dafny icon indicating copy to clipboard operation
dafny copied to clipboard

Published 20 hours ago verified publisher icon dafny-lang

Test generation violates preconditions

Open stefan-aws opened this issue 7 months ago • 0 comments

Dafny version

4.7.0

Code to produce this issue

module M {
  function {:testEntry} F(xs: seq<int>): seq<int>
      requires |xs| > 0
      requires forall i :: 0 <= i < |xs| ==> xs[i] > 0
  {
    xs
  }
}

Command to run and resulting output

dafny generate-tests InlinedBlock issue.dfy

What happened?

The generated test file doesn't pass verification, because seqint0 violates the forall precondition and no expect statement is generated:

  import M

  method {:test} Test0() {
    var seqint0 : seq<int> := [0];
    expect |seqint0| > 0, "If this check fails at runtime, the test does not meet the preconditions";
    var r0 := M.F(seqint0);
    expect r0 == M.F(seqint0);
  }

Wrapping forall in a predicate fixes the issue partly (the test file passes verification, but the generated input still violates the precondition:

module M {
  predicate P(xs: seq<int>) {
    forall i :: 0 <= i < |xs| ==> xs[i] > 0
  }

  function {:testEntry} F(xs: seq<int>): seq<int>
      requires |xs| > 0
      requires P(xs)
  {
    xs
  }
}

module T {
  import M
  
  method {:test} Test0() {
  var seqint0 : seq<int> := [0];
  expect |seqint0| > 0, "If this check fails at runtime, the test does not meet the preconditions";
  expect M.P(seqint0), "If this check fails at runtime, the test does not meet the preconditions";
  var r0 := M.F(seqint0);
  expect r0 == M.F(seqint0);
  }
}

Making the predicate ghost again leads to the expect statement not being generated.

What type of operating system are you experiencing the problem on?

Mac

stefan-aws avatar Jul 10 '24 12:07 stefan-aws