generate-tests
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseGenerate Tests Skill
测试生成技能
Overview
概述
This skill generates comprehensive test suites for Move contracts with 100% line coverage requirement. Tests verify:
- ✅ Happy paths (functionality works)
- ✅ Access control (unauthorized users blocked)
- ✅ Input validation (invalid inputs rejected)
- ✅ Edge cases (boundaries, limits, empty states)
Critical Rule: NEVER deploy without 100% test coverage.
本技能可为Move合约生成满足100%行覆盖率要求的全面测试套件,测试覆盖验证以下场景:
- ✅ 正常路径(功能正常运行)
- ✅ 访问控制(未授权用户被拦截)
- ✅ 输入校验(无效输入被拒绝)
- ✅ 边界场景(边界值、限制、空状态)
重要规则: 未达到100%测试覆盖率绝对不要部署。
Core Workflow
核心工作流
Step 1: Create Test Module
步骤1:创建测试模块
move
#[test_only]
module my_addr::my_module_tests {
use my_addr::my_module::{Self, MyObject};
use aptos_framework::object::{Self, Object};
use std::string;
use std::signer;
// Test constants
const ADMIN_ADDR: address = @0x100;
const USER_ADDR: address = @0x200;
const ATTACKER_ADDR: address = @0x300;
// ========== Setup Helpers ==========
// (Reusable setup functions)
// ========== Happy Path Tests ==========
// (Basic functionality)
// ========== Access Control Tests ==========
// (Unauthorized access blocked)
// ========== Input Validation Tests ==========
// (Invalid inputs rejected)
// ========== Edge Case Tests ==========
// (Boundaries and limits)
}move
#[test_only]
module my_addr::my_module_tests {
use my_addr::my_module::{Self, MyObject};
use aptos_framework::object::{Self, Object};
use std::string;
use std::signer;
// Test constants
const ADMIN_ADDR: address = @0x100;
const USER_ADDR: address = @0x200;
const ATTACKER_ADDR: address = @0x300;
// ========== Setup Helpers ==========
// (Reusable setup functions)
// ========== Happy Path Tests ==========
// (Basic functionality)
// ========== Access Control Tests ==========
// (Unauthorized access blocked)
// ========== Input Validation Tests ==========
// (Invalid inputs rejected)
// ========== Edge Case Tests ==========
// (Boundaries and limits)
}Step 2: Write Happy Path Tests
步骤2:编写正常路径测试
Test basic functionality works correctly:
move
#[test(creator = @0x1)]
public fun test_create_object_succeeds(creator: &signer) {
// Execute
let obj = my_module::create_my_object(
creator,
string::utf8(b"Test Object")
);
// Verify
assert!(object::owner(obj) == signer::address_of(creator), 0);
}
#[test(owner = @0x1)]
public fun test_update_object_succeeds(owner: &signer) {
// Setup
let obj = my_module::create_my_object(owner, string::utf8(b"Old Name"));
// Execute
let new_name = string::utf8(b"New Name");
my_module::update_object(owner, obj, new_name);
// Verify (if you have view functions)
// assert!(my_module::get_object_name(obj) == new_name, 0);
}
#[test(owner = @0x1, recipient = @0x2)]
public fun test_transfer_object_succeeds(
owner: &signer,
recipient: &signer
) {
let recipient_addr = signer::address_of(recipient);
// Setup
let obj = my_module::create_my_object(owner, string::utf8(b"Object"));
assert!(object::owner(obj) == signer::address_of(owner), 0);
// Execute
my_module::transfer_object(owner, obj, recipient_addr);
// Verify
assert!(object::owner(obj) == recipient_addr, 1);
}验证基础功能运行正常:
move
#[test(creator = @0x1)]
public fun test_create_object_succeeds(creator: &signer) {
// Execute
let obj = my_module::create_my_object(
creator,
string::utf8(b"Test Object")
);
// Verify
assert!(object::owner(obj) == signer::address_of(creator), 0);
}
#[test(owner = @0x1)]
public fun test_update_object_succeeds(owner: &signer) {
// Setup
let obj = my_module::create_my_object(owner, string::utf8(b"Old Name"));
// Execute
let new_name = string::utf8(b"New Name");
my_module::update_object(owner, obj, new_name);
// Verify (if you have view functions)
// assert!(my_module::get_object_name(obj) == new_name, 0);
}
#[test(owner = @0x1, recipient = @0x2)]
public fun test_transfer_object_succeeds(
owner: &signer,
recipient: &signer
) {
let recipient_addr = signer::address_of(recipient);
// Setup
let obj = my_module::create_my_object(owner, string::utf8(b"Object"));
assert!(object::owner(obj) == signer::address_of(owner), 0);
// Execute
my_module::transfer_object(owner, obj, recipient_addr);
// Verify
assert!(object::owner(obj) == recipient_addr, 1);
}Step 3: Write Access Control Tests
步骤3:编写访问控制测试
Test unauthorized access is blocked:
move
#[test(owner = @0x1, attacker = @0x2)]
#[expected_failure(abort_code = my_module::E_NOT_OWNER)]
public fun test_non_owner_cannot_update(
owner: &signer,
attacker: &signer
) {
let obj = my_module::create_my_object(owner, string::utf8(b"Object"));
// Attacker tries to update (should abort)
my_module::update_object(attacker, obj, string::utf8(b"Hacked"));
}
#[test(owner = @0x1, attacker = @0x2)]
#[expected_failure(abort_code = my_module::E_NOT_OWNER)]
public fun test_non_owner_cannot_transfer(
owner: &signer,
attacker: &signer
) {
let obj = my_module::create_my_object(owner, string::utf8(b"Object"));
// Attacker tries to transfer (should abort)
my_module::transfer_object(attacker, obj, @0x3);
}
#[test(admin = @0x1, user = @0x2)]
#[expected_failure(abort_code = my_module::E_NOT_ADMIN)]
public fun test_non_admin_cannot_configure(
admin: &signer,
user: &signer
) {
my_module::init_module(admin);
// Regular user tries admin function (should abort)
my_module::update_config(user, 100);
}验证未授权访问会被拦截:
move
#[test(owner = @0x1, attacker = @0x2)]
#[expected_failure(abort_code = my_module::E_NOT_OWNER)]
public fun test_non_owner_cannot_update(
owner: &signer,
attacker: &signer
) {
let obj = my_module::create_my_object(owner, string::utf8(b"Object"));
// Attacker tries to update (should abort)
my_module::update_object(attacker, obj, string::utf8(b"Hacked"));
}
#[test(owner = @0x1, attacker = @0x2)]
#[expected_failure(abort_code = my_module::E_NOT_OWNER)]
public fun test_non_owner_cannot_transfer(
owner: &signer,
attacker: &signer
) {
let obj = my_module::create_my_object(owner, string::utf8(b"Object"));
// Attacker tries to transfer (should abort)
my_module::transfer_object(attacker, obj, @0x3);
}
#[test(admin = @0x1, user = @0x2)]
#[expected_failure(abort_code = my_module::E_NOT_ADMIN)]
public fun test_non_admin_cannot_configure(
admin: &signer,
user: &signer
) {
my_module::init_module(admin);
// Regular user tries admin function (should abort)
my_module::update_config(user, 100);
}Step 4: Write Input Validation Tests
步骤4:编写输入校验测试
Test invalid inputs are rejected:
move
#[test(user = @0x1)]
#[expected_failure(abort_code = my_module::E_ZERO_AMOUNT)]
public fun test_zero_amount_rejected(user: &signer) {
my_module::deposit(user, 0); // Should abort
}
#[test(user = @0x1)]
#[expected_failure(abort_code = my_module::E_AMOUNT_TOO_HIGH)]
public fun test_excessive_amount_rejected(user: &signer) {
my_module::deposit(user, my_module::MAX_DEPOSIT_AMOUNT + 1); // Should abort
}
#[test(owner = @0x1)]
#[expected_failure(abort_code = my_module::E_EMPTY_NAME)]
public fun test_empty_string_rejected(owner: &signer) {
let obj = my_module::create_my_object(owner, string::utf8(b"Initial"));
my_module::update_object(owner, obj, string::utf8(b"")); // Empty - should abort
}
#[test(owner = @0x1)]
#[expected_failure(abort_code = my_module::E_NAME_TOO_LONG)]
public fun test_string_too_long_rejected(owner: &signer) {
let obj = my_module::create_my_object(owner, string::utf8(b"Initial"));
// String exceeding MAX_NAME_LENGTH
let long_name = string::utf8(b"This is an extremely long name that exceeds the maximum allowed length");
my_module::update_object(owner, obj, long_name); // Should abort
}
#[test(owner = @0x1)]
#[expected_failure(abort_code = my_module::E_ZERO_ADDRESS)]
public fun test_zero_address_rejected(owner: &signer) {
let obj = my_module::create_my_object(owner, string::utf8(b"Object"));
my_module::transfer_object(owner, obj, @0x0); // Should abort
}验证无效输入会被拒绝:
move
#[test(user = @0x1)]
#[expected_failure(abort_code = my_module::E_ZERO_AMOUNT)]
public fun test_zero_amount_rejected(user: &signer) {
my_module::deposit(user, 0); // Should abort
}
#[test(user = @0x1)]
#[expected_failure(abort_code = my_module::E_AMOUNT_TOO_HIGH)]
public fun test_excessive_amount_rejected(user: &signer) {
my_module::deposit(user, my_module::MAX_DEPOSIT_AMOUNT + 1); // Should abort
}
#[test(owner = @0x1)]
#[expected_failure(abort_code = my_module::E_EMPTY_NAME)]
public fun test_empty_string_rejected(owner: &signer) {
let obj = my_module::create_my_object(owner, string::utf8(b"Initial"));
my_module::update_object(owner, obj, string::utf8(b"")); // Empty - should abort
}
#[test(owner = @0x1)]
#[expected_failure(abort_code = my_module::E_NAME_TOO_LONG)]
public fun test_string_too_long_rejected(owner: &signer) {
let obj = my_module::create_my_object(owner, string::utf8(b"Initial"));
// String exceeding MAX_NAME_LENGTH
let long_name = string::utf8(b"This is an extremely long name that exceeds the maximum allowed length");
my_module::update_object(owner, obj, long_name); // Should abort
}
#[test(owner = @0x1)]
#[expected_failure(abort_code = my_module::E_ZERO_ADDRESS)]
public fun test_zero_address_rejected(owner: &signer) {
let obj = my_module::create_my_object(owner, string::utf8(b"Object"));
my_module::transfer_object(owner, obj, @0x0); // Should abort
}Step 5: Write Edge Case Tests
步骤5:编写边界场景测试
Test boundary conditions:
move
#[test(user = @0x1)]
public fun test_max_amount_allowed(user: &signer) {
my_module::init_account(user);
// Exactly MAX_DEPOSIT_AMOUNT should work
my_module::deposit(user, my_module::MAX_DEPOSIT_AMOUNT);
// Verify
assert!(my_module::get_balance(signer::address_of(user)) == my_module::MAX_DEPOSIT_AMOUNT, 0);
}
#[test(user = @0x1)]
public fun test_max_name_length_allowed(user: &signer) {
// Create string exactly MAX_NAME_LENGTH long
let max_name = string::utf8(b"12345678901234567890123456789012"); // 32 chars if MAX = 32
// Should succeed
let obj = my_module::create_my_object(user, max_name);
}
#[test(user = @0x1)]
public fun test_empty_collection_operations(user: &signer) {
let collection = my_module::create_collection(user, string::utf8(b"Collection"));
// Should handle empty collection gracefully
assert!(my_module::get_collection_size(collection) == 0, 0);
}验证边界条件处理正常:
move
#[test(user = @0x1)]
public fun test_max_amount_allowed(user: &signer) {
my_module::init_account(user);
// Exactly MAX_DEPOSIT_AMOUNT should work
my_module::deposit(user, my_module::MAX_DEPOSIT_AMOUNT);
// Verify
assert!(my_module::get_balance(signer::address_of(user)) == my_module::MAX_DEPOSIT_AMOUNT, 0);
}
#[test(user = @0x1)]
public fun test_max_name_length_allowed(user: &signer) {
// Create string exactly MAX_NAME_LENGTH long
let max_name = string::utf8(b"12345678901234567890123456789012"); // 32 chars if MAX = 32
// Should succeed
let obj = my_module::create_my_object(user, max_name);
}
#[test(user = @0x1)]
public fun test_empty_collection_operations(user: &signer) {
let collection = my_module::create_collection(user, string::utf8(b"Collection"));
// Should handle empty collection gracefully
assert!(my_module::get_collection_size(collection) == 0, 0);
}Step 6: Verify Coverage
步骤6:验证覆盖率
Run tests with coverage:
bash
undefined带覆盖率统计运行测试:
bash
undefinedRun all tests
Run all tests
aptos move test
aptos move test
Run with coverage
Run with coverage
aptos move test --coverage
aptos move test --coverage
Generate detailed coverage report
Generate detailed coverage report
aptos move coverage source --module <module_name>
aptos move coverage source --module <module_name>
Verify 100% coverage
Verify 100% coverage
aptos move coverage summary
**Coverage report example:**
module: my_module
coverage: 100.0% (150/150 lines covered)
**If coverage < 100%:**
1. Check uncovered lines in report
2. Write tests for missing paths
3. Repeat until 100%aptos move coverage summary
**覆盖率报告示例:**
module: my_module
coverage: 100.0% (150/150 lines covered)
**如果覆盖率低于100%:**
1. 查看报告中未覆盖的行
2. 为缺失的路径补充测试
3. 重复执行直到覆盖率达到100%Test Template Structure
测试模板结构
move
#[test_only]
module my_addr::module_tests {
use my_addr::module::{Self, Type};
// ========== Setup Helpers ==========
fun setup_default(): Object<Type> {
// Common setup code
}
// ========== Happy Path Tests ==========
#[test(user = @0x1)]
public fun test_basic_operation_succeeds(user: &signer) {
// Test happy path
}
// ========== Access Control Tests ==========
#[test(owner = @0x1, attacker = @0x2)]
#[expected_failure(abort_code = E_NOT_OWNER)]
public fun test_unauthorized_access_fails(
owner: &signer,
attacker: &signer
) {
// Test access control
}
// ========== Input Validation Tests ==========
#[test(user = @0x1)]
#[expected_failure(abort_code = E_INVALID_INPUT)]
public fun test_invalid_input_rejected(user: &signer) {
// Test input validation
}
// ========== Edge Case Tests ==========
#[test(user = @0x1)]
public fun test_boundary_condition(user: &signer) {
// Test edge cases
}
}move
#[test_only]
module my_addr::module_tests {
use my_addr::module::{Self, Type};
// ========== Setup Helpers ==========
fun setup_default(): Object<Type> {
// Common setup code
}
// ========== Happy Path Tests ==========
#[test(user = @0x1)]
public fun test_basic_operation_succeeds(user: &signer) {
// Test happy path
}
// ========== Access Control Tests ==========
#[test(owner = @0x1, attacker = @0x2)]
#[expected_failure(abort_code = E_NOT_OWNER)]
public fun test_unauthorized_access_fails(
owner: &signer,
attacker: &signer
) {
// Test access control
}
// ========== Input Validation Tests ==========
#[test(user = @0x1)]
#[expected_failure(abort_code = E_INVALID_INPUT)]
public fun test_invalid_input_rejected(user: &signer) {
// Test input validation
}
// ========== Edge Case Tests ==========
#[test(user = @0x1)]
public fun test_boundary_condition(user: &signer) {
// Test edge cases
}
}Testing Checklist
测试检查清单
For each contract, verify you have tests for:
Happy Paths:
- Object creation works
- State updates work
- Transfers work
- All main features work
Access Control:
- Non-owners cannot modify objects
- Non-admins cannot call admin functions
- Unauthorized users blocked
Input Validation:
- Zero amounts rejected
- Excessive amounts rejected
- Empty strings rejected
- Strings too long rejected
- Zero addresses rejected
Edge Cases:
- Maximum values work
- Minimum values work
- Empty states handled
Coverage:
- 100% line coverage achieved
- All error codes tested
- All functions tested
针对每个合约,确认你已覆盖以下测试场景:
正常路径:
- 对象创建功能正常
- 状态更新功能正常
- 转账功能正常
- 所有核心功能运行正常
访问控制:
- 非所有者无法修改对象
- 非管理员无法调用管理员函数
- 未授权用户被拦截
输入校验:
- 零金额被拒绝
- 超额金额被拒绝
- 空字符串被拒绝
- 过长字符串被拒绝
- 零地址被拒绝
边界场景:
- 最大值处理正常
- 最小值处理正常
- 空状态处理正常
覆盖率:
- 已达到100%行覆盖率
- 所有错误码都已测试
- 所有函数都已测试
ALWAYS Rules
必须遵守的规则
- ✅ ALWAYS achieve 100% test coverage
- ✅ ALWAYS test error paths with
#[expected_failure(abort_code = E_CODE)] - ✅ ALWAYS test access control with multiple signers
- ✅ ALWAYS test input validation with invalid inputs
- ✅ ALWAYS test edge cases (boundaries, limits, empty states)
- ✅ ALWAYS use clear test names:
test_feature_scenario - ✅ ALWAYS verify all state changes in tests
- ✅ ALWAYS run before deployment
aptos move test --coverage
- ✅ 始终要达到100%测试覆盖率
- ✅ 始终使用测试错误路径
#[expected_failure(abort_code = E_CODE)] - ✅ 始终使用多个签名者测试访问控制
- ✅ 始终使用无效输入测试输入校验逻辑
- ✅ 始终测试边界场景(边界值、限制、空状态)
- ✅ 始终使用清晰的测试命名:
test_功能_场景 - ✅ 始终在测试中验证所有状态变更
- ✅ 部署前始终运行
aptos move test --coverage
NEVER Rules
禁止规则
- ❌ NEVER deploy without 100% coverage
- ❌ NEVER skip testing error paths
- ❌ NEVER skip access control tests
- ❌ NEVER use unclear test names
- ❌ NEVER batch tests without verifying each case
- ❌ NEVER hardcode real private keys or account addresses in test code — use test addresses like ,
@0x1,@0x100@0xCAFE - ❌ NEVER read or
.envto get test addresses~/.aptos/config.yaml
- ❌ 未达到100%覆盖率绝对不要部署
- ❌ 绝对不要跳过错误路径测试
- ❌ 绝对不要跳过访问控制测试
- ❌ 绝对不要使用含义模糊的测试名称
- ❌ 绝对不要在未验证每个场景的情况下批量编写测试
- ❌ 绝对不要在测试代码中硬编码真实私钥或账户地址 —— 使用、
@0x1、@0x100这类测试地址@0xCAFE - ❌ 绝对不要读取或
.env获取测试地址~/.aptos/config.yaml
Common Pitfalls
常见陷阱
Struct Field Access Across Modules
跨模块结构体字段访问问题
Problem: Test modules cannot access struct fields from other modules directly.
move
// ❌ WRONG - Will NOT compile
let listing = marketplace::get_listing(nft_addr);
assert!(listing.price == 1000, 0); // ERROR: field access not allowedSolution: Use public view accessor functions from the main module.
move
// ✅ CORRECT - Use accessor function
let (seller, price, timestamp) = marketplace::get_listing_details(nft_addr);
assert!(price == 1000, 0);If the module doesn't have accessors, add them:
move
// In main module
#[view]
public fun get_listing_details(nft_addr: address): (address, u64, u64) acquires Listings {
let listing = table::borrow(&listings.items, nft_addr);
(listing.seller, listing.price, listing.listed_at)
}问题: 测试模块无法直接访问其他模块的结构体字段。
move
// ❌ 错误 - 无法编译
let listing = marketplace::get_listing(nft_addr);
assert!(listing.price == 1000, 0); // ERROR: field access not allowed解决方案: 使用主模块提供的公共view访问函数。
move
// ✅ 正确 - 使用访问器函数
let (seller, price, timestamp) = marketplace::get_listing_details(nft_addr);
assert!(price == 1000, 0);如果模块没有对应的访问器,自行添加:
move
// In main module
#[view]
public fun get_listing_details(nft_addr: address): (address, u64, u64) acquires Listings {
let listing = table::borrow(&listings.items, nft_addr);
(listing.seller, listing.price, listing.listed_at)
}Escrow Pattern Error Expectations
托管模式错误预期问题
Problem: After listing an NFT to escrow, the seller no longer owns it.
move
// ❌ WRONG expectation
#[expected_failure(abort_code = marketplace::E_ALREADY_LISTED)]
public fun test_cannot_list_twice(seller: &signer) {
list_nft(seller, nft, 1000); // NFT transfers to marketplace
list_nft(seller, nft, 2000); // Fails with E_NOT_OWNER, not E_ALREADY_LISTED!
}Solution: Understand validation order - ownership is checked before listing status.
move
// ✅ CORRECT expectation
#[expected_failure(abort_code = marketplace::E_NOT_OWNER)]
public fun test_cannot_list_twice(seller: &signer) {
list_nft(seller, nft, 1000); // NFT transfers to marketplace
list_nft(seller, nft, 2000); // Seller doesn't own it -> E_NOT_OWNER
}问题: 将NFT上架到托管合约后,卖家不再拥有该NFT所有权。
move
// ❌ 错误的预期
#[expected_failure(abort_code = marketplace::E_ALREADY_LISTED)]
public fun test_cannot_list_twice(seller: &signer) {
list_nft(seller, nft, 1000); // NFT transfers to marketplace
list_nft(seller, nft, 2000); // Fails with E_NOT_OWNER, not E_ALREADY_LISTED!
}解决方案: 理解校验顺序 —— 所有权校验会先于上架状态校验执行。
move
// ✅ 正确的预期
#[expected_failure(abort_code = marketplace::E_NOT_OWNER)]
public fun test_cannot_list_twice(seller: &signer) {
list_nft(seller, nft, 1000); // NFT transfers to marketplace
list_nft(seller, nft, 2000); // Seller doesn't own it -> E_NOT_OWNER
}Acquires Annotation Errors
Acquires注解错误
Problem: Adding acquires for resources borrowed by framework functions causes errors.
move
// ❌ WRONG - framework handles its own acquires
public entry fun stake(...) acquires VaultConfig, Stakes, StakeTokenRefs {
primary_fungible_store::transfer(...); // Don't list what framework borrows
}Solution: Only list resources YOUR code borrows.
move
// ✅ CORRECT
public entry fun stake(...) acquires VaultConfig, Stakes {
let config = borrow_global<VaultConfig>(...); // You borrow this
primary_fungible_store::transfer(...); // Framework handles its own
}问题: 为框架函数借用的资源添加acquires注解会导致错误。
move
// ❌ 错误 - 框架会自行处理其资源的acquires
public entry fun stake(...) acquires VaultConfig, Stakes, StakeTokenRefs {
primary_fungible_store::transfer(...); // Don't list what framework borrows
}解决方案: 仅列出你的代码实际借用的资源。
move
// ✅ 正确
public entry fun stake(...) acquires VaultConfig, Stakes {
let config = borrow_global<VaultConfig>(...); // You borrow this
primary_fungible_store::transfer(...); // Framework handles its own
}References
参考资料
Pattern Documentation:
- - Comprehensive testing guide (see Pattern 8 for cross-module issues)
../../../patterns/move/TESTING.md - - Security testing requirements
../../../patterns/move/SECURITY.md
Official Documentation:
Related Skills:
- - Generate code to test
write-contracts - - Verify security after testing
security-audit
Remember: 100% coverage is mandatory. Test happy paths, error paths, access control, and edge cases.
模式文档:
- - 全面测试指南(跨模块问题参考第8条模式)
../../../patterns/move/TESTING.md - - 安全测试要求
../../../patterns/move/SECURITY.md
官方文档:
相关技能:
- - 生成待测试的代码
write-contracts - - 测试完成后验证安全性
security-audit
注意: 100%覆盖率是强制要求,需测试正常路径、错误路径、访问控制和边界场景。