Test generation violates preconditions
stefan-aws opened this issue · comments
Dafny version
4.7.0
Code to produce this issue
module M {
function {:testEntry} F(xs: seq<int>): seq<int>
requires |xs| > 0
requires forall i :: 0 <= i < |xs| ==> xs[i] > 0
{
xs
}
}Command to run and resulting output
dafny generate-tests InlinedBlock issue.dfy
What happened?
The generated test file doesn't pass verification, because seqint0 violates the forall precondition and no expect statement is generated:
import M
method {:test} Test0() {
var seqint0 : seq<int> := [0];
expect |seqint0| > 0, "If this check fails at runtime, the test does not meet the preconditions";
var r0 := M.F(seqint0);
expect r0 == M.F(seqint0);
}
Wrapping forall in a predicate fixes the issue partly (the test file passes verification, but the generated input still violates the precondition:
module M {
predicate P(xs: seq<int>) {
forall i :: 0 <= i < |xs| ==> xs[i] > 0
}
function {:testEntry} F(xs: seq<int>): seq<int>
requires |xs| > 0
requires P(xs)
{
xs
}
}
module T {
import M
method {:test} Test0() {
var seqint0 : seq<int> := [0];
expect |seqint0| > 0, "If this check fails at runtime, the test does not meet the preconditions";
expect M.P(seqint0), "If this check fails at runtime, the test does not meet the preconditions";
var r0 := M.F(seqint0);
expect r0 == M.F(seqint0);
}
}
Making the predicate ghost again leads to the expect statement not being generated.
What type of operating system are you experiencing the problem on?
Mac