testing monadic programs using quickcheck and state
play

Testing monadic programs using QuickCheck and state machine based - PowerPoint PPT Presentation

Mar 19, 2024 •284 likes •474 views

Testing monadic programs using QuickCheck and state machine based models Stevan Andjelkovic 2018.2.23, BOBKonf (Berlin) Introduction Property based testing in general How to apply property based testing to stateful and concurrent

  1. Testing monadic programs using QuickCheck and state machine based models Stevan Andjelkovic 2018.2.23, BOBKonf (Berlin)

  2. Introduction ◮ Property based testing in general ◮ How to apply property based testing to stateful and concurrent programs ◮ Running example, simple CRUD web application ◮ Familiar type of program ◮ Obviously stateful and concurrent ◮ Non-obvious property? ◮ Using the quickcheck-state-machine Haskell library, but the principles are general

  3. Overview ◮ Reminder ◮ What are property based tests? ◮ Why are they so effective? ◮ Basic idea and motivation behind how the library applies property based testing principles to stateful and concurrent programs ◮ Demo ◮ Sequential property (catches logic and specification bugs) ◮ Concurrent property (catches race conditions) ◮ Comparison to other tools

  4. Property based testing ◮ Unit tests test :: Bool test = reverse (reverse [1,2,3]) == [1,2,3] ◮ Property based tests prop :: [Int] -> Bool prop xs = reverse (reverse xs) == xs

  5. Property based testing ◮ Unit tests test :: Bool test = reverse (reverse [1,2,3]) == [1,2,3] ◮ Property based tests prop :: [Int] -> Bool prop xs = reverse (reverse xs) == xs ◮ Proof by (structural) induction ∀ xs (reverse(reverse( xs )) = xs )

  6. Property based testing ◮ Unit tests test :: Bool test = reverse (reverse [1,2,3]) == [1,2,3] ◮ Property based tests prop :: [Int] -> Bool prop xs = reverse (reverse xs) == xs ◮ Proof by (structural) induction ∀ xs (reverse(reverse( xs )) = xs ) ◮ Type theory proof : forall xs -> reverse (reverse xs) == xs

  7. Stateful programs, basic idea / motivation ◮ Take inspiration from physics ◮ Simplified model of reality that can predict what will happen ◮ Experiments against reality validate the model ◮ How do we model algorithms/programs? ◮ Gurevich’s abstract state machines/new thesis, think of finite state machines where the states are arbitrary datatypes ◮ Abstract state machines are used by: ◮ Quiviq’s closed source version of QuickCheck for Erlang (Volvo cars, . . . ) (Claessen et al. 2009) ◮ Z/B/Event-B familiy (Paris metro line 14) ◮ TLA+ (AWS, XBox) ◮ Jepsen (MongoDB, Cassandra, Zookeeper, . . . )

  8. The quickcheck-state-machine library ◮ Use abstract state machine to model the program ◮ A model datatype, and an initial model ◮ A datatype of actions (things that can be happen in the system we are modelling) ◮ A transition function that given an action advances the model to the next state ◮ A semantics function that takes an action and runs it against the real system ◮ Use pre- and post-conditions on the model to make sure that the model agrees with reality (Floyd 1967; Hoare 1969) ◮ Use QuickCheck’s generation to conduct experiments that validate the model ◮ Sequential property ◮ Parallel/concurrent property (linearisability, Herlihy and Wing 1990)

  9. State machine model

  10. Demo ◮ Simple web application ◮ data User { name :: Text, age :: Int } ◮ Create user (post request) ◮ Read/lookup user (get request) ◮ Update age (put request) ◮ Delete user (delete request) ◮ Implementation ◮ Servant and persistant ◮ Could be written using any libraries or language ◮ Completely independent of quickcheck-state-machine ◮ Specification ◮ Uses the quickcheck-state-machine library in the way described above

  11. Demo

  12. Linearisability (fails) ◮ (Herlihy and Wing 1990)

  14. Linearisability (succeeds)

  16. Comparison to other tools ◮ Quiviq’s Erlang QuickCheck ◮ More polished and used ◮ Better statistics ◮ Closed source ◮ Z/B/Event-B ◮ Deductive proving (heavily automated) ◮ Refinement ◮ Notation ◮ TLA+ ◮ Model checking (proving is also possible) ◮ Liveness and fairness properties can be expressed ◮ No connection to actual implementation ◮ Jepsen ◮ Does fault injection (e.g. network partitions) ◮ No shrinking (is it even possible?)

  17. Conclusion ◮ State machines are useful for modelling programs ◮ Race condition testing for free via linearisability ◮ See also ◮ quickcheck-state-machine library on GitHub ◮ Oskar’s talk ◮ Matthias’ tutorial

  18. References Claessen, Koen, Michal H. Palka, Nicholas Smallbone, John Hughes, Hans Svensson, Thomas Arts, and Ulf T. Wiger. 2009. “Finding Race Conditions in Erlang with QuickCheck and PULSE.” In Proceeding of the 14th ACM SIGPLAN International Conference on Functional Programming, ICFP 2009, Edinburgh, Scotland, UK, August 31 - September 2, 2009 , edited by Graham Hutton and Andrew P. Tolmach, 149–60. ACM. doi:10.1145/1596550.1596574. Floyd, R. W. 1967. “Assigning Meanings to Programs.” In Mathematical Aspects of Computer Science, Proceedings of Symposia in Applied Mathematics 19 , edited by J. T. Schwartz, 19–32. Providence: American Mathematical Society. Herlihy, Maurice, and Jeannette M. Wing. 1990. “Linearizability: A Correctness Condition for Concurrent Objects.” ACM Trans. Program. Lang. Syst. 12 (3): 463–92. doi:10.1145/78969.78972. Hoare, C. A. R. 1969. “An Axiomatic Basis for Computer Programming.” Communications of the ACM 12 (10): 576–80, 583.

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

QuickCheck John Hughes Chalmers University/Quviq AB What is QuickCheck? A library for

QuickCheck John Hughes Chalmers University/Quviq AB What is QuickCheck? A library for

Specification Based Testing with QuickCheck John Hughes Chalmers University/Quviq AB What is QuickCheck? A library for writing and testing properties of program code Some code: A property: Properties as Code A test data A

1.08k views • 72 slides
Synthesis of distributed mobile programs using monadic types in Coq Marino Miculan Marco

Synthesis of distributed mobile programs using monadic types in Coq Marino Miculan Marco

Synthesis of distributed mobile programs using monadic types in Coq Marino Miculan Marco Paviotti Dept. of Mathematics and Computer Science University of Udine ITP 2012 August 13th, 2012 1 / 22 The problem The extraction of certified

934 views • 51 slides
Reasoning and Derivation of Monadic Programs Shin-Cheng Mu Tom Schrijvers Koen Pauwels Content

Reasoning and Derivation of Monadic Programs Shin-Cheng Mu Tom Schrijvers Koen Pauwels Content

Reasoning and Derivation of Monadic Programs Shin-Cheng Mu Tom Schrijvers Koen Pauwels Content Equational reasoning Reasoning with monads Goal of the paper Our contribution (a + b) * (a - b) [distr: forall x y z. x * (y + z) =

493 views • 25 slides
Monadic I/O in Haskell Jim Royer CIS 352 March 5, 2019 Jim Royer Monadic I/O in [1ex]

Monadic I/O in Haskell Jim Royer CIS 352 March 5, 2019 Jim Royer Monadic I/O in [1ex]

Monadic I/O in Haskell Jim Royer CIS 352 March 5, 2019 Jim Royer Monadic I/O in [1ex] Haskell 1 / 33 References Chapter 18 of Haskell: the Craft of Functional Programming by Simon Thompson, Addison-Wesley, 2011. Chapter 9 of Learn you a

620 views • 39 slides
Be#er Tes(ng with Less Work: QuickCheck Tes(ng in Prac(ce

Be#er Tes(ng with Less Work: QuickCheck Tes(ng in Prac(ce

Be#er Tes(ng with Less Work: QuickCheck Tes(ng in Prac(ce John Hughes QuickCheck in a Nutshell Test case Test case Test case Proper(es Test

820 views • 49 slides
Two souls of disjunction Towards a state-monadic update semantics Patrick D. Elliott July 3,

Two souls of disjunction Towards a state-monadic update semantics Patrick D. Elliott July 3,

Two souls of disjunction Towards a state-monadic update semantics Patrick D. Elliott July 3, 2019 Asymmetries in Language: Presuppositions and beyond Berlin 1 Two souls i Two broad traditions addressing semantics and pragmatics of

584 views • 37 slides
Monadic dynamic semantics for anaphora Simon Charlow Rutgers, The State University of New Jersey

Monadic dynamic semantics for anaphora Simon Charlow Rutgers, The State University of New Jersey

Monadic dynamic semantics for anaphora Simon Charlow Rutgers, The State University of New Jersey 1 OSU Dynamics Workshop October 24, 2015 Goals for today donkey) anaphora. be linguistic side effects (Shan 2002, 2005). varieties of dynamic

801 views • 46 slides
QuickCheck: Beyond the Basics Dave Laing May 13, 2014 Basic QuickCheck Some properties

QuickCheck: Beyond the Basics Dave Laing May 13, 2014 Basic QuickCheck Some properties

QuickCheck: Beyond the Basics Dave Laing May 13, 2014 Basic QuickCheck Some properties reverse_involutive :: [Int] -> Bool reverse_involutive xs = xs == (reverse . reverse) xs sort_idempotent :: [Int] -> Bool sort_idempotent xs =

807 views • 38 slides
Testing of Multithreaded Programs Kari Khknen, Olli Saarikivi, Keijo Heljanko The Problem

Testing of Multithreaded Programs Kari Khknen, Olli Saarikivi, Keijo Heljanko The Problem

Using Unfoldings in Automated Testing of Multithreaded Programs Kari Khknen, Olli Saarikivi, Keijo Heljanko The Problem How to automatically test the local state reachability in multithreaded programs E.g., find assertion violations,

484 views • 23 slides
Testing a URL Class http://www.askigor.org/status.php?id=sample Query Protocol Host Path 31

Testing a URL Class http://www.askigor.org/status.php?id=sample Query Protocol Host Path 31

Making Programs Fail Andreas Zeller 1 Two Views of Testing Testing means to execute a program with the intent to make it fail. Testing for validation: Finding unknown failures (classical view) Testing for debugging: Finding a

459 views • 17 slides
Metamorphic Testing: A Simple Method for Testing Non-Testable Programs Tsong Yueh Chen

Metamorphic Testing: A Simple Method for Testing Non-Testable Programs Tsong Yueh Chen

Metamorphic Testing: A Simple Method for Testing Non-Testable Programs Tsong Yueh Chen tychen@swin.edu.au Swinburne University of Technology Australia 1 Test Oracle A mechanism or procedure against which the computed outputs could be

1.01k views • 63 slides
Testing Concurrent Java Programs Using Randomized Scheduling Scott D. Stoller Computer Science

Testing Concurrent Java Programs Using Randomized Scheduling Scott D. Stoller Computer Science

Testing Concurrent Java Programs Using Randomized Scheduling Scott D. Stoller Computer Science Department State University of New York at Stony Brook http://www.cs.sunysb.edu/stoller/ 1 Goal Pillars of Run-Time Verification monitoring :

208 views • 18 slides
Arlington Central School District State Testing Presentation March 28, 2019 State Testing

Arlington Central School District State Testing Presentation March 28, 2019 State Testing

Arlington Central School District State Testing Presentation March 28, 2019 State Testing NYSED Assessments measure how well students demonstrate their ability to meet standards Knowledge Skills Practices How might we know

703 views • 18 slides
QuickCheck 11.11 The two boxes are on a frictionless surface. They had been sitting together at

QuickCheck 11.11 The two boxes are on a frictionless surface. They had been sitting together at

QuickCheck 11.11 The two boxes are on a frictionless surface. They had been sitting together at rest, but an explosion between them has just pushed them apart. How fast is the 2 kg box going? A. 1 m/s B. 2 m/s C. 4 m/s D. 8 m/s

834 views • 4 slides
Representation of Functions and Total Antisymmetric Relations in Monadic Third Order Logic M.

Representation of Functions and Total Antisymmetric Relations in Monadic Third Order Logic M.

Noname manuscript No. (will be inserted by the editor) Representation of Functions and Total Antisymmetric Relations in Monadic Third Order Logic M. Randall Holmes M. Randall Holmes Department of Mathematics, Boise State University, 1910

912 views • 41 slides
State of the Art and Open Issues in Software Testing State of the Art and Open Issues in

State of the Art and Open Issues in Software Testing State of the Art and Open Issues in

State of the Art and Open Issues in Software Testing State of the Art and Open Issues in Software Testing Software Testing d e a t g t i s e v i n d n a Most used approach 18 13.5 9 4.5 0 2000 2002 2004 2006 2008 2010

975 views • 84 slides
- microservices - and the inverse Conway manoeuvre jalewis@thoughtworks.com @boicy 1

- microservices - and the inverse Conway manoeuvre jalewis@thoughtworks.com @boicy 1

- microservices - and the inverse Conway manoeuvre jalewis@thoughtworks.com @boicy 1 organizations which design systems are constrained to produce designs which are copies of the communication structure of those organizations

1.27k views • 98 slides
Reconfigurable Computing Computing Reconfigurable Partial reconfiguration reconfiguration

Reconfigurable Computing Computing Reconfigurable Partial reconfiguration reconfiguration

Reconfigurable Computing Computing Reconfigurable Partial reconfiguration reconfiguration design design Partial Chapter 8 8 Chapter Prof. Dr.- -Ing. Jrgen Teich Ing. Jrgen Teich Prof. Dr. Lehrstuhl fr Hardware- -Software

649 views • 39 slides
Modular transformation from AF3 to nuXmv Sudeep Kanav, Vincent Aravantinos fortiss GmbH Abstract

Modular transformation from AF3 to nuXmv Sudeep Kanav, Vincent Aravantinos fortiss GmbH Abstract

Modular transformation from AF3 to nuXmv Sudeep Kanav, Vincent Aravantinos fortiss GmbH Abstract A transformation between a high-level and a low-level model Two way Modular Employs reusability Implemented in Java

658 views • 26 slides
Electronic DC Transformer Pavol Bauer Learning objectives What is an electronic DC

Electronic DC Transformer Pavol Bauer Learning objectives What is an electronic DC

Electronic DC Transformer Pavol Bauer Learning objectives What is an electronic DC transformer link and how does it operate? How can a higher-power electronic transformer be built up in a modular way? Electronic DC Transformer

810 views • 13 slides
t Prr

t Prr

t Prr tt st rtt

1.18k views • 69 slides
Free Theorems about Monadic Code Janis Voigtl ander University of Bonn EWCE11 Functional

Free Theorems about Monadic Code Janis Voigtl ander University of Bonn EWCE11 Functional

Free Theorems about Monadic Code Janis Voigtl ander University of Bonn EWCE11 Functional Programming and Reasoning Goodies of (pure) FP: declarative abstraction/modularity referential transparency 1 Functional Programming

1.65k views • 149 slides
Shake n Bake Neil Mitchell https://github.com/ndmitchell/{shake,bake} Build n

Shake n Bake Neil Mitchell https://github.com/ndmitchell/{shake,bake} Build n

Shake n Bake Neil Mitchell https://github.com/ndmitchell/{shake,bake} Build n Integrate In Haskell shake bake CMake Shake build system Expressive, Robust, Fast Haskell EDSL 1000s of tests Faster than Monadic 100s of

347 views • 33 slides
Advances in Programming Languages APL9: Monads and I/O Ian Stark School of Informatics The

Advances in Programming Languages APL9: Monads and I/O Ian Stark School of Informatics The

Advances in Programming Languages APL9: Monads and I/O Ian Stark School of Informatics The University of Edinburgh Monday 8 February Semester 2 Week 5 N I V E U R S E I H T T Y O H F G R E

463 views • 33 slides

More recommend