33 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Eastlund [11] implemented DoubleCheck, an adaption of QuickCheck for ACL2. Chamarthi et al [20] later proposed a more advanced counterexample finding tool for ACL2s, which uses the full power of the theorem prover and libraries to simplify conjectures so that they are easier to falsify. While all these tools are general and only require the statement of the conjecture to be in a special form (e.g., executable specification), so they could in principle be applied to test noninterference, our experience with QuickCheck suggests that for the best results one has to incorporate domain knowledge about the machine and the property being tested.…”

Section: Related Workmentioning

confidence: 99%

Testing noninterference, quickly

et al. 2013

View full text Add to dashboard Cite

Information-flow control mechanisms are difficult to design and labor intensive to prove correct. To reduce the time wasted on proof attempts doomed to fail due to broken definitions, we advocate modern random testing techniques for finding counterexamples during the design process. We show how to use QuickCheck, a property-based random-testing tool, to guide the design of a simple information-flow abstract machine. We find that both sophisticated strategies for generating well-distributed random programs and readily falsifiable formulations of noninterference properties are critically important. We propose several approaches and evaluate their effectiveness on a collection of injected bugs of varying subtlety. We also present an effective technique for shrinking large counterexamples to minimal, easily comprehensible ones. Taken together, our best methods enable us to quickly and automatically generate simple counterexamples for all these bugs.

show abstract

Section: Related Workmentioning

confidence: 99%

Testing noninterference, quickly

et al. 2013

View full text Add to dashboard Cite

show abstract

“…Since being popularized by QuickCheck [20], property-based random testing has become a standard technique for improving software quality in a wide variety of programming languages [2,41,48,58] and for streamlining interaction with proof assistants [6,16,24,57,61].…”

Section: Introductionmentioning

confidence: 99%

Beginner's luck: a language for property-based generators

et al. 2017

View full text Add to dashboard Cite

Property-based random testingà la QuickCheck requires building efficient generators for well-distributed random data satisfying complex logical predicates, but writing these generators can be difficult and error prone. We propose a domain-specific language in which generators are conveniently expressed by decorating predicates with lightweight annotations to control both the distribution of generated values and the amount of constraint solving that happens before each variable is instantiated. This language, called Luck, makes generators easier to write, read, and maintain.We give Luck a formal semantics and prove several fundamental properties, including the soundness and completeness of random generation with respect to a standard predicate semantics. We evaluate Luck on common examples from the property-based testing literature and on two significant case studies, showing that it can be used in complex domains with comparable bug-finding effectiveness and a significant reduction in testing code size compared to handwritten generators.

show abstract

“…Eastlund (2009) implemented DoubleCheck, an adaption of QuickCheck for ACL2. Chamarthi et al (2011) later proposed a more advanced counterexample finding tool for ACL2s, which uses the full power of the theorem prover and libraries to simplify conjectures so that they are easier to falsify. While all these tools are general and only require the statement of the conjecture to be in a special form (e.g., executable specification), so they could in principle be applied to test noninterference, our experience with QuickCheck suggests that for the best results one has to incorporate domain knowledge about the machine and the property being tested.…”

Section: Related Workmentioning

confidence: 99%

Testing noninterference, quickly

Hriţcu¹,

Lampropoulos

Spector-Zabusky

et al. 2016

J. Funct. Prog.

View full text Add to dashboard Cite

Information-flow control mechanisms are difficult both to design and to prove correct. To reduce the time wasted on doomed proof attempts due to broken definitions, we advocate modern random testing techniques for finding counterexamples during the design process. We show how to use QuickCheck, a property-based random-testing tool, to guide the design of increasingly complex information-flow abstract machines, leading up to a sophisticated register machine with a novel and highly permissive flow-sensitive dynamic enforcement mechanism that is sound in the presence of first-class public labels. We find that both sophisticated strategies for generating well-distributed random programs and readily falsifiable formulations of noninterference properties are critically important for efficient testing. We propose several approaches and evaluate their effectiveness on a collection of injected bugs of varying subtlety. We also present an effective technique for shrinking large counterexamples to minimal, easily comprehensible ones. Taken together, our best methods enable us to quickly and automatically generate simple counterexamples for more than 45 bugs. Moreover, we show how testing guides the discovery of the sophisticated invariants needed for the noninterference proof of our most complex machine.

show abstract

Integrating Testing and Interactive Theorem Proving

Cited by 40 publications

References 17 publications

Testing noninterference, quickly

Testing noninterference, quickly

Beginner's luck: a language for property-based generators

Testing noninterference, quickly

Contact Info

Product

Resources

About