If I understand correctly, they approximate language of inputs of a function to discover minimal (in some sense, like "shortest description length") inputs that violate relations between inputs and outputs of a function under scrutiny.
newtype Parser a = Parser ([Word] -> (a, [Word])
- Generate a random number N for the size (maybe restricted to some Range)
- Generate N `Char` values, by using a random number for each code point.
- Combine those Chars into a string
falsify runs a generator by applying it to an infinite binary tree, with random numbers in the nodes. A generator can either consume a single number (taken from the root node of a tree), or it can run two other generators (one gets run on the left child, the other gets run on the right). Hence the above generator would use the value in the left child as N, then run the "generate N Chars" generator on the right child. The latter generator would run a Char generator on its left child, and an 'N-1 Chars' generator on its right child; and so on.
To shrink, we just run the generator on a tree with smaller numbers. In this case, a smaller number in the left child will cause fewer Chars to be generated; and smaller numbers in the right tree will cause lower code-points to be generated. falsify's tree representation also has a special case for the smallest tree (which returns 0 for its root, and itself for each child).
Suppose I have a function which takes four string parameters, and I have a bug which means it crashes if the third is empty.
I'd rather see this in the failure report:
("ldiuhuh!skdfh", "nd#lkgjdflkgdfg", "", "dc9ofugdl ifugidlugfoidufog")
than this:
("", "", "", "")
I guess if we were even more clever we could get to something more like (…, …, "", …).
fails_on_empty_third_arg(
a = "", # or any other generated value
b = "", # or any other generated value
c = "",
d = "", # or any other generated value
)
I agree that non-empty strings are worse, but unfortunately `("", "", "", "")` wouldn't only make me think of empty strings; e.g. I'd wonder whether duplicate/equal values are the problem.
> ("ldiuhuh!skdfh", "nd#lkgjdflkgdfg", "", "dc9ofugdl ifugidlugfoidufog")
I would prefer LazySmallcheck's result, which would be the following:
(_, _, "", _)
Maybe an alternative shrinking procedure could directly minimize the number of instructions that need to be executed to hit a failure...
So I think it would be a decent quality-of-life improvement to make generators of the sort you suggest easily available, and have the tutorial docs use them from the start.
sshine•1y ago
The article uses the words "integrated" vs. "internal" shrinking.
> the raison d’être of internal shrinking: it doesn’t matter that we cannot shrink the two generators independently, because we are not shrinking generators! Instead, we just shrink the samples that feed into those generators.
Besides that it seems like falsify has many of the same features like choice of ranges and distributions.
_jackdk_•1y ago
> The key insight of the Hypothesis library is that instead of shrinking generated values, we instead shrink the samples produced by the PRNG.
Hedgehog loses shrink information when you do a monadic bind (Gen a -> (a -> Gen b) -> Gen b). Hypothesis parses values out of the stream of data generated by the PRNG, so when it "binds", you are still just consuming off that stream of random numbers, and you can shrink the stream to shrink the generated values.
Here is a talk that applies the Hypothesis idea to test C++: https://www.youtube.com/watch?v=C6joICx1XMY . Discussion of PBT implementation approaches begins at 6:30.