Windows & .NET Watch: Flexing Pex

By Larry O Brien

August 1, 2010 — (Page 2 of 3)
The results can be deceptively simple-looking. Handwritten tests almost always have human-significant values: “InvalidEmail” and “Robert');DROP TABLE Students;” and so forth. The output of running a Pex “exploration” has less obvious data, a FIT-style table with lots of single-character and “\0” strings.

One important lesson of the past decade is that testing cannot be palmed off to non-developers. A corollary is the suspicion that tools that automatically generate test cases are likely to be deceptively reassuring. We know that less-experienced and less-competent programmers will sometimes blindly follow compiler warnings and errors and generate intricately wrong code “to satisfy the compiler.” It seems reasonable to fear that the test results generated by a tool in an early run might be accepted by a lazy developer and become enshrined in the test suite.

Two ways that Pex battles this is by making it very easy to e-mail the responsible developer and by generating argument-validating preconditions to your code. Nonetheless, you can’t abstract- away incompetence, and I doubt that Pex would duplicate the “Little Bobby Tables” SQL injection attack shown previously.

The Pex PowerTool is now paired with Moles, another Microsoft ResearchMSR project thatwhich can “detour” functions so that they are handled by (hopefully) fast-performing and consistent stub functions. So a call to, say, a Web sService providing a stock quote, can be replaced with local, hard-coded values. (If Moles has the same capabilities as Microsoft Research’s C-based “Detours” library for Win32, it can be used for all sorts of wild metaprogramming.)

Finally, one can use Pex with yet another Microsoft ResearchMSR project called “Contracts." Contracts supports “Programming By Contract,” as popularized in the Eiffel programming language. Contracts identifies the guaranteed preconditions, postconditions, and invariants of a method call; for instance, you might say that the argument to a square root calculation must always be non-negative. If you check for that in your code and throw an ArgumentOutOfRange exception, that’s a parameter validation. If you specify it as a precondition, your code is considered correct no matter how it handles negative numbers (the contract was broken by the calling code that ignores the contract’s preconditions).

Pages 1 2 3

Share this link: http://sdt.bz/34526

Technorati

Digg

Slashdot

Facebook

Friendfeed

Twitter

del.icio.us

Microsoft details WCF and WF in next-gen .NET Easier creation of REST-type applications and more seamless integration between WCF and WF are some of the main focuses in Microsoft's plans. Also, "Dublin," an update to Windows Server 2008, will allow it to host composite applications by extending the Application Server Role.

Windows & .NET Watch: Python: Arbitrarily Interesting IronPython 2.0 presents programmers a way to come up with "interesting things," but it can be daunting to those unfamiliar with the language. Fortunately, there are a few resources that can help programmers delve into IronPython's capabilities.

Ballmer announces Windows 7, Windows Server 2008 R2 betas Microsoft CEO Steve Ballmer used the CES 2009 spotlight to announce the availability of betas for the upcoming version of Windows. Preview versions of Windows 7 and Windows Server 2008 R2 have been distributed to testers, with general availability coming tomorrow.

Microsoft details WCF and WF in next-gen .NET
Easier creation of REST-type applications and more seamless integration between WCF and WF are some of the main focuses in Microsoft's plans. Also, "Dublin," an update to Windows Server 2008, will allow it to host composite applications by extending the Application Server Role Read More...