14 research outputs found
Finding The Lazy Programmer's Bugs
Traditionally developers and testers created huge numbers of explicit tests, enumerating interesting cases, perhaps
biased by what they believe to be the current boundary conditions of the function being tested. Or at
least, they were supposed to.
A major step forward was the development of property testing. Property testing requires the user to write a few
functional properties that are used to generate tests, and requires an external library or tool to create test data
for the tests. As such many thousands of tests can be created for a single property. For the purely functional
programming language Haskell there are several such libraries; for example QuickCheck [CH00], SmallCheck
and Lazy SmallCheck [RNL08].
Unfortunately, property testing still requires the user to write explicit tests. Fortunately, we note there are
already many implicit tests present in programs. Developers may throw assertion errors, or the compiler may
silently insert runtime exceptions for incomplete pattern matches.
We attempt to automate the testing process using these implicit tests. Our contributions are in four main
areas: (1) We have developed algorithms to automatically infer appropriate constructors and functions needed
to generate test data without requiring additional programmer work or annotations. (2) To combine the
constructors and functions into test expressions we take advantage of Haskell's lazy evaluation semantics by
applying the techniques of needed narrowing and lazy instantiation to guide generation. (3) We keep the type
of test data at its most general, in order to prevent committing too early to monomorphic types that cause
needless wasted tests. (4) We have developed novel ways of creating Haskell case expressions to inspect elements
inside returned data structures, in order to discover exceptions that may be hidden by laziness, and to make
our test data generation algorithm more expressive.
In order to validate our claims, we have implemented these techniques in Irulan, a fully automatic tool for
generating systematic black-box unit tests for Haskell library code. We have designed Irulan to generate high
coverage test suites and detect common programming errors in the process
Lightweight verification of functional programs
We have built several tools to help with testing and verifying functional programs. All three tools are based on QuickCheck properties. Our goal is to allow programmers to do more with QuickCheck properties than just test them.The first tool is QuickSpec, which finds equational specifications, and can be used to help with writing a specification or for program understanding. On top of QuickSpec, we have built HipSpec, which proves properties about Haskell programs, and uses QuickSpec to prove the necessary lemmas. We also describe PULSE and eqc_par_statem, which together can be used to find race conditions in Erlang programs.We believe that testable properties are a good basis for reasoning and verification, and that they give many of the benefits of formal verification without the cost of proof. The chief reason is that they are formal specifications for which the programmer can always get a counterexample when they are false. Furthermore, using testable properties allows us to write better tools. None of our tools would be possible if our properties were not testable.We also present work on encoding types in first-order logic, an essential component when using first-order provers to reason about programs. Our encodings are simple but extremely efficient, as evidenced by benchmarks. We develop the theory behind sound type encodings, and have written tools that implement our ideas
Formal Semantics for Java-like Languages and Research Opportunities
The objective of this paper is twofold: first, we discuss the state of art on Java-like semantics, focusing on those that provide formal specification using operational semantics (big-step or small-step), studying in detail the most cited projects and presenting some derivative works that extend the originals aggregating useful features. Also, we filter our research for those that provide some insights in type-safety proofs. Furthermore, we provide a comparison between the most used projects in order to show which functionalities are covered in such projects. Second, our effort is focused towards the research opportunities in this area, showing some important works that can be applied to the previously presented projects to study features of object-oriented languages, and pointing for some possibilities to explore in future researches
Lightweight verification of functional programs
We have built several tools to help with testing and verifying functional programs. All three tools are based on QuickCheck properties. Our goal is to allow programmers to do more with QuickCheck properties than just test them.The first tool is QuickSpec, which finds equational specifications, and can be used to help with writing a specification or for program understanding. On top of QuickSpec, we have built HipSpec, which proves properties about Haskell programs, and uses QuickSpec to prove the necessary lemmas. We also describe PULSE and eqc_par_statem, which together can be used to find race conditions in Erlang programs.We believe that testable properties are a good basis for reasoning and verification, and that they give many of the benefits of formal verification without the cost of proof. The chief reason is that they are formal specifications for which the programmer can always get a counterexample when they are false. Furthermore, using testable properties allows us to write better tools. None of our tools would be possible if our properties were not testable.We also present work on encoding types in first-order logic, an essential component when using first-order provers to reason about programs. Our encodings are simple but extremely efficient, as evidenced by benchmarks. We develop the theory behind sound type encodings, and have written tools that implement our ideas
Lightweight verification of functional programs
We have built several tools to help with testing and verifying functional programs. All three tools are based on QuickCheck properties. Our goal is to allow programmers to do more with QuickCheck properties than just test them.The first tool is QuickSpec, which finds equational specifications, and can be used to help with writing a specification or for program understanding. On top of QuickSpec, we have built HipSpec, which proves properties about Haskell programs, and uses QuickSpec to prove the necessary lemmas. We also describe PULSE and eqc_par_statem, which together can be used to find race conditions in Erlang programs.We believe that testable properties are a good basis for reasoning and verification, and that they give many of the benefits of formal verification without the cost of proof. The chief reason is that they are formal specifications for which the programmer can always get a counterexample when they are false. Furthermore, using testable properties allows us to write better tools. None of our tools would be possible if our properties were not testable.We also present work on encoding types in first-order logic, an essential component when using first-order provers to reason about programs. Our encodings are simple but extremely efficient, as evidenced by benchmarks. We develop the theory behind sound type encodings, and have written tools that implement our ideas
αCheck: a mechanized metatheory model-checker
The problem of mechanically formalizing and proving metatheoretic properties
of programming language calculi, type systems, operational semantics, and
related formal systems has received considerable attention recently. However,
the dual problem of searching for errors in such formalizations has attracted
comparatively little attention. In this article, we present Check, a
bounded model-checker for metatheoretic properties of formal systems specified
using nominal logic. In contrast to the current state of the art for metatheory
verification, our approach is fully automatic, does not require expertise in
theorem proving on the part of the user, and produces counterexamples in the
case that a flaw is detected. We present two implementations of this technique,
one based on negation-as-failure and one based on negation elimination, along
with experimental results showing that these techniques are fast enough to be
used interactively to debug systems as they are developed.Comment: Under consideration for publication in Theory and Practice of Logic
Programming (TPLP
Formal semantics for java-like languages and research opportunities.
Currently, Java is one of the most used programming languages, being adopted in many large
projects, where applications reach a level of complexity for which manual testing and human inspection are
not enough to guarantee quality in software development. Because of that, there is a growing research field
that concerns the formalization of small subsets of Java-like languages aimed to conduct studies that were
impossible to achieve through informal approaches. In this context, the objective of this paper is twofold: the
discussion of the state-of-the-art on Java-like semantics and the presentation of research opportunities in this
area. For the first goal, we present a research about Java-like formal semantics, filtering those that provide some
insights in type-safety proofs, choosing the four most cited projects to be presented in details. We also briefly
present some related studies that extended the originals aggregating useful features. Additionally, we provide a
comparison between the most cited projects in order to show which functionalities are covered by each one of
them. As for the second goal, we discuss possible future studies that can be performed by using the presented
formal semantics.Atualmente Java ?e uma das linguagens de programac? ?ao mais utilizadas, sendo adotada em muitos
projetos de grande escala, onde aplicac? ?oes alcanc?am um n??vel de complexidade no qual testes e inspec? ?oes
manuais n?ao s?ao suficientes para garantir qualidade no desenvolvimento de software. Por conta disso, existe um
crescente campo de pesquisa que diz respeito a formalizac? ?ao de pequenos fragmentos de linguagens similares
ao Java, almejando a conduc? ?ao de estudos os quais eram imposs??veis de realizar atrav?es de abordagens
informais. Neste contexto, este artigo tem dois objetivos: a discuss?ao do estado da arte sobre sem?anticas
similares ao Java e a apresentac? ?ao de oportunidades de pequisa nesta ?area. Para o primeiro objetivo, ?e
proposta uma pequisa sobre sem?anticas formais da linguagem Java, filtrando aquelas que prov?eem provas
de seguranc?a de tipos, escolhendo os quatro projetos mais citados para serem apresentados em detalhes.
Tamb?em s?ao apresentados brevemente alguns estudos derivados que estendem os originais agregando
funcionalidades. Adicionalmente, ?e apresentada uma comparac? ?ao entre os projetos mais citados como forma
de demonstrar quais funcionalidades s?ao cobertas por cada um deles. Como segundo objetivo s?ao discutidos
poss??veis trabalhos futuros que podem ser realizados atrav?es do uso das sem? anticas formais apresentadas
Type Theory as a Language Workbench
Language Workbenches offer language designers an expressive environment in which to create their Domain Specific Languages (DSLs). Similarly, research into mechanised meta-theory has shown how dependently typed languages provide expressive environments to formalise and study DSLs and their meta-theoretical properties. But can we claim that dependently typed languages qualify as language workbenches? We argue yes!
We have developed an exemplar DSL called VĂ©lo that showcases not only dependently typed techniques to realise and manipulate Intermediate Representations (IRs), but that dependently typed languages make fine language workbenches. VĂ©lo is a simple verified language with well-typed holes and comes with a complete compiler pipeline: parser, elaborator, REPL, evaluator, and compiler passes. Specifically, we describe our design choices for well-typed IR design that includes support for well-typed holes, how CSE is achieved in a well-typed setting, and how the mechanised type-soundness proof for VĂ©lo is the source of the evaluator
Programmiersprachen und Rechenkonzepte
Seit 1984 veranstaltet die GI-Fachgruppe "Programmiersprachen und Rechenkonzepte" regelmĂ€Ăig im FrĂŒhjahr einen Workshop im Physikzentrum Bad Honnef. Das Treffen dient in erster Linie dem gegenseitigen Kennenlernen, dem Erfahrungsaustausch, der Diskussion und der Vertiefung gegenseitiger Kontakte. In diesem Forum werden VortrĂ€ge und Demonstrationen sowohl bereits abgeschlossener als auch noch laufender Arbeiten vorgestellt, unter anderem (aber nicht ausschlieĂlich) zu Themen wie - Sprachen, Sprachparadigmen - Korrektheit von Entwurf und Implementierung - Werkzeuge - Software-/Hardware-Architekturen - Spezifikation, Entwurf - Validierung, Verifikation - Implementierung, Integration - Sicherheit (Safety und Security) - eingebettete Systeme - hardware-nahe Programmierung. In diesem Technischen Bericht sind einige der prĂ€sentierten Arbeiten zusammen gestellt
A Machine-Checked, Type-Safe Model of Java Concurrency : Language, Virtual Machine, Memory Model, and Verified Compiler
The Java programming language provides safety and security guarantees such as type safety and its security architecture. They distinguish it from other mainstream programming languages like C and C++. In this work, we develop a machine-checked model of concurrent Java and the Java memory model and investigate the impact of concurrency on these guarantees. From the formal model, we automatically obtain an executable verified compiler to bytecode and a validated virtual machine