MutDafny: A Mutation-Based Approach to Assess Dafny Specifications
Isabel Amaral, Alexandra Mendes, Jos\'e Campos
TL;DR
MutDafny employs mutation testing to identify weaknesses in Dafny specifications, enhancing their reliability by detecting potential flaws through automated fault injection and verification.
Contribution
This paper introduces MutDafny, a novel mutation-based tool that automatically signals weaknesses in Dafny specifications, including new mutation operators tailored for Dafny.
Findings
MutDafny identified five weak specifications in real-world Dafny programs.
The tool used 40 mutation operators, combining existing and new Dafny-specific ones.
Evaluation on 794 programs demonstrated its effectiveness in revealing specification flaws.
Abstract
In verification-aware languages, such as Dafny, despite their critical role, specifications are as prone to error as implementations. Flaws in specifications can result in formally verified programs that deviate from the intended behavior. In this paper, we explore the use of mutation testing to reveal weaknesses in formal specifications written in Dafny. We present MutDafny, a tool that increases the reliability of Dafny specifications by automatically signaling potential weaknesses. Using a mutation testing approach, we introduce faults (mutations) into the code and rely on formal specifications for detecting them. If a program with a mutant verifies, this may indicate a weakness in the specification. We extensively analyze mutation operators from popular tools, identifying the ones applicable to Dafny. In addition, we synthesize new operators tailored for the language from bugfix…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.