`cargo kani playback` generates zero test for proof

[zjp-CN]

From https://model-checking.github.io/kani/reference/experimental/concrete-playback.html , it says

To manually compile and run the test, you can use Kani's playback subcommand:
cargo kani playback -Z concrete-playback -- ${unit_test_func_name}

But for this snippet:

#[cfg(kani)]
mod verifies {
    #[kani::proof]
    fn f() {
        let a: u8 = kani::any();
        assert_eq!(a, 1, "Not eq to 1.");
    }
}

and the suggested command:

$ cargo kani playback -Z concrete-playback
# or $ cargo kani playback -Z concrete-playback -- f
warning: unexpected `cfg` condition name: `kani`
 --> src/lib.rs:2:7
  |
2 | #[cfg(kani)]
  |       ^^^^
  |
  = help: expected names are: `docsrs`, `feature`, and `test` and 31 more
  = help: consider using a Cargo feature instead
  = help: or consider adding in `Cargo.toml` the `check-cfg` lint config for the lint:
           [lints.rust]
           unexpected_cfgs = { level = "warn", check-cfg = ['cfg(kani)'] }
  = help: or consider adding `println!("cargo::rustc-check-cfg=cfg(kani)");` to the top of the `build.rs`
  = note: see <https://doc.rust-lang.org/nightly/rustc/check-cfg/cargo-specifics.html> for more information about checking conditional configuration
  = note: `#[warn(unexpected_cfgs)]` on by default

warning: `test-kani` (lib) generated 1 warning
warning: `test-kani` (lib test) generated 1 warning (1 duplicate)
    Finished `test` profile [unoptimized + debuginfo] target(s) in 0.04s
     Running unittests src/lib.rs (target/x86_64-unknown-linux-gnu/debug/deps/test_kani-c36f80394abe5d8f)

running 0 tests

test result: ok. 0 passed; 0 failed; 0 ignored; 0 measured; 0 filtered out; finished in 0.00s

   Doc-tests test_kani

running 0 tests

test result: ok. 0 passed; 0 failed; 0 ignored; 0 measured; 0 filtered out; finished in 0.00s

no output test case to run, which can be confirmed by running target/x86_64-unknown-linux-gnu/debug/deps/test_kani-c36f80394abe5d8f --list to see 0 tests, 0 benchmarks.

---

BTW the commands documented are a bit confusing and incomplete:

cargo kani playback -Z concrete-playback -- ${unit_test_func_name}

• What does unit_test_func_name means? The proof fn name? Or the generated test fn name like kani_concrete_playback_f_2469314071636892245 trailling with numbers?
• the command behaves differently from kani ... or mere cargo kani if looked closer:

Kani Rust Verifier 0.60.0 (standalone)
warning: target feature `x87` must be enabled to ensure that the ABI of the current target can be implemented correctly
  |
  = note: this was previously accepted by the compiler but is being phased out; it will become a hard error in a future release!
  = note: for more information, see issue #116344 <https://github.com/rust-lang/rust/issues/116344>

warning: target feature `sse2` must be enabled to ensure that the ABI of the current target can be implemented correctly
  |
  = note: this was previously accepted by the compiler but is being phased out; it will become a hard error in a future release!
  = note: for more information, see issue #116344 <https://github.com/rust-lang/rust/issues/116344>

warning: 2 warnings emitted

Checking harness verifies::f...
CBMC 6.4.1 (cbmc-6.4.1)

cargo kani playback -Z concrete-playback goes normally into cargo procedure with cargo diagnostics such as unexpected cfg condition name, while kani ... or cargo kani enters kani's custom sysroot procedure without cargo diagnostics any more, but with kani's target feature warnings (ref #3878 ).

kani -Z concrete-playback --concrete-playback=print

It should be kani -Z concrete-playback --concrete-playback=print path/to/file.rs for clarity.

[zhassan-aws]

Hi @zjp-CN. Sorry for the confusing documentation. The kani concrete-playback and cargo kani concrete-playback replay a test that was generated in a Kani verification run. So before running either, the test needs to be generated first using cargo kani --concrete-playback=inplace.

Here's an example run:

$ cat src/main.rs 
fn main() {}

#[cfg(kani)]
mod verifies {
    #[kani::proof]
    fn f() {
        let a: u8 = kani::any();
        assert_eq!(a, 1, "Not eq to 1.");
    }
}

$ cargo kani --concrete-playback=inplace -Zconcrete-playback
Kani Rust Verifier 0.61.0 (cargo plugin)
   Compiling iss-3990 v0.1.0 (/home/ubuntu/examples/iss-3990)
warning: target feature `x87` must be enabled to ensure that the ABI of the current target can be implemented correctly
  |
  = note: this was previously accepted by the compiler but is being phased out; it will become a hard error in a future release!
  = note: for more information, see issue #116344 <https://github.com/rust-lang/rust/issues/116344>

warning: target feature `sse2` must be enabled to ensure that the ABI of the current target can be implemented correctly
  |
  = note: this was previously accepted by the compiler but is being phased out; it will become a hard error in a future release!
  = note: for more information, see issue #116344 <https://github.com/rust-lang/rust/issues/116344>

    Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.18s
Checking harness verifies::f...
CBMC 6.5.0 (cbmc-6.5.0)
CBMC version 6.5.0 (cbmc-6.5.0) 64-bit x86_64 linux
Reading GOTO program from file /home/ubuntu/examples/iss-3990/target/kani/x86_64-unknown-linux-gnu/debug/deps/iss_3990-f89c14781f3e652d__RNvNtCsl5T4JskNogO_8iss_39908verifies1f.out
Generating GOTO Program
Adding CPROVER library (x86_64)
Removal of function pointers and virtual functions
Generic Property Instrumentation
Running with 16 object bits, 48 offset bits (user-specified)
Starting Bounded Model Checking
Runtime Symex: 0.00128446s
size of program expression: 76 steps
simple slicing removed 4 assignments
Generated 2 VCC(s), 2 remaining after simplification
Runtime Postprocess Equation: 1.6631e-05s
Passing problem to propositional reduction
converting SSA
Runtime Convert SSA: 0.000206626s
Running propositional reduction
Post-processing
Runtime Post-process: 6.51e-06s
Solving with CaDiCaL 2.0.0
72 variables, 15 clauses
SAT checker: instance is SATISFIABLE
Runtime Solver: 5.3672e-05s
Runtime decision procedure: 0.000311888s

RESULTS:
Check 1: verifies::f.assertion.1
         - Status: FAILURE
         - Description: ""Not eq to 1.""
         - Location: src/main.rs:8:9 in function verifies::f


SUMMARY:
 ** 1 of 1 failed
Failed Checks: "Not eq to 1."
 File: "src/main.rs", line 8, in verifies::f

VERIFICATION:- FAILED
Verification Time: 0.031887136s

INFO: Now modifying the source code to include the concrete playback unit test:
  - kani_concrete_playback_f_2469314071636892245.
Manual Harness Summary:
Verification failed for - verifies::f
Complete - 0 successfully verified harnesses, 1 failures, 1 total.


$ cat src/main.rs 
fn main() {}

#[cfg(kani)]
mod verifies {
    #[kani::proof]
    fn f() {
        let a: u8 = kani::any();
        assert_eq!(a, 1, "Not eq to 1.");
    }

    /// Test generated for harness `verifies::f`
    ///
    /// Check for `assertion`: ""Not eq to 1.""

    #[test]
    fn kani_concrete_playback_f_2469314071636892245() {
        let concrete_vals: Vec<Vec<u8>> = vec![
        // 255
        vec![255],
    ];
    kani::concrete_playback_run(concrete_vals, f);
}
}

Now that the test is generated, cargo kani concrete-playback can be used to run it:

$ cargo kani playback -Zconcrete-playback
   Compiling iss-3990 v0.1.0 (/home/ubuntu/examples/iss-3990)
warning: unexpected `cfg` condition name: `kani`
 --> src/main.rs:3:7
  |
3 | #[cfg(kani)]
  |       ^^^^
  |
  = help: expected names are: `docsrs`, `feature`, and `test` and 31 more
  = help: consider using a Cargo feature instead
  = help: or consider adding in `Cargo.toml` the `check-cfg` lint config for the lint:
           [lints.rust]
           unexpected_cfgs = { level = "warn", check-cfg = ['cfg(kani)'] }
  = help: or consider adding `println!("cargo::rustc-check-cfg=cfg(kani)");` to the top of the `build.rs`
  = note: see <https://doc.rust-lang.org/nightly/rustc/check-cfg/cargo-specifics.html> for more information about checking conditional configuration
  = note: `#[warn(unexpected_cfgs)]` on by default

warning: `iss-3990` (bin "iss-3990" test) generated 1 warning
    Finished `test` profile [unoptimized + debuginfo] target(s) in 0.29s
     Running unittests src/main.rs (target/x86_64-unknown-linux-gnu/debug/deps/iss_3990-73f6a1d974f9773a)

running 1 test
test verifies::kani_concrete_playback_f_2469314071636892245 ... FAILED

failures:

---- verifies::kani_concrete_playback_f_2469314071636892245 stdout ----

thread 'verifies::kani_concrete_playback_f_2469314071636892245' panicked at src/main.rs:8:9:
assertion `left == right` failed: Not eq to 1.
  left: 255
 right: 1
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace


failures:
    verifies::kani_concrete_playback_f_2469314071636892245

test result: FAILED. 0 passed; 1 failed; 0 ignored; 0 measured; 0 filtered out; finished in 0.00s

error: test failed, to rerun pass `--bin iss-3990`
error: cargo exited with status exit status: 101

Hopefully, this clarifies things.

[zhassan-aws]

What does unit_test_func_name means? The proof fn name? Or the generated test fn name like kani_concrete_playback_f_2469314071636892245 trailling with numbers?

This refers to the name of the generated test (kani_concrete_playback_f_2469314071636892245 in the example above).

[zjp-CN]

Thank you for the steps.

I missed the "After unit test is in your source code" step in that doc, and jumped to the cargo command directly. My fault :(

Closing this.