archives

Define it twice -- preemptive bughunting or waste of time?

Suppose I allow multiple definitions of routines/classes in a programming language, with the caveat that anything multiply defined must have identical semantics (identical interface, identical results, identical effects if non functional) and different syntactic structure in every definition.

Then have the development environment (but probably not the runtime environment) run multiple copies of the program, synchronizing just before and after each call to the multiply-implemented routine or class. If different results/effects are detected by a comparison of the program states at return time, halt with an error message. Clearly, if both (or all) implementations are supposed to have the same semantics, then when results/effects diverge, it is evidence that at least one has a bug.

It seems unlikely, though possible, that both would have the same bugs, leading to rare "false positives" in which the test suite completes without error despite a lurking bug. False negatives however -- where the test suite halts with a comparison error despite the tested code having identical semantics, would be eliminated. Every time the alarm goes up, there is definitely something wrong.

Refactoring would also be easier; when a new implementation is supposed to provide the same services to the rest of the program as the old one, you could run them simultaneously rather than serially through a test suite, and make sure that, in fact, they do. This would also mean you can add test cases spontaneously and run them parallel, rather than having to reconfigure your program (twice!) to test both implementations against each other on a new test case you add/find after the first run of testing.

A semi-random thought about development environments. More a programmer convenience, perhaps, since you could do the test and comparison by hand as well, but nevertheless an important complement to static analysis. It would allow you to test things well beyond the ability of a typical type analysis to make sure that they are and do, in fact, what you want.

Anyone seen something similar, or is this actually an original idea?

By Ray Dillinger at 2013-06-11 00:38 | LtU Forum | 10 comments | other blogs | 4859 reads