Systematic concurrency testing meets Haskell.
Go to file
Michael Walker 31d29c11ea Require a 'MonadConc n' instance to run 'ConcT r n' expressions
This is preparation for adding bound threads.  The instance isn't used
in this commit, but the diff is large enough that I feel this should
be a separate commit for ease of review.

Fallout:

- The MonadBaseControl IO instance is gone, as I'm not sure how to do
  it generally.
- The pure/IO split is gone, everything is now monadic.
- The execution, SCT, and dejafu functions are of the form (MonadConc
  n, MonadRef r n) => ...
2017-12-12 14:06:59 +00:00
.travis Add hlint and weeder to travis script 2017-10-20 15:19:35 +01:00
concurrency Pick version numbers for next-supermajor release 2017-12-12 14:06:59 +00:00
dejafu Require a 'MonadConc n' instance to run 'ConcT r n' expressions 2017-12-12 14:06:59 +00:00
dejafu-tests Require a 'MonadConc n' instance to run 'ConcT r n' expressions 2017-12-12 14:06:59 +00:00
doc Pick version numbers for next-supermajor release 2017-12-12 14:06:59 +00:00
hunit-dejafu Require a 'MonadConc n' instance to run 'ConcT r n' expressions 2017-12-12 14:06:59 +00:00
tasty-dejafu Require a 'MonadConc n' instance to run 'ConcT r n' expressions 2017-12-12 14:06:59 +00:00
.gitignore Add note about performance profiling to README. 2017-03-20 19:27:42 +00:00
.hlint.yaml Add an HLint2 config file & fix warnings. 2017-04-08 05:42:25 +01:00
.stylish-haskell.yaml Use stylish-haskell to format import lists. 2017-04-08 05:42:25 +01:00
.travis.yml Travis improvements 2017-11-20 19:25:48 +00:00
.weeder.yaml Require a 'MonadConc n' instance to run 'ConcT r n' expressions 2017-12-12 14:06:59 +00:00
CHANGELOG.markdown Add a repo-wide changelog. 2017-04-07 20:22:22 +01:00
CONTRIBUTING.markdown Change use of titlecase in CONTRIBUTING file 2017-08-19 16:38:39 +01:00
Jenkinsfile Add a Jenkinsfile to build&deploy docs 2017-10-28 17:26:52 +01:00
lint.sh Add section on code style to README + scripts to run tools. 2017-04-08 05:42:26 +01:00
README.markdown Pick version numbers for next-supermajor release 2017-12-12 14:06:59 +00:00
stack.yaml Update leancheck dependency 2017-12-12 13:50:35 +00:00
style.sh Add section on code style to README + scripts to run tools. 2017-04-08 05:42:26 +01:00

dejafu Build Status

[Déjà Fu is] A martial art in which the user's limbs move in time as well as space, […] It is best described as "the feeling that you have been kicked in the head this way before"

-- Terry Pratchett, Thief of Time

Déjà Fu is a unit-testing library for concurrent Haskell programs. Tests are deterministic and expressive, making it easy and convenient to test your threaded code. Available on GitHub, Hackage, and Stackage.

Features:

  • An abstraction over the concurrency functionality in IO
  • Deterministic testing of nondeterministic code
  • Both complete (slower) and incomplete (faster) modes
  • A unit-testing-like approach to writing test cases
  • A property-testing-like approach to comparing stateful operations
  • Testing of potentially nonterminating programs
  • Integration with HUnit and tasty

There are a few different packages under the Déjà Fu umbrella:

Version Summary
concurrency 1.3.0.0 Typeclasses, functions, and data types for concurrency and STM.
dejafu 1.0.0.0 Systematic testing for Haskell concurrency.
hunit-dejafu 1.0.0.0 Deja Fu support for the HUnit test framework.
tasty-dejafu 1.0.0.0 Deja Fu support for the Tasty test framework.

Each package has its own README and CHANGELOG in its subdirectory.

There is also dejafu-tests, the test suite for dejafu. This is in a separate package due to Cabal being bad with test suite transitive dependencies.

Everything is on Hackage and Stackage, and the last three major GHC versions (currently 8.2, 8.0, and 7.10) are supported.

Installation

Install from Hackage globally:

$ cabal-install dejafu

Or add it to your cabal file:

build-depends: ...
             , dejafu

Or to your package.yaml:

dependencies:
  ...
  - dejafu

Quick start guide

Déjà Fu supports unit testing, and comes with a helper function called autocheck to look for some common issues. Let's see it in action:

import Control.Concurrent.Classy

myFunction :: MonadConc m => m String
myFunction = do
  var <- newEmptyMVar
  fork (putMVar var "hello")
  fork (putMVar var "world")
  readMVar var

That MonadConc is a typeclass abstraction over concurrency, but we'll get onto that shortly. First, the result of testing:

> autocheck myFunction
[pass] Never Deadlocks (checked: 12)
[pass] No Exceptions (checked: 12)
[fail] Consistent Result (checked: 11)
        "hello" S0----S1-P2-S0--

        "world" S0----S2--S0-P1-S0-
False

There are no deadlocks or uncaught exceptions, which is good; but the program is (as you probably spotted) nondeterministic!

Along with each result, Déjà Fu gives us a representative execution trace in an abbreviated form. Sn means that thread n started executing, and Pn means that thread n pre-empted the previously running thread.

Why Déjà Fu?

Testing concurrent programs is difficult, because in general they are nondeterministic. This leads to people using work-arounds like running their testsuite many thousands of times; or running their testsuite while putting their machine under heavy load.

These approaches are inadequate for a few reasons:

  • How many runs is enough? When you are just hopping to spot a bug by coincidence, how do you know to stop?
  • How do you know if you've fixed a bug you saw previously? Because the scheduler is a black box, you don't know if the previously buggy schedule has been re-run.
  • You won't actually get that much scheduling variety! Operating systems and language runtimes like to run threads for long periods of time, which reduces the variety you get (and so drives up the number of runs you need).

Déjà Fu addresses these points by offering complete testing. You can run a test case and be guaranteed to find all results with some bounds. These bounds can be configured, or even disabled! The underlying approach used is smarter than merely trying all possible executions, and will in general explore the state-space quickly.

If your test case is just too big for complete testing, there is also a random scheduling mode, which is necessarily incomplete. However, Déjà Fu will tend to produce much more schedule variety than just running your test case in IO the same number of times, and so bugs will tend to crop up sooner. Furthermore, as you get execution traces out, you can be certain that a bug has been fixed by simply following the trace by eye.

Contributing

See the CONTRIBUTING.markdown file.

If you'd like to get involved with Déjà Fu, check out the "good first issue" label on the issue tracker.

Release notes

See the CHANGELOG.markdown file.

Questions, feedback, discussion

Bibliography

These libraries wouldn't be possible without prior research, which I mention in the documentation. Haddock comments get the full citation, whereas in-line comments just get the shortened name:

There are also a couple of papers on dejafu itself: