Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

The Search for the Perfect Program

1,718 views

Published on

Published in: Technology, Business

The Search for the Perfect Program

  1. 1. THE SEARCH FOR THE PERFECT PROGRAM NATALLIE BAIKEVICH @LU_A_JALLA
  2. 2. A ‘PERFECT PROGRAM’ IS … - Maintainable - Efficient - Correct
  3. 3. A ‘PERFECT PROGRAM’ IS … - Maintainable - Efficient - Correct Does anything else really matter without correctness?
  4. 4. THE PLAN - Assertions - Random Testing - Symbolic Execution - Types
  5. 5. THE PLAN - Assertions - Random Testing - Symbolic Execution - Types 1. Do something 2. Check it 3. Go to 1.
  6. 6. THE FAST TRACK Write code -> Release
  7. 7. WELL, NOT THAT FAST Dear <…> … We see XYZException!!!.............! where n = enough for you to feel miserable n times
  8. 8. OK, LET’S TEST IT 1. Choose your favourite library (good chances it’s .*Unit) 2. Write some tests aand 3. XYZException has gone
  9. 9. THE PROBLEM, PART 1 But… - they only check what you think a program should do, not what it actually should do - ... on what you think is all possible inputs
  10. 10. RANDOMIZE IT Throw the thousands of inputs into your program with - QuickCheck (Haskell) - FsCheck (F#) - ScalaCheck (Scala) - or something else
  11. 11. DEMO RANDOMIZE IT
  12. 12. FSCHECK - Expressive and easy to use - Checks your spec - … in a large number - … of randomly generated cases “500 checks can’t be wrong!” © don’t remember who said that 
  13. 13. THE PROBLEM, PART 2 - Expressive and easy to use - Checks your spec - … in a large number - … of randomly generated cases “500 checks can’t be wrong!” © don’t remember who said that  - Writing good tests might be tricky - Checks your spec - … in a large number - … of randomly generated cases 500 checks can easily be wrong! But:
  14. 14. DEMO RANDOMIZE IT – WHAT’S MISSING?
  15. 15. I WILL BUILD MY OWN TEST GENERATOR let f x y = if x < 10 then x else if x = 42 then failwith “42” else 1 / y x < 10 or x >= 10 x = 42 or x <> 42 y = 0 or y <> 0
  16. 16. DEMO QUOTATIONS
  17. 17. THE PROBLEM, PART 3 But it’s too complicated to do by hands: - too many cases, - lots of overlapping paths, - difficult to solve when the number of variables grows, - not everything is a quotation…
  18. 18. IDEA: USE A CONSTRAINT SOLVER - Check out Z3 homepage - Try Z3 in your browser - LINQ to Z3 (ch9 video and a post by Bart de Smet) Specially for fsharpers: - Z3Fs on github
  19. 19. THERE’S A TOOL FOR THAT – MEET PEX - Dynamic symbolic execution - Analyses .NET instructions - Uses constraint solver to find the inputs
  20. 20. PEX REFERENCES - Project homepage - Pex for fun in your browser - Code Digger, addin for VS - Code Hunt website - Documentation, videos and more
  21. 21. DEMO PEX
  22. 22. TEST GENERATION Static: - Conditional statements - Check the formulas satisfiability Dynamic: - Collect the information during the program execution - Unknown environments - Enhanced values generation - Better Performance
  23. 23. DYNAMIC EXECUTION EXAMPLE int obscure(int x, int y) { if (x == hash(y)) return -1; // error return 0; } “Compositional Dynamic Test Generation”, Patrice Godefroid (paper)
  24. 24. THE PROBLEM, PART 4 Limitations: - Nondeterministic cases (e.g. native code) - Concurrency - Constraint solver limitations
  25. 25. MORE AND LESS TYPES WITH F* F* - an ML-like verification-oriented language - F* project homepage - GitHub repo - Try F* in your browser
  26. 26. DEMO TRYING F*
  27. 27. THE PROBLEM, PART 5 - currently under development - issues on mono - in more complex cases, the errors become quite cryptic - you still need to come up with a way to define the requirements, at the type level
  28. 28. CONCLUSION If you don’t know where you’re going, any road’ll take you there. Lewis Caroll
  29. 29. QUESTIONS?

×