Quick check: does your code work?

(by )

… because mine didn’t. At least not correctly in all cases. I’m talking about my Rust library lzf-rs, a port of the small compression library LibLZF. It started as a wrapper around the C library, but I rewrote it in Rust for v0.3. I now found three major bugs and I want to tell you how (tl;dr: Bug fixes and tests: PR #1).

For a university paper I’m currently looking into different methods for automatic test generation, such as symbolic execution, fuzzing and random test generation. One of the popular methods is property-based testing, with QuickCheck being the best known application of this method. QuickCheck started as a Haskell library (see the original paper), but is ported to several other languages, including C (see theft) and of course Rust: QuickCheck.

I knew this library for some time now, but never used it. So today I decided to use it for my lzf crate. Let me walk you through the process on how to use it.

First, you need to add the dependency and load it in your code. Add it to your Cargo.toml:

[dev-dependencies]
quickcheck = "0.2"

Add this to your src/lib.rs:

#[cfg(test)]
extern crate quickcheck;

Next, you need to decide what property to test. As the compression library needs data to compress and valid data to decompress, I decided the easiest way to go through everything would be to test the round trip: Compress some random input, then decompress the compressed data and check that it maches the initial input. This should hold for all inputs, that can be compressed. Everything that cannot be compressed can be ignored at this point (a first test allowing all input turned up too many false-positives).

The property function looks like this:

use quickcheck::{quickcheck, TestResult};

fn compress_decompress_round(data: Vec<u8>) -> TestResult {
    let compr = match compress(&data) {
        Ok(compr) => compr,
        Err(LzfError::NoCompressionPossible) => return TestResult::discard(),
        Err(LzfError::DataCorrupted) => return TestResult::discard(),
        e @ _ => panic!(e),
    };

    let decompr = decompress(&compr, data.len()).unwrap();
    TestResult::from_bool(data == decompr)
}

Of course we need to test this. QuickCheck handles the heavy part for us:

#[test]
fn qc_roundtrip() {
    quickcheck(compress_decompress_round as fn(_) -> _);
}

Running the tests immediately turned up a bug:

$ cargo test
running 13 tests
...
thread 'safe' panicked at 'index out of bounds: the len is 67 but the index is 67', ../src/libcollections/vec.rs:1187
test quickcheck_test::qc_roundtrip ... FAILED

failures:

---- quickcheck_test::qc_roundtrip stdout ----
    thread 'quickcheck_test::qc_roundtrip' panicked at '[quickcheck] TEST FAILED (runtime error). Arguments: ([0, 0, 0, 0, 1, 0, 0, 2, 0, 0, 3, 0, 0, 4, 0, 1, 1, 0, 1, 2, 0, 1, 3, 0, 1, 4, 0, 0, 5, 0, 0, 6, 0, 0, 7, 0, 0, 8, 0, 0, 9, 0, 0, 10, 0, 0, 11, 0, 1, 5, 0, 1, 6, 0, 1, 7, 0, 1, 8, 0, 1, 9, 0, 1, 10, 0, 0])
Error: "index out of bounds: the len is 67 but the index is 67"', /home/jer/.cargo/registry/src/github.com-88ac128001ac3a9a/quickcheck-0.2.27/src/tester.rs:116

It would be okay to return an error, but out-of-bounds indexing (and thus panicing) is a clear bug in the library. Luckily, QuickCheck automatically collects the input the test failed on, tries to shrink it down to a minimal example and then displays it. I figured this bug is happening in the compress step, so I added an explicit test case for that:

#[test]
fn quickcheck_found_bug() {
    let inp = vec![0, 0, 0, 0, 1, 0, 0, 2, 0, 0, 3, 0, 0, 4, 0, 1, 1, 0, 1, 2, 0, 1, 3, 0, 1, 4, 0, 0, 5, 0, 0, 6, 0, 0, 7, 0, 0, 8, 0, 0, 9, 0, 0, 10, 0, 0, 11, 0, 1, 5, 0, 1, 6, 0, 1, 7, 0, 1, 8, 0, 1, 9, 0, 1, 10, 0, 0];

    assert_eq!(LzfError::NoCompressionPossible, compress(&inp).unwrap_err());
}

Taking a look at the full stack trace (run RUST_BACKTRACE=1 cargo test) lead to the exact location of the bug. Turns out I was checking the bounds on the wrong variable. I fixed it in 88242ffe. After this fix, I re-run the QuickCheck tests and it discovered a second bug ([0] lead to another out-of-bounds access) and I fixed it in 5b2e8150. I found a third bug, which I (hopefully) fixed, but I don’t fully understand how it’s happening yet.

Additionally to the above I added QuickCheck tests comparing the Rust functions to the output of the C library. The full changeset is in PR #1 (currently failing tests, because of a broken Clippy on newest nightly).

Now quick, check your own code!

Update 2016-05-13: QuickCheck can be added as a dev dependency, instead of making it optional and activating it with a feature. Additionally it’s necessary to use names from the crate (or specify the full path). Thanks to RustMeUp and burntsushi in the reddit thread.

Releasing Rust projects, the automatic way

(by )

One of the strength of the Rust ecosystem is its package manager Cargo and the package system crates.io. Pulling in some dependencies is as easy as adding it to your projects’ Cargo.toml and running cargo build.

Releasing your own project is nearly as easy. Make sure you got everything working, add a version number in your Cargo.toml and run cargo publish. It will package the code and upload it.

Of course that’s not the whole story. For a proper release that people will like to use you want to follow some good practices:

  1. Have tests and make sure they are green. Most people already use Travis CI. The travis-cargo project makes it easy to test all channels (stable, beta, nightly, maybe a specific version), run documentation tests and upload coverage info and documentation.
  2. Keep a changelog. Your software is not done with the first release. It changes, bugs get fixed, new features get introduced. Keeping a changelog helps users to understand what changed from version to version.
  3. Pick a version number. This is not nearly as easy as it sounds. Your project’s version number carries a lot of information. Often more than we’d like. The Rust ecosystem recommends to strictly follow semver, but even that has ambiguities and requires a lot of thinking to do the right thing.
  4. Release on the right platforms. Even though crates.io is the package system you want your project in, having a GitHub release is a nice to have. Maybe your project is an application and you want to distributed pre-compiled binaries.

At the moment a lot of people process each of these steps manually. Maybe they have a few scripts lying around that help in reducing the number of errors that can happen. All in all there’s still to much manual work required. It does not have to be that way.

Stephan Bönnemann build semantic-release for the npm eco system a while ago. It allows for fully automated package publishing by relying on a few conventions and a lot of automatisation.

I wanted to have a similar thing for the Rust eco system. That’s why Jan aka @neinasaservice and I sat down at last year’s 32c3 and started hacking on a tool to achieve that.

It took us a while to get something working, but now I can present to you:

🚀 semantic-rs 🚀

What is it?

semantic-rs gives you fully automatic crate publishing. It runs after your tests are finished, analyzes the latest commits, picks out a version number, creates a commit and git tag, creates a release on GitHub and publishes your crate on crates.io.

All you have to do is follow the Angular.js commit message conventions, which are really easy. Your commit message consists of a type, an optional scope, a subject and an optional body.

<type>(<scope>): <subject>
<BLANK LINE>
<body>

The type should be one of the following:

The next version number is decided depending on type of commits since the last release. A feat will trigger a minor version bump, a fix a patch version bump. The other types don’t cause a release.

However, should you make a breaking change, you need to document this in the commit message as well. Include BREAKING CHANGE in the body of the commit message and add information what changed and how to change existing code to make it work again (if possible). This will then trigger a major version bump.

What works?

The Happy Path.

If everything is configured properly and the tests succeed, semantic-rs will correctly pick a version, add changes to a Changelog.md, create a release commit, tag it, create a GitHub release and publish on crates.io.

The test-project crate is published completely automatically now.

semantic-rs already has some safety features integrated. It will only run when the build is on the master branch (or the branch you configure), and it will make sure that it only runs once on the build leader (which is always the first job in your build matrix). It also waits for the other jobs to finish and succeed before trying to do a release.

What’s missing?

In case of problems, semantic-rs will just bail out. That might leave you with changes pushed to GitHub, but not published on crates.io (at worst), or with no visible changes but no new release (at best). We’re working hard on making this safer to use with better error reporting.

Installing semantic-rs from source each time your tests run adds significant overhead to the build time, as it must be compiled again and again. In the future we will provide binary releases that you can simpy drop into Travis and it will work.

It’s not released on crates.io yet, because we’re using a dependency from GitHub. That one should soon be fixed once they push out a release as well.


Now that we got that out of the way, let’s see how to actually use it.

How to use it

Right now usage of semantic-rs is not as straight-forward as it can be, we’re working on that. To run it on Travis you have to follow these manual steps.

The first job of your build matrix will be used to do the publish, so make sure it is a full build. Make it your stable build to be on the safe side. Your .travis.yml should contain this:

rust:
  - stable
  - beta
  - nightly

Next, install semantic-rs on Travis by adding this to your .travis.yml:

before_script:
  - |
      cargo install --git https://github.com/semantic-rs/semantic-rs --debug &&
      export PATH=$HOME/.cargo/bin:$PATH &&
      git config --global user.name semantic-rs &&
      git config --global user.email semantic@rs

(This installs semantic-rs in debug mode, which is quite a lot faster to compile without significant runtime impact at the moment)

This will also set a git user and mail address, which will be used to create the git tag. You can change this to your own name and email address.

Now add a personal access token from GitHub. It only needs the public_repo permission (unless of course your repository is private).

Add it to your .travis.yml encrypted:

$ travis encrypt GH_TOKEN=<your token here> --add env.global

To release on crates.io you need a token as well. Get it from your account settings and add it to your .travis.yml:

$ travis encrypt CARGO_TOKEN=<your token here> --add env.global

At last make sure semantic-rs runs after the tests succeeds. Add this to the .travis.yml:

after_success:
  - semantic-rs

Make sure to follow the AngularJS Git Commit Message Conventions. semantic-rs will use this convention to decide which should be the next release version.

See the full .travis.yml of our test project.

What’s next?

We still have some plans for semantic-rs.

First we need to make it more safe and easy to integrate into a project’s workflow.

We also want to look into how we can determine more information about a project to assist the developers. Ideas we have include running integration tests from the previous version to detect breaking changes and statically analyzing code changes to determine their impact. Rust’s RFC 1105 already defines the impact certain changes should have. Maybe it is possible to automatically check some of these things.

We would be happy to hear from you. If semantic-rs breaks or otherwise does not fit into your workflow, let us know. Open an issue to discuss this. If you want to use it and have more ideas what is necessary or could be improved, talk to us!

Load your config into your environment

(by )

It became quite popular to store certain configuration variables in your environment, to be later loaded by your aplication. This way of having all configuration available is part of the twelve-factor app definition.

The idea is to place your variables in a .env file and load this as environment variables to be accessed by your application. Most of the time you can just plug in one of the dozens of libraries that load this config from a file and your application can fetch the values as normal from the environment.

But sometimes you might want to have this config loaded into your shell or some other interactive tool. That’s where you can use dotenv-shell, a small tool, written in Rust. It wraps around rust-dotenv and allows to load the config and then execute a program (your shell by default).

First install the tool:

cargo install dotenv-shell

Create a .env file with your config:

echo "REDIS_URL=redis://localhost:6379" > .env

Then start a shell and you can access the configuration as environment variables:

$ dotenv-shell
$ echo $REDIS_URL
redis://localhost:6379

Of course you can launch whatever tool you want:

$ dotenv-shell /usr/bin/irb
irb(main):001:0> ENV['REDIS_URL']
=> "redis://localhost:6379"

Available on GitHub and as a Crate.

Update:

Only now I learn about another application doing just the same: benv by @timonvonk.

Create GitHub releases with Rust using Hubcaps

(by )

For one of my projects I need to access the GitHub API to create releases. Luckily, through reading This Week in Rust #119, I discovered Hubcaps, a library for interfacing with GitHub.

Though it lacks some documentation and is not yet fully finished, it already provides APIs for the relevant parts regarding releases.

On GitHub a release is always associated with a Git tag, but need to be specifially created to be shown on the site with the full description and optional assets attached to them. It is also possible to mark releases as a draft (then it is only visible to repo contributors) or as a pre-release, useful for alpha releases of a library or application.

Once you have a Git tag in your repository the API can be used to create an associated release using the following Rust code:

extern crate hyper;
extern crate hubcaps;

use std::{env, process};
use hyper::Client;
use hubcaps::{Github, ReleaseOptions};

fn main() {
    let token = match env::var("GITHUB_TOKEN").ok() {
        Some(token) => token,
        _ => {
            println!("example missing GITHUB_TOKEN");
            process::exit(1);
        }
    };

    let client = Client::new();
    let github = Github::new("hubcaps/0.1.1", &client, Some(token));

    let user = "username";
    let repo = "my-library";
    let name = "ONE DOT OH";
    let body = "This is a long long body";
    let tag = "v1.0.0";

    let opts = ReleaseOptions::builder(tag)
        .name(name)
        .body(body)
        .commitish("master")
        .draft(false)
        .prerelease(false)
        .build();

    let repo = github.repo(user, repo);
    let release = repo.releases();
    match release.create(&opts) {
        Ok(_) => println!("Release created"),
        Err(e) => println!("Failed to create release: {:?}", e),
    };
}

If you clone Hubcaps and put the above code in a file named releases.rs into the examples/ folder, you can run it with cargo run --example releases. You need to get a personal access token first and set it in your environment (export GITHUB_TOKEN=<your token here>)

Of course it has the repository and tag hard-coded, but this is easy to adapt.

The code was tested with Rust 1.6 and hubcaps 0.1.1

Updated version to work with hubcaps 0.2.0 online.

2015 in many words and some photos

(by )

Last year I summarized my year in a long blog post, and with 2015 being nearly over here comes this year’s version.

My year in numbers

I was at 6 different conferences in 6 different cities across 5 different countries:

  1. FOSDEM in Brussel, Belgium (February)
  2. .concat() in Salzburg, Austria (March)
  3. otsconf in Dortmund, Germany (August). I was one of the organizers
  4. Redis Dev Day in London, Great Britain (October)
  5. Hungarian Web Conference 2015 in Budapest, Hungaria (November). I gave a talk about Rust
  6. 32c3 in Hamburg, Germany (December)

This includes the first conference I ever organized (otsconf) and my first real conference talk (Web Conference). I hope I get more opportunities to speak next year.

GitHub says I made 1434 countable contributions (1650 if you count private repositories) across dozens of repositories. I now maintain 8 published Rust crates (9 to be really correct) as well as 5 unreleased Rust libraries. I hope to finish up the remaining crates and polish the existing ones (and maybe bump them to a stable 1.0)

I released 6 versions of hiredis, 2 of hiredis-rb, 4 of hiredis-node and 2 of hiredis-py. My plan for 2016 is to mark hiredis as stable, push out the 1.0 release and then update the others as well (considering it might be used in Rails soon, this seems to be a good idea)

About 158 mails on the Redis mailing list were sent by me.

I posted 196 photos on Instagram and my ~/photos/2015 directory now contains about 4600 more photos.

I wrote more than 8600 tweets, more than half of them in reply to someone. I didn’t quite reach my own goal of writing a bit more, but 12 blog posts still come down to about one per month.

My year in photos and words

After the busy ending of 2014, 2015 started just as busy. Away from university, I spend more time working, but I found enough time for conferences and a quick one-week visit in San Francisco in April.

Golden Gate Bridge Bay Bridge

University and work kept me busy the whole summer, but I still catched a bit of the Sun.

After finishing up the Summer semester, I left for Norway in August.

Norway Flag

I came back for a weekend to run otsconf. It was a success, but see for yourself:

Back in Norway I had the absolute best time. For example hiking up a hill, sitting on the Kjeragbolten thousand meter over the Fjord.

Kjerag

My semester ended early on the first of December, so I had another chance to travel around Norway. Even without a lot of light, the Lofoten are a beautiful place to stay.

Lofoten

With 2015 coming to an end, so are other things. I had to replace my old Laptop, which stayed with me for the last four years.

Laptop

I really enjoyed living & traveling in Norway and I already put it on my todo list to come back in the summer. I was lucky to be part of so many different but welcoming communities. It’s a joy every time I meet these people again.

Thanks

This year was so great because of all the great people I met along the way.
Thanks to the otsconf team, Ola, Shelly, Carsten, Leif and Hendrik.
Again thanks to my employer rrbone and my boss Dominik for giving me opportunities to learn and work.
Thanks to the the new friends I made while living in Norway. I hope we manage to meet up again soon. Knowing people everywhere is great if you travel and I’m very grateful to all people that hosted me, like Lotte in Hamburg and Tobias in Tromsø. And thanks to all those I didn’t name explicitely, but who made this year so much fun.

2016 won’t start any less busy. With my next university semester only starting in April, I will make the best of that time. The next trip starts in less than five days.

<3