Generative testing and instrumentation for polymorphic functions with typed.clj.spec

Usually spec does not support polymorphic types, so library functions like map and filter are usually ascribed imprecise monomorphic types. For example, if map is ((a->b)a*->b*) in a static type system, then it becomes ((any?->any?)any?*->any?*) in spec.

While the second type is great for instrumentation, it's not helpful for generative testing.

typed.clj.spec attempts to bring together both worlds by enhancing spec with polymorphic types that can be used for generative testing, and tools to instantiate them to also instrument from the same types.


We'll need typed.clj.spec and the typedclojure fork of spec2.

{:deps {org.clojure/clojure {:mvn/version "1.10.1"}
        org.clojure/data.csv {:mvn/version "1.0.0"}
        org.clojure/test.check {:mvn/version "1.1.0"}
        org.clojure/alpha.spec {:git/url "" 
                                :git/sha "9da58ec60f5a4a3bfc61fa19f54bf1d160b49dfc"}
        {:git/url ""
         :deps/root "typed/clj.spec"
         :git/sha "d9ee00ce05a32691a67e99f14a21cc70481f6dab"}}}

Let's use the following requires.

(require '[clojure.alpha.spec :as s]
         '[clojure.alpha.spec.test :as stest]
         '[clojure.alpha.spec.gen :as gen]
         '[typed.clj.spec :as t]
         '[clojure.pprint :refer [pprint]]
         '[clojure.string :as str]
         '[ :as csv]
         '[ :as io])

The Problem

Let's say we're trying to spec the following function.

(defn my-map
  "It's just clojure.core/map with 2 args, to keep this article easy to follow."
  [f c]
  (map f c))

As the community-driven library of core specs speculative shows us, there isn't much we can say about my-map in spec1 or spec2. We're using spec2 -- here's what I would use:

  (s/fspec :args (s/cat :fn (s/fspec :args (s/cat :x any?)
                                     :ret any?)
                        :coll (s/nilable (s/every any?)))
           :ret (s/every any?)))

As the name suggests, this is a monomorphic types (no type variables). For comparison, here's the 2-arg static type in Typed Clojure:

(ann clojure.core/map
     (All [a b]
        [[a -> b] (U nil (Seqable a)) -> (t/ASeq b)]))

The spec version is missing key relationships between its arguments and return value. Does this really matter for the kinds of problems spec is trying to achieve? It depends what you want to use the type for. If it's for generative testing of map, then I claim yes, it makes a big difference.

  (s/fspec :args (s/cat :fn (s/fspec :args (s/cat :x any?)
                                     :ret any?)
                        :coll (s/nilable (s/every any?)))
           :fn #(= (bounded-count 30 (:ret %))
                   (bounded-count 30 (-> % :args :coll)))
           :ret (s/every any?)))

The monomorphic type of map is broad enough to be a supertype of all instantiations of map---this means we should expect my-map to be an instance of it (which it is):

(s/valid? ::map1-mono my-map) ;; my-map is a correct impl of map

Unfortunately, there are many functions that are not even close to map which also are subtypes of this type. Let's define a few incorrect "map" definitions, and see which ones validate as ::map1-mono.

  (t/all :binder (t/binder
                   :x (t/bind-tv)
                   :y (t/bind-tv))
         :body (s/fspec :args (s/cat :fn (s/fspec :args (s/cat :x (t/tv :x))
                                                  :ret (t/tv :y))
                                     :coll (s/nilable (s/every (t/tv :x))))
                        :ret (s/every (t/tv :y)))))
  (t/all :binder (t/binder
                   :x (t/bind-tv)
                   :y (t/bind-tv))
         :body (s/fspec :args (s/cat :fn (s/fspec :args (s/cat :x (t/tv :x))
                                                  :ret (t/tv :y))
                                     :coll (s/nilable (s/every (t/tv :x))))
                        :fn #(= (bounded-count 30 (:ret %))
                                (bounded-count 30 (-> % :args :coll)))
                        :ret (s/every (t/tv :y)))))
;; make pretty graphs
(defn false-positive-benchmark
  {:pre [(qualified-keyword? spec)]}
  (let [syms (into #{} (comp (mapcat (comp vals #(do (require %)
                                                     (ns-publics %))))
                             (filter var?)
                             (remove (comp :macro meta))
                             (map symbol)
        cases (concat syms
                      #_(map (fn [sym]
                               `(comp ~sym map))
        map-unit-tests (fn [map]
                         (try (and (= [] (map identity []))
                                   (= [1] (map identity [1]))
                                   (= [2] (map inc [1]))
                                   (= (range 1 11) (map inc (range 10)))
                                   ;; detect keep/filter/remove
                                   (= [nil true nil] (map (some-fn symbol? (constantly nil)) [1 'sym :kw]))
                                   ;; detect mapcat
                                   (= [[1] ['sym] [:kw]] (map vector [1 'sym :kw])))
                              (catch Throwable e false)))]
      (pmap (fn [c]
              {:pre [(qualified-symbol? c)]}
              (binding [*out* (
                        *err* (
                (let [f (resolve c)
                      _ (assert (var? f))
                      start (System/nanoTime)
                      v? (s/valid? spec f)
                      elapsed-ns (- (System/nanoTime) start) 
                      m? (map-unit-tests f)
                      result (if v?
                               (if m?
                               (if m?
                  {:case c
                   :spec spec
                   :elapsed-ns elapsed-ns
                   :result result
                   :is-map? m?
                   :valid? v?})))

(defn false-positive-benchmarks [specs]
  (into #{} (mapcat false-positive-benchmark) specs))

(defn plot-bench
  ([specs] (plot-bench specs (false-positive-benchmarks specs)))
  ([specs ress]
   (let [ress (group-by #(select-keys % [:spec :result]) ress)]
     (prn (keys ress))
     ^{:nextjournal/viewer :plotly}
     {:data (map (fn [result]
                   {:x specs
                    :y (map (fn [spec]
                              (-> {:spec spec
                                   :result result}
                    #_#_:text (map (fn [spec]
                                 (name spec)
                                 #_(->> {:spec spec
                                       :result result}
                                      (map :case)
                                      (str/join "\n")))
                    :type "bar"
                    :name (name result)})
      :layout {;:barmode "stack"
               :title "Incorrectly validated values for specs"
               :autosize false :width 600 :height 1000 
               ;:xaxis1 {:title "spec name"}
               :xaxis {:tickangle -45}
               :yaxis1 {:title "false results"}}})))
(def all-map-specs [::map1-mono ::map1-mono+count ::map1-poly ::map1-poly+count])
(defonce bench-results (false-positive-benchmarks all-map-specs))
(plot-bench all-map-specs bench-results)


Notice that as long as

(->> bench-results
     (group-by :spec)
     (map (fn [[k v]] [k (into (sorted-map)
                                  (remove (comp #{:true-positive :true-negative}
                                  (map (fn [[k v]]
                                         [k (mapv :case v)])))
                               (group-by :result v))]))
     (into (sorted-map)))

To demonstrate how broad the monomorphic type is,

(def csv-data 
   (->> bench-results
      (remove (comp #{:true-positive :true-negative} :result))
      (sort-by (juxt :spec :result))))
(def csv-keys [:spec :result :case])

(with-open [writer (io/writer "/results/out-file.csv")]
  (csv/write-csv writer
                 (cons csv-keys (map (apply juxt csv-keys) csv-data))))


(s/valid? ::map1-poly my-map)
(s/def my-map (t/inst ::map1-poly {:x any? :y any?}))
(pprint (s/describe (s/get-spec `my-map)))
(stest/instrument `my-map)
(try (my-map 1 2)
     (catch Throwable e
       (pprint e))
       (stest/unstrument `my-map)))
