summaryrefslogtreecommitdiffstats
path: root/third_party/rust/prost/KANI.md
blob: cafb0131d3b2e48bbe6408994a8f1366904eeccd (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
# Kani
This document describes how to **locally** install and use Kani, along
with its experimental PropProof feature. Because of instability in
Kani internals, the GitHub action is the recommended option if you are
running in CI.

Kani is a software verification tool that complements testing by
proving the absence of certain classes of bugs like unwrap exceptions,
overflows, and assertion failures. See the [Kani
book](https://model-checking.github.io/kani/) for a full list of
capabilities and limitations.

## Installing Kani and PropProof
-  The install instructions for Kani can be [found
   here](https://model-checking.github.io/kani/install-guide.html). Once
   Kani is installed, you can run with `cargo kani` for projects or
   `kani` for individual Rust files.
- **[UNSTABLE]** To use PropProof, first download the source code
  from the Kani repository.
  ```bash
  git clone https://github.com/model-checking/kani.git --branch features/proptest propproof
  cd propproof; git submodule update --init
  ```

  Then, use `.cargo/config.toml` enable it in the local directory you
  want to run Kani in. This will override the `proptest` import in
  your repo.

  ```bash
  cd $YOUR_REPO_LOCAL_PATH
  mkdir '.cargo'
  echo "paths =[\"$PATH_TO_PROPPROOF\"]" > .cargo/config.toml
  ```

**Please Note**:
- `features/proptest` branch under Kani is likely not the final
  location for this code. If these instructions stop working, please
  consult the Kani documentation and file an issue on [the Kani
  repo](https://github.com/model-checking/kani.git).
- The cargo config file will force cargo to always use PropProof. To
  use `proptest`, delete the file.

## Running Kani
After installing Kani and PropProof, `cargo kani --tests` should
automatically run `proptest!` harnesses inside your crate. Use
`--harness` to run a specific harness, and `-p` for a specific
sub-crate.

If Kani returns with an error, you can use the concrete playback
feature using `--enable-unstable --concrete-playback print` and paste
in the code to your repository. Running this harness with `cargo test`
will replay the input found by Kani that produced this crash. Please
note that this feature is unstable and using `--concrete-playback
inplace` to automatically inject a replay harness is not supported
when using PropProof.

## Debugging CI Failure
```yaml
      - name: Verify with Kani
        uses: model-checking/kani-github-action@v0.xx
        with:
          enable-propproof: true
          args: |
            $KANI_ARGUMENTS
```

The above GitHub CI workflow is equivalent to `cargo kani
$KANI_ARGUMENTS` with PropProof installed. To replicate issues
locally, run `cargo kani` with the same arguments.