SlideShare a Scribd company logo

Improving Correctness With Type - Goto Con Berlin

Download as PPTX, PDF
Iain Hull, profile picture
Iain Hull

The document discusses improving software correctness through the use of types and defensive programming practices, emphasizing the importance of immutability, avoiding null references, and employing wrapper types. It presents examples of type-safe programming in Scala, showcasing how to define custom types and control operations to prevent errors, particularly in the context of monetary calculations and job processing. The content also touches on advanced topics like algebraic data types and path-dependent types, illustrating how they can enhance type safety and program reliability.

Software
1 of 62
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
Improving Correctness With Type - Goto Con Berlin
Improving Correctness with Types GOTO Berlin December 2015
Iain Hull iain.hull@workday.com @IainHull http://workday.github.io
Defensive programming
Fail fast
Design by contract
Improving Correctness With Type - Goto Con Berlin
What is a function ? f x y Domain Range
Improving Correctness With Type - Goto Con Berlin
Never use nulls … period “Null references, my billion dollar mistake” - Tony Hoare, QCon 2009
All data is immutable
Do not throw exceptions
Wrappers Wrapper Types
case class Customer(name: String, preferredCurrency: String) { require(Currency.isValid(preferredCurrency)) } val customer = Customer(name = "Joe Bloggs", preferredCurrency = "TXL") This is an airport?
class Currency private (val code: String) extends AnyVal object Currency { val USD: Currency = new Currency("USD") val EUR: Currency = new Currency("EUR") // ... def from(code: String): Option[Currency] = ??? }
case class Customer(name: String, preferredCurrency: Currency) def creditCardRate(customer: Customer): BigDecimal = { if (customer.preferredCurrency == "USD") BigDecimal("0.015") else BigDecimal("0.025") } Always false
import org.scalactic.TypeCheckedTripleEquals._ case class Customer(name: String, preferredCurrency: Currency) def creditCardRate(customer: Customer): BigDecimal = { if (customer.preferredCurrency === "USD") BigDecimal("0.015") else BigDecimal("0.025") } Does not compile
import org.scalactic.TypeCheckedTripleEquals._ case class Customer(name: String, preferredCurrency: Currency) def creditCardRate(customer: Customer): BigDecimal = { if (customer.preferredCurrency === Currency.USD) BigDecimal("0.015") else BigDecimal("0.025") }
val order: Order = ??? val customer: Customer = ??? val creditCardCharge = order.amount + creditCardRate(customer) Eeek this a bug
class MoneyAmount(val amount: BigDecimal) extends AnyVal { def + (rhs: MoneyAmount): MoneyAmount = new MoneyAmount(amount + rhs.amount) def - (rhs: MoneyAmount): MoneyAmount = new MoneyAmount(amount - rhs.amount) def * (rhs: Rate): MoneyAmount = new MoneyAmount(amount * rhs.size) } class Rate(val size: BigDecimal) extends AnyVal { def * (rhs: Rate): MoneyAmount = rhs * this }
val order: Order = ??? val customer: Customer = ??? val creditCardCharge = order.amount + creditCardRate(customer) Does not compile
Using wrapper types • Do not abuse primitives • Control the available values • Control the available operations • Move validation to the correct place
Non empty list
def average(items: List[Int]): Int = items.sum / items.size scala> average(List(5)) res1: Int = 5 scala> average(List(5, 10, 15)) res2: Int = 10 scala> average(List()) java.lang.ArithmeticException: / by zero at .average0(<console>:8) ... 35 elided
import org.scalactic.Every def average(items: Every[Int]): Int = items.sum / items.size scala> average(Every(5)) res1: Int = 5 scala> average(Every(5, 10, 15)) res2: Int = 10 scala> average(Every()) <console>:10: error: not enough arguments for method apply: (firstElement: T, otherElements: T*)org.scalactic.Every[T] in object Every. Unspecified value parameters firstElement, otherElements. average(Every())
import org.scalactic.Every def average(items: Every[Int]): Int = items.sum / items.size def average(first: Int, rest: Int*): Int = average(Every(first, rest: _*)) scala> average(5) res1: Int = 5 scala> average(5, 10, 15) res2: Int = 10 scala> average() <console>:11: error: not enough arguments for method average: (first: Int, rest: Int*)Int. Unspecified value parameters first, rest. average()
def describeSomeList(items: List[Int]): String = { val ave = average(items) s"A list with average $ave" } Does not compile
def maybeNonEmpty(items: List[Int]): Option[Every[Int]] = { items match { case head :: tail => Some(Every(head, tail)) case Nil => None } } scala> maybeNonEmpty(List(5, 10, 15)) res1: Option[Every[Int]] = Some(Every(5, 10, 15)) scala> maybeNonEmpty(List()) res2: Option[Every[Int]] = None
def describeSomeList(items: List[Int]): String = { val ave = average(items) s”A list with average $ave" } def describeSomeList(items: List[Int]): String = { maybeNonEmpty(items) match { case Some(is) => val ave = average(is) s"A list with average $ave" case None => "An empty list" } } Does not compile
Non empty lists • Some lists cannot be empty • Tell the compiler • One-plus-var-args idiom
Algebraic data types
Agent Id Type Status Host In Use By A01 1 Active 10.0.0.1 A02 1 Failed 10.0.0.2 J01 A03 2 Active 10.0.0.3 J03 A04 2 Waiting 10.0.0.4 Job Id Type Status Submitted By Processed By J01 1 Waiting Fred J02 1 Active Wilma A01 J03 2 Complete Barney A03 Jobs Agents
case class Agent(agentId: String, jobType: Int, host: String, port: Int, status: String, // Waiting | Active | Failed maybeLastAccessed: Option[DateTime], inUse: Boolean, maybeInUseBy: Option[String]) case class Job(referenceId: String, jobType: Int, status: String, // Waiting | Active | Complete submittedBy: String, submittedAt: DateTime, maybeStartedAt: Option[DateTime], maybeProcessedBy: Option[String], maybeCompletedAt: Option[DateTime])
case class Agent(agentId: String, jobType: JobType, address: AgentAddress, status: AgentStatus, lastAccessed: Option[DateTime], inUse: Boolean, maybeInUseBy: Option[String]) case class Job(referenceId: String, jobType: JobType, status: JobStatus, submittedBy: User, submittedAt: DateTime, maybeStartedAt: Option[DateTime], maybeProcessedBy: Option[String], maybeCompletedAt: Option[DateTime])
sealed abstract class JobType(val value: Int) case object SmallJob extends JobType(1) case object LargeJob extends JobType(2) case object BatchJob extends JobType(3) sealed abstract class AgentStatus(val value: String) case object AgentWaiting extends AgentStatus("Waiting") case object AgentActive extends AgentStatus("Active") case object AgentFailed extends AgentStatus("Failed") sealed abstract class JobStatus(val value: String) case object JobWaiting extends JobStatus("Waiting") case object JobActive extends JobStatus("Active") case object JobCompelete extends JobStatus("Complete") case class AgentAddress(host: String, port: Int) case class User(name: String)
case class Agent(agentId: String, jobType: JobType, address: AgentAddress, status: AgentStatus, lastAccessed: Option[DateTime], inUse: Boolean, maybeInUseBy: Option[String]) case class Job(referenceId: String, jobType: JobType, status: JobStatus, submittedBy: User, submittedAt: DateTime, maybeStartedAt: Option[DateTime], maybeProcessedBy: Option[String], maybeCompletedAt: Option[DateTime])
import tag.@@ trait Foo def onlyFoo(value: String @@ Foo): String = s"It a foo: $value" scala> onlyFoo("simple string") <console>:13: error: type mismatch; found : String("simple string") required: tag.@@[String,Foo] (which expands to) String with tag.Tagged[Foo] onlyFoo("simple string") ^ scala> val foo = tag[Foo]("Foo String") foo: tag.@@[String,Foo] = Foo String scala> onlyFoo(foo) res2: String = It a foo: Foo String def anyString(value: String): String = s"Just a string: $value” scala> anyString(foo) res6: String = Just a string: Foo String
case class Agent(agentId: String @@ Agent, jobType: JobType, address: AgentAddress, status: AgentStatus, lastAccessed: Option[DateTime], inUse: Boolean, maybeInUseBy: Option[String @@ Job]) case class Job(referenceId: String @@ Job, jobType: JobType, status: JobStatus, submittedBy: User, submittedAt: DateTime, maybeStartedAt: Option[DateTime], maybeProcessedBy: Option[String @@ Agent], maybeCompletedAt: Option[DateTime])
case class Job(referenceId: String @@ Agent, jobType: JobType, status: JobStatus, submittedBy: User, submittedAt: DateTime, maybeStartedAt: Option[DateTime], maybeProcessedBy: Option[String @@ Job], maybeCompletedAt: Option[DateTime]) Waiting | Active | Complete
def recordCompletionMetrics(job: Job): Unit = { for( startedAt <- job.maybeStartedAt ; completedAt <- job.maybeCompletedAt ) { writeJobEvent( event = "Completed", time = completedAt, referenceId = job.referenceId, waitingTime = (startedAt - job.submittedAt), executionTime = (completedAt - startedAt)) } }
def recordCompletionMetrics(job: Job): Unit = { require(job.status = JobComplete) require(job.maybeStartedAt.isDefined) require(job.maybeCompletedAt.isDefined) for (startedAt <- job.maybeStartedAt ; completedAt <- job.maybeCompletedAt ) { writeJobEvent ( event = "Completed", time = completedAt, referenceId = job.referenceId, waitingTime = (startedAt - job.submittedAt), executionTime = (completedAt - startedAt)) } }
sealed trait Job { def referenceId: String @@ Job def status: JobStatus def submittedBy: User def submittedAt: DateTime } case class WaitingJob(referenceId: String @@ Job, submittedBy: User, submittedAt: DateTime) extends Job { val status: JobStatus = JobWaiting }
sealed trait Job { def referenceId: String @@ Job def status: JobStatus def submittedBy: User def submittedAt: DateTime } case class ActiveJob(referenceId: String @@ Job, submittedBy: User, submittedAt: DateTime, startedAt: DateTime, processedBy: String @@ Agent) extends Job { val status: JobStatus = JobActive }
sealed trait Job { def referenceId: String @@ Job def status: JobStatus def submittedBy: User def submittedAt: DateTime } case class CompleteJob(referenceId: String @@ Job, submittedBy: User, submittedAt: DateTime, startedAt: DateTime, processedBy: String @@ Agent, completedAt: DateTime) extends Job { val status: JobStatus = JobComplete }
def recordCompletionMetrics(job: CompleteJob): Unit = { writeJobEvent( event = "Completed", time = job.completedAt, referenceId = job.referenceId, waitingTime = (job.startedAt - job.submittedAt), executionTime = (job.completedAt - job.startedAt)) }
Algebraic data types • Simply sealed traits and case classes • Exposes the shape of your data • Use this shape to control possible states
Path Dependent Types
trait Handle { def name: Name def owner: User } trait Data { def stream: InputStream } trait Storage { def create(name: Name, owner: User, data: InputStream): Handle def find(name: Name): Option[Handle] def read(handle: Handle): Try[Data] }
case class HandleImpl(id: Long, name: Name, owner: User) extends Handle case class DataImpl(stream: InputStream) extends Data class StorageImpl extends Storage { // ... def read(entryDesc: Handle): Try[Data] = { require(entryDesc.isInstanceOf[HandleImpl]) val impl = entryDesc.asInstanceOf[HandleImpl] dataStore.read(impl.id) }
val riakStorage: Storage = ??? val maybeData = for { handle <- riakStorage.find(someName) data <- riakStorage.read(handle).toOption } yield data
val riakStorage: Storage = ??? val memoryStorage: Storage = ??? val maybeData = for { handle <- riakStorage.find(someName) data <- memoryStorage.read(handle).toOption } yield data IllegalArgumentException
trait HandleLike { def name: Name def owner: User } trait DataLike { def stream: InputStream } trait Storage { type Handle <: HandleLike type Data <: DataLike def create(name: Name, owner: User, data: InputStream): Handle def find(name: Name): Option[Handle] def read(handle: Handle): Try[Data] }
private[impl] class StorageImpl extends Storage { type Handle = HandleImpl type Data = DataImpl case class HandleImpl(id: Long, name: Name, owner: User) extends HandleLike case class DataImpl(stream: InputStream) extends DataLike // ... def read(entryDesc: Handle): Try[Data] = { dataStore.read(entryDesc.id) } }
val riakStorage: Storage = ??? val memoryStorage: Storage = ??? val maybeData = for { handle <- riakStorage.find(someName) data <- memoryStorage.read(handle).toOption } yield data error: type mismatch; found : handle.type (with underlying type riakStorage.Handle) required: memoryStorage.Handle data <- memoryStorage.read(handle).toOption ^
val riakStorage1: Storage = ??? val riakStorage2: Storage = ??? val maybeData = for { handle <- riakStorage1.find(someName) data <- riakStorage2.read(handle).toOption } yield data error: type mismatch; found : handle.type (with underlying type riakStorage1.Handle) required: riakStorage2.Handle data <- riakStorage2.read(handle).toOption ^
Path dependent types • Family polymorphism • Remove casts • Bound to instances not classes
More advanced techniques • Self-recursive types • Phantom types • Shapeless References: workday.github.io
“Types = For All Tests = There Exists” - Amanda Laucher
Improving Correctness With Type - Goto Con Berlin
“A mind is like a parachute, it doesn’t work unless its open” - Frank Zappa
http://workday.github.io
Improving Correctness With Type - Goto Con Berlin

More Related Content

PPTX
Improving Correctness with Types Kats Conf
Iain Hull
 
PDF
Anonymous functions in JavaScript
Mohammed Sazid Al Rashid
 
PDF
Reflection in Go
strikr .
 
PPTX
What\'s New in C# 4.0
Eyal Vardi
 
PDF
Let the type system be your friend
The Software House
 
PDF
Developer Experience i TypeScript. Najbardziej ikoniczne duo
The Software House
 
PPTX
Javascript Basics
msemenistyi
 
PDF
科特林λ學
彥彬 洪
 
Improving Correctness with Types Kats Conf
Iain Hull
 
Anonymous functions in JavaScript
Mohammed Sazid Al Rashid
 
Reflection in Go
strikr .
 
What\'s New in C# 4.0
Eyal Vardi
 
Let the type system be your friend
The Software House
 
Developer Experience i TypeScript. Najbardziej ikoniczne duo
The Software House
 
Javascript Basics
msemenistyi
 
科特林λ學
彥彬 洪
 

What's hot (20)

PDF
Promise: async programming hero
The Software House
 
PDF
Fun with Lambdas: C++14 Style (part 1)
Sumant Tambe
 
PDF
Scala taxonomy
Radim Pavlicek
 
PDF
Grammarware Memes
Eelco Visser
 
PPT
Templates exception handling
sanya6900
 
PDF
Java Script Best Practices
Enrique Juan de Dios
 
PPSX
DIWE - Programming with JavaScript
Rasan Samarasinghe
 
PDF
SeneJug java_8_prez_122015
senejug
 
PPTX
Ajaxworld
deannalagason
 
PDF
Qt Widget In-Depth
account inactive
 
PPTX
Operator overloading2
zindadili
 
PDF
ECMA 入门
chencheng 云谦
 
PPTX
operator overloading
Nishant Joshi
 
PDF
Functions in C++
Pranali Chaudhari
 
PPTX
Software design principles SOLID
Foyzul Karim
 
PDF
How do you create a programming language for the JVM?
Federico Tomassetti
 
PDF
Functional solid
Matt Stine
 
PPTX
Type Driven Development with TypeScript
Garth Gilmour
 
PPT
Operator Overloading
Nilesh Dalvi
 
PDF
Protocol-Oriented Programming in Swift
Oleksandr Stepanov
 
Promise: async programming hero
The Software House
 
Fun with Lambdas: C++14 Style (part 1)
Sumant Tambe
 
Scala taxonomy
Radim Pavlicek
 
Grammarware Memes
Eelco Visser
 
Templates exception handling
sanya6900
 
Java Script Best Practices
Enrique Juan de Dios
 
DIWE - Programming with JavaScript
Rasan Samarasinghe
 
SeneJug java_8_prez_122015
senejug
 
Ajaxworld
deannalagason
 
Qt Widget In-Depth
account inactive
 
Operator overloading2
zindadili
 
ECMA 入门
chencheng 云谦
 
operator overloading
Nishant Joshi
 
Functions in C++
Pranali Chaudhari
 
Software design principles SOLID
Foyzul Karim
 
How do you create a programming language for the JVM?
Federico Tomassetti
 
Functional solid
Matt Stine
 
Type Driven Development with TypeScript
Garth Gilmour
 
Operator Overloading
Nilesh Dalvi
 
Protocol-Oriented Programming in Swift
Oleksandr Stepanov
 
Ad

Viewers also liked (20)

PDF
Cinco dias desayuno redacción 17 12-2012
Francisco J. Jariego, PhD.
 
PPT
In 209 Presentasjon
skyttern
 
PPTX
English
jenni_7891
 
PDF
P.e.f de la facultad
Francisco Muñoz
 
PDF
Similitudine eserciziario teoremi_euclide_mathubi
2tapizzi
 
PPS
amigos de internet
manolo53
 
PPTX
Tics presente pasado y futuro
Madeleyne Santos Rivas
 
PDF
C27 theodore-stecher-robert-solow-mike-sheppard-ron-gettelfinger-peter-levy-j...
mike_asby_985
 
PPT
Top Off Your Perfect Blend with TOPR: The Teaching Online Pedagogical Repository
Kelvin Thompson
 
PDF
Community Media 2012
ATPD
 
PDF
Como hacer una tortilla de patatas
anaclz
 
PDF
RESUME detail services FR
Carrillo Asesores Tributarios y Abogados, SLP.
 
PDF
William gibson neuromante
chelosblues
 
PDF
NAVIDAD EN CABANA-PALLASCA-ANCASH
Enrique Vasquez Sifuentes
 
PPTX
Osteo
信州大学 Shinshu University - Official
 
PDF
Hotelier Indonesia 25th Vol 10 2016
Hery Sudrajat
 
PDF
NEXELL - Company Profile
Salesforce Deutschland
 
PDF
M a. rengifo (2012). caracterización óptica de diodos emisores de luz mediant...
Miguel Rengifo
 
PDF
Catastr2
EBER QUISPE
 
PPTX
What You Missed at Talent Connect 2013 | Webcast
LinkedIn Talent Solutions
 
Cinco dias desayuno redacción 17 12-2012
Francisco J. Jariego, PhD.
 
In 209 Presentasjon
skyttern
 
English
jenni_7891
 
P.e.f de la facultad
Francisco Muñoz
 
Similitudine eserciziario teoremi_euclide_mathubi
2tapizzi
 
amigos de internet
manolo53
 
Tics presente pasado y futuro
Madeleyne Santos Rivas
 
C27 theodore-stecher-robert-solow-mike-sheppard-ron-gettelfinger-peter-levy-j...
mike_asby_985
 
Top Off Your Perfect Blend with TOPR: The Teaching Online Pedagogical Repository
Kelvin Thompson
 
Community Media 2012
ATPD
 
Como hacer una tortilla de patatas
anaclz
 
RESUME detail services FR
Carrillo Asesores Tributarios y Abogados, SLP.
 
William gibson neuromante
chelosblues
 
NAVIDAD EN CABANA-PALLASCA-ANCASH
Enrique Vasquez Sifuentes
 
Osteo
信州大学 Shinshu University - Official
 
Hotelier Indonesia 25th Vol 10 2016
Hery Sudrajat
 
NEXELL - Company Profile
Salesforce Deutschland
 
M a. rengifo (2012). caracterización óptica de diodos emisores de luz mediant...
Miguel Rengifo
 
Catastr2
EBER QUISPE
 
What You Missed at Talent Connect 2013 | Webcast
LinkedIn Talent Solutions
 
Ad

Similar to Improving Correctness With Type - Goto Con Berlin (20)

PPTX
Improving Correctness with Types
Iain Hull
 
PPTX
Scala best practices
Alexander Zaidel
 
PDF
Scala for Java Developers
Martin Ockajak
 
PDF
Going bananas with recursion schemes for fixed point data types
Pawel Szulc
 
PDF
Meet scala
Wojciech Pituła
 
PDF
Event Sourcing and Functional Programming
GlobalLogic Ukraine
 
PDF
Functional Programming & Event Sourcing - a pair made in heaven
Pawel Szulc
 
PDF
Type classes 101 - classification beyond inheritance
Alexey Raga
 
PDF
Generic Functional Programming with Type Classes
Tapio Rautonen
 
PDF
Option, Either, Try and what to do with corner cases when they arise
Michal Bigos
 
PDF
Towards Reliable Lookups - Scala By The Bay
BoldRadius Solutions
 
PPTX
Scala in a Java 8 World
Daniel Blyth
 
PDF
Scalapeno18 - Thinking Less with Scala
Daniel Sebban
 
PPTX
Scala Back to Basics: Type Classes
Tomer Gabel
 
PDF
Scala vs Java 8 in a Java 8 World
BTI360
 
PDF
Monads asking the right question
Pawel Szulc
 
PDF
Scala: A brief tutorial
Oliver Szymanski
 
PDF
Introduction to type classes
Pawel Szulc
 
PDF
Introduction to type classes in 30 min
Pawel Szulc
 
PDF
Beyond Scala Lens
Julien Truffaut
 
Improving Correctness with Types
Iain Hull
 
Scala best practices
Alexander Zaidel
 
Scala for Java Developers
Martin Ockajak
 
Going bananas with recursion schemes for fixed point data types
Pawel Szulc
 
Meet scala
Wojciech Pituła
 
Event Sourcing and Functional Programming
GlobalLogic Ukraine
 
Functional Programming & Event Sourcing - a pair made in heaven
Pawel Szulc
 
Type classes 101 - classification beyond inheritance
Alexey Raga
 
Generic Functional Programming with Type Classes
Tapio Rautonen
 
Option, Either, Try and what to do with corner cases when they arise
Michal Bigos
 
Towards Reliable Lookups - Scala By The Bay
BoldRadius Solutions
 
Scala in a Java 8 World
Daniel Blyth
 
Scalapeno18 - Thinking Less with Scala
Daniel Sebban
 
Scala Back to Basics: Type Classes
Tomer Gabel
 
Scala vs Java 8 in a Java 8 World
BTI360
 
Monads asking the right question
Pawel Szulc
 
Scala: A brief tutorial
Oliver Szymanski
 
Introduction to type classes
Pawel Szulc
 
Introduction to type classes in 30 min
Pawel Szulc
 
Beyond Scala Lens
Julien Truffaut
 

Recently uploaded (20)

PDF
Addressing The Cult of Project Management Tools-Why Disconnected Work is Hold...
OnePlan Solutions
 
PDF
Internet Downloader Manager (IDM) Crack 6.42 Build 42 Updates Latest 2025
itskinga12
 
PDF
Raksha Bandhan Grocery Pricing Trends in India 2025.pdf
Actowiz Solustions
 
PDF
Audit Checklist Design Aligning with ISO, IATF, and Industry Standards — Omne...
rohnjim07
 
PDF
Odoo Companies in India – Driving Business Transformation.pdf
azhuhardeen1968
 
PDF
Flood Susceptibility Mapping Using Image-Based 2D-CNN Deep Learnin. Overview ...
lawrenceomai2
 
PDF
Navsoft: AI-Powered Business Solutions & Custom Software Development
Navsoft
 
PPTX
history of c programming in notes for students .pptx
Vijayakumari829030
 
PDF
Understanding Forklifts - TECH EHS Solution
TECH EHS Solution
 
PDF
How Creative Agencies Leverage Project Management Software.pdf
Orangescrum
 
PDF
Adobe Premiere Pro 2025 (v24.5.0.057) Crack free
ghrom2211g
 
PDF
T3DD25 TYPO3 Content Blocks - Deep Dive by André Kraus
Andre Kraus
 
PDF
PTS Company Brochure 2025 (1).pdf.......
pts464036
 
PDF
wealthsignaloriginal-com-DS-text-... (1).pdf
skmiani786
 
PDF
Claude Code: Everyone is a 10x Developer - A Comprehensive AI-Powered CLI Tool
William Chong
 
PPTX
Transform Your Business with a Software ERP System
Canada Software Company
 
PPTX
VVF-Customer-Presentation2025-Ver1.9.pptx
blackmambaettijean
 
PPTX
Introduction to Artificial Intelligence
lohedi9363
 
PDF
Which alternative to Crystal Reports is best for small or large businesses.pdf
Varsha Nayak
 
PDF
Wondershare Filmora 15 Crack With Activation Key [2025
ghrom2211g
 
Addressing The Cult of Project Management Tools-Why Disconnected Work is Hold...
OnePlan Solutions
 
Internet Downloader Manager (IDM) Crack 6.42 Build 42 Updates Latest 2025
itskinga12
 
Raksha Bandhan Grocery Pricing Trends in India 2025.pdf
Actowiz Solustions
 
Audit Checklist Design Aligning with ISO, IATF, and Industry Standards — Omne...
rohnjim07
 
Odoo Companies in India – Driving Business Transformation.pdf
azhuhardeen1968
 
Flood Susceptibility Mapping Using Image-Based 2D-CNN Deep Learnin. Overview ...
lawrenceomai2
 
Navsoft: AI-Powered Business Solutions & Custom Software Development
Navsoft
 
history of c programming in notes for students .pptx
Vijayakumari829030
 
Understanding Forklifts - TECH EHS Solution
TECH EHS Solution
 
How Creative Agencies Leverage Project Management Software.pdf
Orangescrum
 
Adobe Premiere Pro 2025 (v24.5.0.057) Crack free
ghrom2211g
 
T3DD25 TYPO3 Content Blocks - Deep Dive by André Kraus
Andre Kraus
 
PTS Company Brochure 2025 (1).pdf.......
pts464036
 
wealthsignaloriginal-com-DS-text-... (1).pdf
skmiani786
 
Claude Code: Everyone is a 10x Developer - A Comprehensive AI-Powered CLI Tool
William Chong
 
Transform Your Business with a Software ERP System
Canada Software Company
 
VVF-Customer-Presentation2025-Ver1.9.pptx
blackmambaettijean
 
Introduction to Artificial Intelligence
lohedi9363
 
Which alternative to Crystal Reports is best for small or large businesses.pdf
Varsha Nayak
 
Wondershare Filmora 15 Crack With Activation Key [2025
ghrom2211g
 

Improving Correctness With Type - Goto Con Berlin

  • 8. What is a function ? f x y Domain Range
  • 10. Never use nulls … period “Null references, my billion dollar mistake” - Tony Hoare, QCon 2009
  • 11. All data is immutable
  • 12. Do not throw exceptions
  • 14. case class Customer(name: String, preferredCurrency: String) { require(Currency.isValid(preferredCurrency)) } val customer = Customer(name = "Joe Bloggs", preferredCurrency = "TXL") This is an airport?
  • 15. class Currency private (val code: String) extends AnyVal object Currency { val USD: Currency = new Currency("USD") val EUR: Currency = new Currency("EUR") // ... def from(code: String): Option[Currency] = ??? }
  • 16. case class Customer(name: String, preferredCurrency: Currency) def creditCardRate(customer: Customer): BigDecimal = { if (customer.preferredCurrency == "USD") BigDecimal("0.015") else BigDecimal("0.025") } Always false
  • 17. import org.scalactic.TypeCheckedTripleEquals._ case class Customer(name: String, preferredCurrency: Currency) def creditCardRate(customer: Customer): BigDecimal = { if (customer.preferredCurrency === "USD") BigDecimal("0.015") else BigDecimal("0.025") } Does not compile
  • 18. import org.scalactic.TypeCheckedTripleEquals._ case class Customer(name: String, preferredCurrency: Currency) def creditCardRate(customer: Customer): BigDecimal = { if (customer.preferredCurrency === Currency.USD) BigDecimal("0.015") else BigDecimal("0.025") }
  • 19. val order: Order = ??? val customer: Customer = ??? val creditCardCharge = order.amount + creditCardRate(customer) Eeek this a bug
  • 20. class MoneyAmount(val amount: BigDecimal) extends AnyVal { def + (rhs: MoneyAmount): MoneyAmount = new MoneyAmount(amount + rhs.amount) def - (rhs: MoneyAmount): MoneyAmount = new MoneyAmount(amount - rhs.amount) def * (rhs: Rate): MoneyAmount = new MoneyAmount(amount * rhs.size) } class Rate(val size: BigDecimal) extends AnyVal { def * (rhs: Rate): MoneyAmount = rhs * this }
  • 21. val order: Order = ??? val customer: Customer = ??? val creditCardCharge = order.amount + creditCardRate(customer) Does not compile
  • 22. Using wrapper types • Do not abuse primitives • Control the available values • Control the available operations • Move validation to the correct place
  • 24. def average(items: List[Int]): Int = items.sum / items.size scala> average(List(5)) res1: Int = 5 scala> average(List(5, 10, 15)) res2: Int = 10 scala> average(List()) java.lang.ArithmeticException: / by zero at .average0(<console>:8) ... 35 elided
  • 25. import org.scalactic.Every def average(items: Every[Int]): Int = items.sum / items.size scala> average(Every(5)) res1: Int = 5 scala> average(Every(5, 10, 15)) res2: Int = 10 scala> average(Every()) <console>:10: error: not enough arguments for method apply: (firstElement: T, otherElements: T*)org.scalactic.Every[T] in object Every. Unspecified value parameters firstElement, otherElements. average(Every())
  • 26. import org.scalactic.Every def average(items: Every[Int]): Int = items.sum / items.size def average(first: Int, rest: Int*): Int = average(Every(first, rest: _*)) scala> average(5) res1: Int = 5 scala> average(5, 10, 15) res2: Int = 10 scala> average() <console>:11: error: not enough arguments for method average: (first: Int, rest: Int*)Int. Unspecified value parameters first, rest. average()
  • 27. def describeSomeList(items: List[Int]): String = { val ave = average(items) s"A list with average $ave" } Does not compile
  • 28. def maybeNonEmpty(items: List[Int]): Option[Every[Int]] = { items match { case head :: tail => Some(Every(head, tail)) case Nil => None } } scala> maybeNonEmpty(List(5, 10, 15)) res1: Option[Every[Int]] = Some(Every(5, 10, 15)) scala> maybeNonEmpty(List()) res2: Option[Every[Int]] = None
  • 29. def describeSomeList(items: List[Int]): String = { val ave = average(items) s”A list with average $ave" } def describeSomeList(items: List[Int]): String = { maybeNonEmpty(items) match { case Some(is) => val ave = average(is) s"A list with average $ave" case None => "An empty list" } } Does not compile
  • 30. Non empty lists • Some lists cannot be empty • Tell the compiler • One-plus-var-args idiom
  • 32. Agent Id Type Status Host In Use By A01 1 Active 10.0.0.1 A02 1 Failed 10.0.0.2 J01 A03 2 Active 10.0.0.3 J03 A04 2 Waiting 10.0.0.4 Job Id Type Status Submitted By Processed By J01 1 Waiting Fred J02 1 Active Wilma A01 J03 2 Complete Barney A03 Jobs Agents
  • 33. case class Agent(agentId: String, jobType: Int, host: String, port: Int, status: String, // Waiting | Active | Failed maybeLastAccessed: Option[DateTime], inUse: Boolean, maybeInUseBy: Option[String]) case class Job(referenceId: String, jobType: Int, status: String, // Waiting | Active | Complete submittedBy: String, submittedAt: DateTime, maybeStartedAt: Option[DateTime], maybeProcessedBy: Option[String], maybeCompletedAt: Option[DateTime])
  • 34. case class Agent(agentId: String, jobType: JobType, address: AgentAddress, status: AgentStatus, lastAccessed: Option[DateTime], inUse: Boolean, maybeInUseBy: Option[String]) case class Job(referenceId: String, jobType: JobType, status: JobStatus, submittedBy: User, submittedAt: DateTime, maybeStartedAt: Option[DateTime], maybeProcessedBy: Option[String], maybeCompletedAt: Option[DateTime])
  • 35. sealed abstract class JobType(val value: Int) case object SmallJob extends JobType(1) case object LargeJob extends JobType(2) case object BatchJob extends JobType(3) sealed abstract class AgentStatus(val value: String) case object AgentWaiting extends AgentStatus("Waiting") case object AgentActive extends AgentStatus("Active") case object AgentFailed extends AgentStatus("Failed") sealed abstract class JobStatus(val value: String) case object JobWaiting extends JobStatus("Waiting") case object JobActive extends JobStatus("Active") case object JobCompelete extends JobStatus("Complete") case class AgentAddress(host: String, port: Int) case class User(name: String)
  • 36. case class Agent(agentId: String, jobType: JobType, address: AgentAddress, status: AgentStatus, lastAccessed: Option[DateTime], inUse: Boolean, maybeInUseBy: Option[String]) case class Job(referenceId: String, jobType: JobType, status: JobStatus, submittedBy: User, submittedAt: DateTime, maybeStartedAt: Option[DateTime], maybeProcessedBy: Option[String], maybeCompletedAt: Option[DateTime])
  • 37. import tag.@@ trait Foo def onlyFoo(value: String @@ Foo): String = s"It a foo: $value" scala> onlyFoo("simple string") <console>:13: error: type mismatch; found : String("simple string") required: tag.@@[String,Foo] (which expands to) String with tag.Tagged[Foo] onlyFoo("simple string") ^ scala> val foo = tag[Foo]("Foo String") foo: tag.@@[String,Foo] = Foo String scala> onlyFoo(foo) res2: String = It a foo: Foo String def anyString(value: String): String = s"Just a string: $value” scala> anyString(foo) res6: String = Just a string: Foo String
  • 38. case class Agent(agentId: String @@ Agent, jobType: JobType, address: AgentAddress, status: AgentStatus, lastAccessed: Option[DateTime], inUse: Boolean, maybeInUseBy: Option[String @@ Job]) case class Job(referenceId: String @@ Job, jobType: JobType, status: JobStatus, submittedBy: User, submittedAt: DateTime, maybeStartedAt: Option[DateTime], maybeProcessedBy: Option[String @@ Agent], maybeCompletedAt: Option[DateTime])
  • 39. case class Job(referenceId: String @@ Agent, jobType: JobType, status: JobStatus, submittedBy: User, submittedAt: DateTime, maybeStartedAt: Option[DateTime], maybeProcessedBy: Option[String @@ Job], maybeCompletedAt: Option[DateTime]) Waiting | Active | Complete
  • 40. def recordCompletionMetrics(job: Job): Unit = { for( startedAt <- job.maybeStartedAt ; completedAt <- job.maybeCompletedAt ) { writeJobEvent( event = "Completed", time = completedAt, referenceId = job.referenceId, waitingTime = (startedAt - job.submittedAt), executionTime = (completedAt - startedAt)) } }
  • 41. def recordCompletionMetrics(job: Job): Unit = { require(job.status = JobComplete) require(job.maybeStartedAt.isDefined) require(job.maybeCompletedAt.isDefined) for (startedAt <- job.maybeStartedAt ; completedAt <- job.maybeCompletedAt ) { writeJobEvent ( event = "Completed", time = completedAt, referenceId = job.referenceId, waitingTime = (startedAt - job.submittedAt), executionTime = (completedAt - startedAt)) } }
  • 42. sealed trait Job { def referenceId: String @@ Job def status: JobStatus def submittedBy: User def submittedAt: DateTime } case class WaitingJob(referenceId: String @@ Job, submittedBy: User, submittedAt: DateTime) extends Job { val status: JobStatus = JobWaiting }
  • 43. sealed trait Job { def referenceId: String @@ Job def status: JobStatus def submittedBy: User def submittedAt: DateTime } case class ActiveJob(referenceId: String @@ Job, submittedBy: User, submittedAt: DateTime, startedAt: DateTime, processedBy: String @@ Agent) extends Job { val status: JobStatus = JobActive }
  • 44. sealed trait Job { def referenceId: String @@ Job def status: JobStatus def submittedBy: User def submittedAt: DateTime } case class CompleteJob(referenceId: String @@ Job, submittedBy: User, submittedAt: DateTime, startedAt: DateTime, processedBy: String @@ Agent, completedAt: DateTime) extends Job { val status: JobStatus = JobComplete }
  • 45. def recordCompletionMetrics(job: CompleteJob): Unit = { writeJobEvent( event = "Completed", time = job.completedAt, referenceId = job.referenceId, waitingTime = (job.startedAt - job.submittedAt), executionTime = (job.completedAt - job.startedAt)) }
  • 46. Algebraic data types • Simply sealed traits and case classes • Exposes the shape of your data • Use this shape to control possible states
  • 48. trait Handle { def name: Name def owner: User } trait Data { def stream: InputStream } trait Storage { def create(name: Name, owner: User, data: InputStream): Handle def find(name: Name): Option[Handle] def read(handle: Handle): Try[Data] }
  • 49. case class HandleImpl(id: Long, name: Name, owner: User) extends Handle case class DataImpl(stream: InputStream) extends Data class StorageImpl extends Storage { // ... def read(entryDesc: Handle): Try[Data] = { require(entryDesc.isInstanceOf[HandleImpl]) val impl = entryDesc.asInstanceOf[HandleImpl] dataStore.read(impl.id) }
  • 50. val riakStorage: Storage = ??? val maybeData = for { handle <- riakStorage.find(someName) data <- riakStorage.read(handle).toOption } yield data
  • 51. val riakStorage: Storage = ??? val memoryStorage: Storage = ??? val maybeData = for { handle <- riakStorage.find(someName) data <- memoryStorage.read(handle).toOption } yield data IllegalArgumentException
  • 52. trait HandleLike { def name: Name def owner: User } trait DataLike { def stream: InputStream } trait Storage { type Handle <: HandleLike type Data <: DataLike def create(name: Name, owner: User, data: InputStream): Handle def find(name: Name): Option[Handle] def read(handle: Handle): Try[Data] }
  • 53. private[impl] class StorageImpl extends Storage { type Handle = HandleImpl type Data = DataImpl case class HandleImpl(id: Long, name: Name, owner: User) extends HandleLike case class DataImpl(stream: InputStream) extends DataLike // ... def read(entryDesc: Handle): Try[Data] = { dataStore.read(entryDesc.id) } }
  • 54. val riakStorage: Storage = ??? val memoryStorage: Storage = ??? val maybeData = for { handle <- riakStorage.find(someName) data <- memoryStorage.read(handle).toOption } yield data error: type mismatch; found : handle.type (with underlying type riakStorage.Handle) required: memoryStorage.Handle data <- memoryStorage.read(handle).toOption ^
  • 55. val riakStorage1: Storage = ??? val riakStorage2: Storage = ??? val maybeData = for { handle <- riakStorage1.find(someName) data <- riakStorage2.read(handle).toOption } yield data error: type mismatch; found : handle.type (with underlying type riakStorage1.Handle) required: riakStorage2.Handle data <- riakStorage2.read(handle).toOption ^
  • 56. Path dependent types • Family polymorphism • Remove casts • Bound to instances not classes
  • 57. More advanced techniques • Self-recursive types • Phantom types • Shapeless References: workday.github.io
  • 58. “Types = For All Tests = There Exists” - Amanda Laucher
  • 60. “A mind is like a parachute, it doesn’t work unless its open” - Frank Zappa

Editor's Notes

  • #4: Principle Engineer – Scala, Akka – build elastic grid service – other services use this scalable and reliable async task execution All my slides, notes and references are available on blog So “Improving correctness with types” …
  • #5: Sounds complicate – Not – low hanging fruit – not functional – OOP In the 90s – Defensive programming Garbage in garbage out – Robust Shipping cost zero – country is null – index is -1 – file not found – user entered a bad country code Tracing a bug back to its cause – Andy – Shawshank Redemption.
  • #6: Fail fast Find bugs quickly – Easier to fix Requires lots of tests Exceptions can reach customers
  • #7: Bertrand Meyer - Eiffle Design by Contract Systematic Fail fast - goal removes defensive programming tool support: property checking, JML, Spec#
  • #8: I am sure a lot of you have seen this Knuth quote So what – What does it mean? Formal Methods - not for real code … but lets explore this – first question …
  • #9: Maps – x Domain – y Range All of the domain – Total Function Code define domain + range with types – fucntion's signature – compiler Do not accept all possible values in their domain – fail fast, exceptions – return garbage – Domain swiss cheese Correctness is about choosing types that shrink the domain and the range Filling in the holes – functions "total” – Removing the chance of failure (construction / validation / compiler)
  • #10: I want to start by skipping through some simple rules for Correctness No detail Covered else where - links in blog
  • #11: Tony Hoare introduced Null references in ALGOL W back in 1965 “simply because it was so easy to implement”. He talks about that decision considering it “my billion-dollar mistake”. Simply use Option - Capture nulls from java code
  • #12: Nice properties – once constructed correctly it stays correct Actors
  • #13: Users don't care why it failed From Effective Java there are two types Business logic errors Capture these with types Option / Try / Validation / Or Programming Errors Prevent these with types Option / NonEmptyList / Type safe wrappe
  • #14: Wrapper types Scala
  • #15: Test Currency is not a String – Only 176 international currencies (ISO 4217) They all have exactly three uppercase letters 17576 unique combinations of this rule, plain strings are effectively infinite
  • #16: Value class - Extends AnyVal Private constructor Currency.from returns an Option Enumeration
  • #17: Dangers of refactoring types – broad operations and type inference This function creditCardRate still compiles
  • #18: Can use ScalaZ or Scalactic triple equals Implementation
  • #19: Can use ScalaZ or Scalactic triple equals Implementation
  • #20: Rates and amounts have different semantics In this case the rate is a scalar, these values can be added, subtracted, multiplied and divided. Rates can multiply or divide amounts, scaling their size Amounts have a unit, like a currency, they can only be added and subtracted If you multiply two amounts, you square the unit (probably not what you want) If you divide two amounts, you get a rate
  • #21: Now Rates cannot be added to amounts
  • #22: Rates and amounts have different semantics In this case the rate is a scalar, these values can be added, subtracted, multiplied and divided. Rates can multiply or divide amounts, scaling their size Amounts have a unit, like a currency, they can only be added and subtracted If you multiply two amounts, you square the unit (probably not what you want) If you divide two amounts, you get a rate
  • #23: Primitively type code is weakly typed Validation – Reduces code and bugs Reduces tests required
  • #24: … Lets look at a simple example
  • #26: Now the compiler prevents us from getting the average of an empty list
  • #27: Var-args are syntactic sugar for list arguments One plus var args == Non-empty var-args
  • #31: Cannot be empty – operation not supported – empty does not make sense Validation failures – banking customer’s list of accounts Compiler will tell everyone else
  • #32: Algebraic data types == traits and case classes
  • #33: Grid team – schedule and execute jobs on a cluster of agent machines Customer code in DMZ – Parallelize large jobs like payroll
  • #34: Here is a naive implementation of data model classes One to one mapping from database schema Options are prefixed with Maybe First lets remove some of the primitives
  • #37: Enforce with Tag types
  • #38: Tag types – shapeless – scalaz Leverage an optimization in scala compiler – the tag is removed at runtime Value remains the underlying type with extra information for type checking at compile time
  • #39: No control over construction or operations – Semantics require a wrapper type Best used for marking primary/foreign keys
  • #42: Fail fast – is not an option Must always record metrics
  • #46: Guaranteed to write metrics with the correct value Bugs where startedAt not set cause compile error
  • #47: If a function throws IllegalArgumentException or method throws IllegalStateException or InvalidOperationException Type is too broad consider breaking it up with an ADT
  • #48: Path dependent types
  • #49: Family polymorphism Java XML libraries Handle is created – and consumed by Storage
  • #53: Renamed the public traits Entry and EntryDescription are abstract types – extend the public traits Methods use the abstract member types
  • #54: Implement the abstract types Read method can access id directly
  • #55: Implement the abstract types Read method can access id directly
  • #56: Implement the abstract types Read method can access id directly
  • #57: Multi tenant – encryption
  • #58: Final type of a class is passed into a trait has a generic parameter – enums – generic repositories Any type that only exists at compile time – track objects state – enable/disable operations – type-safe builder A library that pushes the boundary of what’s possible at compile time
  • #59: Spectrum
  • #60: Object oriented abstractions/classes are used to group data or operations For correctness semantics come first, describe them with a type use the compiler to prove your correctness
  • #61: Scala is a very broad church – from OOP to FP Both have lots to teach – lots of techniques can be applied to both
  • #62: Slides, notes and references on the fledgling workday tech blog Any questions?