Skip to content

soundness: add a cross-tool differential oracle (vs TLC) #94

Description

@danwt

Per docs/src/architecture/status.md, the soundness tests check internal consistency only (storage-backend agreement, determinism, parser roundtrip) — there is no external oracle. Past spurious/hidden-violation bugs in symmetry/POR (closed #56, #60, #82) show this class recurs. Add a CI differential that runs the example corpus through both specl and TLC (the translator already exists) and diffs OK/violation verdicts and, where feasible, state counts. This is the highest-value assurance investment for the checker.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions