EQC Release Notes - version 1.16

When the same test sometimes succeeds and sometimes fails at random, thanks to for example scheduling differences, then it can be useful to repeat the same test several times. ?ALWAYS(N,Prop) and ?SOMETIMES(N,Prop) both test a property N times, succeeding either if it always passes, or if it passes at least once. Using these operations, a QuickCheck user can search for test cases that fail reliably, or fail only occasionally.

The new macro ?LETSHRINK combines a ?LET with a ?SHRINK, in a way which makes it easier to define generators which shrink well for tree-shaped data like symbolic test cases.

Previously, ?WHENFAIL(Action,Property) did not catch exceptions raised when testing Property, with the result that the Action was performed if Property failed by returning false, but not if it failed by raising an exception. This has been changed so that //any// failure of Property causes Action to be performed.

A change to QuickCheck's exception handling made in version 1.11 led, in some cases, to severe performance problems during shrinking. In the worst case, shrinking could become extremely slow, and allocate hundreds of megabytes of memory, perhaps even leading to an out-of-heap error. This should no longer occur with version 1.12.\n\nHowever, the performance problem can only be avoided by weakening QuickCheck's exception handling somewhat. As a result, //QuickCheck, by default, no longer catches exceptions propagated from a linked process//. When a test exits because a linked process crashes, QuickCheck will report an "unhandled exit", but will not print the test case which caused the failure.\n\nThese non-local exits must now be trapped explicitly in any QuickCheck property that may provoke them. This can be done using a new macro, ?TRAPEXIT, which should be wrapped around the body of the property, inside all the ?FORALLs. Used in this way, no performance problem arises. Note that it is not necessary for the QuickCheck user to set any process flags explicitly... this is all taken care of by the ?TRAPEXIT macro.

run_commands now checks the precondition of each command executed, as well as its postcondition. This is usually unnecessary, since command sequences generated by commands/1 are constructed so that all preconditions hold. However, if a user uses eqc:check/2 to supply a command sequence from a //different// source... such as a saved counterexample from an earlier version of the code... then a precondition might not hold when the commands are run. This error condition is now detected.

New generators: \n* nat() for natural numbers,\n* shrink_list(L) generates the list L, then shrinks it to any sublist.\n* shrink_int(LB,UB,N) generates the integer N, then shrinks it within the given range.

Since QuickCheck tests are generated randomly, then there is always a possibility that the same test is run more than once. This is not really a problem during normal testing, but it //can// become a problem during shrinking, which can at times run very many tests indeed. If generators try shrinking to the same value more than once, and several such generators are combined, then we can end up running the same test very many times indeed. Therefore, we may want to ensure that generators do //not// repeat values during shrinking. Since shrinking strategies are partly defined by the QuickCheck user, then the user has to take some responsibility for ensuring this.\n\nThe new property prop_shrinks_without_duplicates/1 can be used to test a generator, and see whether duplicate values occur during shrinking. If they do, then the best way to deal with it is to define the generator more carefully so that duplicates are avoided, but if this is impossible then shrink_without_duplicates/1 can be applied to the generator to filter out any repetitions. \n\nMany built-in generators have been modified to avoid duplicates. In some cases this may impose a performance penalty, although usually the result is a speed-up.

In Release 1.06, calling one of the main eqc functionsn with bad arguments caused the eqc process to exit. Although it would be restarted the next time an eqc function was called, this did cause the test history to be lost, preventing eqc:recheck from repeating tests before the exit.

Several minor bugs have been fixed, including:\n* list values were not shrunk as far as they should have been\n* values returned by choose could be shrunk to values outside the proper range.

Changes have been made to the way QuickCheck connects to the licence server via a proxy. The option to enter a proxy URL interactively has been removed; instead, a proxy should always be specified by setting the HTTP_PROXY environment variable. QuickCheck now supports proxies that require authentication, using a URL of the form http:<user>:<password>@...\n\nTo ease diagnosing connection problems, QuickCheck now displays the reply from the server, if it cannot be interpreted as a licence refresh, which is usually an HTTP error message.

In previous versions, less_faulty and more_faulty set the fault rate to the wrong value. This has been corrected in version 1.12.

WhatsNew

When record fields have default values, it is convenient to shrink other values to the default when a test fails, so that we can see which fields are important for the test failure. The new generator functions default/2 and weighted_default/2 specify default values with this behaviour. For example, a record field generated by default(asn1_NOVALUE,int()) will either be an integer or asn1_NOVALUE, and will shrink to the latter when a test fails. default/2 chooses the default half the time--just like oneof--while weighted_default/2 chooses between the default and the other generator with the given weights, just like frequency.

This environment variable can be set to an integer value to control how many days before your cached licence becomes stale QuickCheck will try to refresh it. The default value is 10.

edoc documentation is now available for virtually all of the QuickCheck interface.

QuickCheck now provides an Emacs mode, which is a sub-mode of the Erlang mode, and provides a QuickCheck menu containing templates for many common QuickCheck tasks. To install the Emacs mode, first replace your QuickCheck installation with this version, then call eqc_emacs_mode:install() to find and update your .emacs file.

A new cut-down version of QuickCheck, eqc_lite, is provided, consisting of alternative implementations of the main QuickCheck modules, and an alternative header file. Code which uses QuickCheck can also be compiled using eqc_lite, but eqc_lite can only test properties when a specific test case is given using eqc:check/2. eqc_lite may be distributed to anyone, thus enabling users without a licence to run tests generated by QuickCheck, but not to generate new ones.

EQC has been divided into several modules, and the modules placed in a conventional Erlang project structure, with separate directories for code, include files, and documentation. Including eqc.hrl imports all necessary functions, so code that uses QuickCheck should not be affected by this change.

If we want to generate both valid and invalid test data, then it is convenient to specify possible faults together with the ordinary generators. The new generator function fault/2 makes this possible. For example, a field that should lie between 5 and 10 could be generated by fault(int(),choose(5,10)) indicating that a correct value can be generated by choose(5,10), and a (potentially) faulty one by int(). Normally, faulty cases are not generated, but if fault_rate/3 is applied to a generator containing potential faults, then each fault location will generate faulty values at the rate given. This permits the //same// generator to be used for both positive and negative testing. The new functions more_faulty/2, less_faulty/2, and no_faults provide fine control over fault generation.

In previous versions of eqc, any tuples of the form {'@',Mod,Fun,Args} in generated test data were automatically replaced by the result of calling Mod:Fun(Args) before the test was run--but failing test cases were printed in the first form. This made it possible to see how test data was constructed--for example, one might see {'@',sets,new,[]} in a test case, rather than its (complicated) representation.\n\nThis feature has been removed, but a new function eqc_gen:eval/1 has been provided instead, which evaluates structures of the form {call,Mod,Fun,Args} in its argument. The difference is just that eval has to be called explicitly in properties, but on the other hand, there is now no risk of a conflict with real test data containing the atom '@'.

peek(X) is used to peek at the value inside a sealed box, before any shrinking is applied. Previously X had to be a box; now it is permitted to be a data-structure containing boxes, and peek looks inside them all.

When you link to a process, and it crashes, the exception is propagated to your own process. But these //remote exceptions// must be handled in a different way than local ones: an ordinary ''catch'' does not catch them. A bug in QuickCheck's remote exception handling caused version 1.10 to hang, and earlier versions to crash without printing or shrinking the failing case. This can no longer happen.

Three new functions in eqc_gen, parameter, with_parameter, and with_parameters, make it possible to parameterise generators with minimal changes to the code. All that is necessary to use an implicit parameter is to use the generator parameter(foo), for example, which generates the value of parameter foo. That value can be supplied by with_parameter, either at the top-level, or anywhere else which dynamically enclioses the use of foo. Thus a new parameter can be introduced with only two modifications to the code, even if the use is deep inside complex generators.

The improvements to eqc_commands are mostly in the area of shrinking: the new version should shrink generated command sequences faster, more predictably, and more reliably than before. In addition:\n* wf_commands now performs more stringent checks on the syntax of generated commands\n* a bug that caused run_commands to return the command results in reverse order has been fixed\n* the documentation has been improved

Previously, set commands generated by eqc_commands were of the form {set,N,Mod,Fun,Args}, where N was an index identifying the variable being bound. When such variables were used in later commands, they were referred to by structures of the form {var,N}. The difference between an index in set, and the structure used later, proved to be a source of errors. The syntax of set has therefore been changed to {set,{var,N},Mod,Fun,Args}.\n\nThis change does not affect user code which generates commands using ?SET, but it may affect user code which //inspects// the generated commands, for example to validate them.

In previous releases, large integers did not always shrink to the smallest value making the property fail. Integer shrinking has been improved to guarantee that if the result of shrinking is N, then N-1 (if N is positive) or N+1 (if N is negative) would not be a counterexample. In some cases shrinking will also be faster (although it may also be slower, since it is now searching for a more exact result).

John Hughes

Killing the process calling quickcheck should, of course, also kill any currently running tests. A bug introduced in version 1.10 made it possible for them to continue running. This is now fixed.\n

In previous versions, users of eqc_statem controlled the length of generated command sequences by generating the atom 'stop' instead of a command occasionally. This is no longer necessary: QuickCheck now controls the length of command sequences automatically, starting with short sequences and gradually increasing their length up to around 100 commands. If longer sequences are needed, they can be generated by using the new function more_commands, which can be applied to either a generator, or indeed an entire property. Old code which generates 'stop' will still work, but 'stop' will be ignored (and a deprecation message produced).

Previously, EQC licences were of fixed duration, with the expiry date compiled into the code. This version of EQC separates the licence from the code, so that we are now able to provide indefinite licences and licences for a limited number of users, and to distribute the code independently of licencing. The licence mechanism, and its implications for users, are explained in separate documentation.

WhatsNew\nPreviousReleases

Previously, sequences generated by eqc_statem could take a long time to shrink. A number of performance improvements have been made, which together lead to a dramatic improvement. The different is particularly striking when very long sequences fail near the beginning--in such cases, shrinking is now very fast indeed. Even test cases containing thousands of commands now shrink fast.

*A new macro ?WHENFAIL is provided, to make it easier to write actions to be taken when a property fails.\n*The function expectfailure has been renamed to fails, which has a more declarative ring to it.

QuickCheck provides two abstract types: properties, and generators. It can be tempting to try to //sample// a property, although it is only correct to sample a generator. In previous versions, attempting to sample a property resulted in an obscure error message. In the new version, it results in sampled data including an error message explaining that a property has been misused as a generator.

Previously ?SUCHTHAT could fall into an infinite loop, if generation *never* produced a value satisfying the predicate. Now ?SUCHTHAT is limited to 100 attempts, and exits if no suitable value is found in that time. If a test fails for this reason, then it is a sign that the predicate used in ?SUCHTHAT is fulfilled too rarely, and the generator should be rewritten to avoid it.

There is a new module, eqc_statem, for testing functions with side-effects against a specification in the form of an abstract state machine. The user defines an abstract model of the state, specifies how each command changes the state, and writes pre- and postconditions for each command under test. Lists of commands can then be generated, tested, and shrunk automatically. The new module is both faster and easier to use than eqc_commands, which it replaces. See the documentation for details.

A new operator ?SHRINKWHILE is provided for situations when a generator is designed to produce values satisfying some condition, but shrinking might break this property. By "shrinking while" the property is true, we can avoid shrinking to values that violate it. See the documentation in eqc_gen.

eqc:quickcheck can now be called with a module and function name, or module, function name and argument list. Apart from convenience, when RepeatingFailedTests which were initially called in this way, the most recently loaded version of the property is tested. With the original interface, a repeated test calls the same code as the first test.

Hitherto, QuickCheck generators were just represented as functions. This could lead to confusion in cases where the generated data itself contains function values--a function in the data could mistakenly be interpreted as a generator, with erroneous behaviour as a result. The new representation for generators cannot be confused with functions, eliminating this problem. ''Note'': all atoms beginning with eqc_ are reserved for QuickCheck's use--among other things, for labelling generators!\n\nBecause this change affects the definitions of some of the QuickCheck macros, it is necessary to //recompile// all QuickCheck specifications. Running old code may lead to badarg errors in quickcheck_licenced--if you encounter this, recompile and reload your QuickCheck specifications.

A new function pick/1 can be used to select one element from a generator.\nRandomisation using erlang:now() ensures no two runs of quickcheck use the same random number seed.

[[Release 1.15]]\n[[Release 1.14]]\n[[Release 1.13]]\n[[Release 1.12]]\n[[Release 1.11]]\n[[Release 1.10]]\n[[Release 1.09]]\n[[Release 1.08]]\n[[Release 1.07]]\n[[Release 1.06]]\n[[Release1.05]]\n[[Release1.04]]\n[[Release1.03]]

That is, it is now possible to call quickcheck, counterexample, etc from properties. In previous versions, attempting to do so would lead to deadlock. Making QuickCheck reentract simplifies testing QuickCheck with QuickCheck, but also lays the groundwork for other functionality to be added later.

* ?SHRINKWHILE added to eqc-lite.\n* Improvements to shrinking in eqc_commands

* [[New module eqc_statem for testing based on an abstract state machine]]\n* [[eqc_commands has been removed]]\n* [[Bad arguments to the main eqc functions no longer cause the eqc process to exit]]. \n* [[Function calls in test data indicated by '@' are replaced by eqc_gen:eval/1]]\n* Bad arguments to generator functions are now reported only if the generator is actually used.\n* Improvements to make shrinking more predictable.\n* Small optimisation to sealed generators

* Adopted a NewRepresentation for generators. \n//IMPORTANT: requires recompilation of all QuickCheck specifications//.\n* Added numtests to control the number of tests run.\n* Improved IntegerShrinking to be more consistent.\n* Added a way to stop the QuickCheck server.\n* Added the ability to TimeoutGenerators.\n* Fixed a bug in sample, which made it less random than intended.\n* Tidied the information in some rare error messages.\n* Changed the [[treatment of exceptions during shrinking]].\n* Fixed [[a bug in the QuickCheck server provoked when the process that invoked QuickCheck crashes]].

* New LicenceHandling.\n* Improved error message when a property returns the wrong type of value.

* Added generators for FaultyData.\n* Added generators for DefaultValues.\n* [[Major performance improvement to eqc_statem]].\n* Added support for AvoidingDuplicateTests.\n* [[Added precondition checking to run_commands]].\n* [[Unlicenced users may now use check/2]]\n* Added ImplicitParameters to generators. \n* Added [[eval/2]], for evaluating symbolic expressions containing variables.\n* Added AssortedGenerators..\n* [[QuickCheck is now reentrant]]\n* [[Modified ?SUCHTHAT to avoid infinite loops]].\n* Optimised some of the built-in generators to shrink faster and more predictably.\n* [[Generalised peek/1]] slightly.

Version 1.11 is mainly a bug-fixing release, with a few additions to shell API.\n* Added [[eqc:module]]\n* Added [[eqc:backtrace]]\n* Fixed a [[bug in licence checking]]\n* Added EQC_REFRESH_LICENCE_DAYS environment variable\n* Fixed a [[performance bug in the list generator]]\n* Fixed a bug in HandlingExceptionsInLinkedProcesses\n* Fixed a bug preventing KillingQuickCheck\n* Fixed a [[bug in elements]]

* ''Important:'' [[Added ?TRAPEXIT]], fixing a serious performance bug in shrinking.\n* [[Corrected probabilities in fault injection functions]].\n* Improved error message for MisusedProperty.\n* [[?WHENFAIL now catches exceptions]] in its second argument.

Version 1.13 makes a number of small but useful changes.\n* A new function [[postconditions]] has been added to eqc_statem.\n* [[Shrinking improvements in eqc_statem]].\n* [[Length of command sequence specified differently in eqc_statem]].\n* [[Changes to connection to the licence server]].\n* Some performance bugs that could cause very slow shrinking have been fixed.

Version 1.14 introduces a number of major new features. The most significant of these is //support for floating licences//. In fact, the licencing code has been completely replaced in this version, and as a result this version can //only// be used with floating licences. Support for fixed licences will be reintroduced in version 1.15.\n\nTo learn how to use Quviq floating licences, read the accompanying document //Quviq Floating Licences, Users' Guide//.\n\nThis version also introduces support for integration with Common Test. The new module eqc_ct can be used to convert any Erlang module containing QuickCheck properties into a Common Test test suite.\n\nThe new module eqc_socket makes it easy to test external software over a socket interface. Eqc_socket lets you create a process interface to the socket, automatically recording a trace of communication, and can be used together with eqc_statem to build a model of the system under test.\n\nOther improvements are:\n* a new version of [[zip in eqc_statem]] makes it easier to interpret the output from failed tests.\n* added a [[?LETSHRINK]] macro to make it easier to define shrinking strategies for tree-structured data\n

Version 1.15 reintroduces support for non-floating (fixed) licences, using the same framework as floating licences. See //Quviq Licences, Users' Guide// for information on how to administer and use both kinds of licence.\n\n''New Features''\n* QuickCheck now includes an [[Emacs mode]].\n* New ways to collect statistics: [[aggregate, measure, and command_names]]\n* New properties for non-deterministic tests: [[?ALWAYS and ?SOMETIMES]]\n* [[?LETSHRINK]], making recursive generators easier to define\n* QuickCheck now appears to be [[an OTP application]]\n* New function [[is_generator]]\n\n''Licencing''\n* [[force_start() is no longer needed]]\n* Licences accidentally left in a locked state can be unlocked with eqc:unlock_licence()\n* eqc:active_users() is provided to find out who in your licence group is currently using QuickCheck\n\n''Documentation''\n* A //Ready reference sheet// is now included with QuickCheck.\n

This version of QuickCheck is tidied up and documented, but the major novelties are new features for repeating and saving test cases, and [[exporting test cases]] to non-QuickCheck users.\n\nRepeatingFailedTests\nSavingCounterExamples\nEqcLite\nEdocDocumentation\nErlangProjectStructure\nNewQuickCheckInterface\nVersionNumbering\nMinorChanges\nBugFixes

A new module [[eqc_commands]] simplifies testing code with side-effects.\n[[Shrinking is much faster]] for large test cases.\nA new function [[watch_shrinking]] helps both to achieve good shrinking, and to identify the reason why a test fails.\nNew feature: [[Sealing and opening generators]] provides control over shrinking order.\n[[Other small improvements]]

[[Improvements and bug fixes in eqc_commands]]\n[[eqc runs in a separate process]]\n[[Validation of command line arguments]]\n[[New operator ?SHRINKWHILE]]

Tests which fail can now easily be repeated--after turning on tracing, for example--by calling eqc:recheck/0 or eqc:recheck/1. If the NewQuickCheckInterface is used to run the tests initially, then repeating a test calls recompiled code if any has been loaded.

Counterexamples found by QuickCheck can now easily be saved and re-used. eqc:counterexample/0 returns the last failed test case, while counterexample/1 tests a property and returns a counterexample, if one is found. Counterexamples can be reused using the new function eqc:check/2, which tests (the same or a different property) in a given test case. Tests using check can be run by users who do not have QuickCheck -- they only need EqcLite.

Two new generator functions, seal and open, enable the programmer to optimise the search order during shrinking. Sealing a generator delays exploration of its possible shrinkings until the seal is opened--in the meantime, the sealed value can be built into larger structures, which are shrunk //first//. For example, by generating a list with sealed elements, defining shrinking that discards elements using ?SHRINK, and then opening the resulting list, we ensure that shrinking will try to discard elements before exploring all the ways in which each element might be shrunk. Sealing is likely to be important when generating large structures with many random components.

The improvements made strengthen shrinking so that, occasionally, commands can be deleted from the command list that would not have deleted by previous versions.

In version 1.03, test cases that could be shrunk in very many different ways were shrunk very slowly. Typically, large test cases with many generated components were extremely slow to shrink. The representation of generators has been optimised to avoid this problem. Such test cases may still be shrunk very many times, but each shrinking step is much, much faster, leading to much better performance overall.

The new generators shrink_int and shrink_list generate the constant integer or list they are given--but then //shrink// that fixed value in the usual way. Integers shrink towards smaller absolute values, and lists shrink by dropping elements.

version 1.16

EQC Release Notes

The generator timeout(T,G) generates the same thing as G, but generates the atom timeout if generation takes longer than T milliseconds. The same time limit also applies to the shrinking steps.

The function check(Property,TestCase), which tests a property in a given specified case, may now be called by users who do not have a QuickCheck licence. This enables licenced users to generate test cases using QuickCheck, and then give the properties and test cases to unlicenced users, who will even so be able to run them. This functionality was previously supported by EqcLite, which is now no longer necessary. EqcLite is thus no longer supported.

The arguments to functions in eqc are now validated //before// testing starts, leading to much less obscure error messages when validation fails.

eqc now has version numbers (which have already reached 1.03!).

''eqc_fsm''\nThe big news in release 1.16 is the addition of a module for testing finite state machines, eqc_fsm. With the help of this module, FSM specifications become easier to write, and QuickCheck can even help assign suitable weights to the transitions. If you need to write specifications based on FSM diagrams or statecharts, then eqc_fsm will make your job a lot easier. There is extensive documentation in the reference manual, and a simple example of its use in the //examples// folder distributed with this version of QuickCheck. This folder also contains some introductory examples to help new users get started.\n\n''Other New Features''\n* A new function eqc:counterexamples() returns the counterexamples found by eqc:module.\n* A new function eqc:start/1 takes a boolean argument, to determine whether to stop another instance of QuickCheck, if there is one running.\n* QuickCheck tests are now run in the same process group as the caller (which affects where output appears)\n* eqc_statem now accepts a parameterised module as the call-back module.\n* New generators for binaries are provided in eqc_gen.\n* eqc_ct provides a new function compile_mods to compile a //list// of modules, which can be invoked from the command line using erl -s.\n\n''Remember to run eqc_emacs_mode:install() once you have installed 1.16 in your path, to update your emacs mode to refer to the new version.''

Previously, if the shell from which QuickCheck was first invoked crashed, then QuickCheck itself crashed later in io:format--trying to send output to the shell which no longer exists. The same behaviour could arise under the Common Test server. The bug has been fixed by ensuring that the QuickCheck server will be terminated if its spawning process dies.

Hitherto the only way to collect statistics during QuickCheck testing was using the collect function, which collects one value per test, and displays a histogram of the collected values when testing is over. This version adds two new useful functions:\n* //aggregate// collects //many// values per test, and displays a histogram over all the aggregated values,\n* //measure// collects numeric values, and displays minimum, maximum, total, count, and average.\nA new function //command_names// in eqc_statem makes it very easy to collect the distribution of commands actually run during state-machine testing: just add\n\naggregate(command_names(Cmds),...)\n\nto your property.

The QuickCheck installation now includes a .app file, allowing QuickCheck to be started and stopped using application:start(eqc) and application:stop(eqc), if desired. However, QuickCheck is not a real application, it simply creates a dummy application structure which makes systools happy.

Calling elements([]) is an error: of course, no element can be generated. A bug introduced in version 1.08 meant that the error was not reported properly--instead a useless function value was generated. This is now fixed.

In previous versions, attempting to refresh the cached licence with no internet connection available caused QuickCheck to crash. The correct behaviour, now implemented, is of course to start QuickCheck anyway provided the cached licence is still valid.

All eqc functions now run in a separate eqc process rather than the shell, which performs a licence check once only when it is started. The first time any function in eqc is called, the current licence is printed before the function is run. In this version the licence simply checks the expiration date.

When a QuickCheck property fails because an exception is raised, a stack trace is recorded. It can be displayed by calling eqc:backtrace().

The function eqc:module(M), intended for use in the shell, runs eqc:quickcheck on all properties in the module M. By definition, properties are exported functions whose names begin with ''prop_''.

eqc_commands is intended for testing APIs with side effects. Programmers generate test cases represented by lists of commands, which can either invoke the API or check assertions. Support is provided to generate such lists, run them, check their validity, and shrink them effectively.

Use eqc_statem instead: it is an improvement in every respect.

The eval/1 function evaluates data-structures containing symbolic function calls, of the form {call,Module,Function,Args}, which allows us to generate data in a symbolic, readable form, then evaluate it to its representation for running tests. The eqc:eval/2 function adds the capability to evaluate symbolic variables, of the form {var,Name}, to values given in a property list (see proplists) passed as the second argument. This enables us to generate //symbolic// test data before some of the values it depends on are known. Typically the values bound to symbolic variables would be created by operations with side-effects, that we do not want to invoke during test case generation.

To export a test case:\n* Write a property and use quickcheck to find a counterexample.\n* Capture the counterexample by calling eqc:counterexample().\n* Copy and paste it into an explicit test case in your code, of the form test42() -> check(my_property(),...the counterexample...).\n* Recompile your code using the EqcLite version of eqc.hrl, and run it with the EqcLite versions of eqc.beam and eqc_gen.beam.\n* Now you can run explicit test cases, such as test42(), without any access to the original version of QuickCheck at all.

Since version 1.14, only one instance of QuickCheck can run at a time. In that version, attempting to start a second instance created a dialogue box to ask the user whether to terminate the currently running version. Since this behaviour was inappropriate in automated test suites, a second start function eqc:force_start() was provided which simply terminated the other instance without asking.\n\nVersion 1.15 simplifies this by making the second (more useful) behaviour the default. As a result, force_start() is no longer needed.

A new function is_generator/1 is provided, which returns true for QuickCheck generators.

While version 1.10 made many improvements to shrinking, it also introduced a performance bug in generators of the form list(G). This bug made shrinking of longer lists generated in this way very slow indeed. The problem should no longer appear.

Given a list of commands, and a list of their results, the postconditions function checks that all pre- and post-conditions were satisfied. This is useful if eqc_statem is used to generate commands which are then run in some //other// way than by using run_commands--for example, if they are translated to another language, compiled and run.

Previously an exception during attempted shrinking could lead to shrinking stopping--since no smaller test cases could be found, the last test case was recorded as the smallest. This was unhelpful when the exception was caused by a bug in a user-provided shrinking function--instead of reporting the bug, QuickCheck just stopped shrinking. This has been changed so that the test now fails in this case, with the exception raised during shrinking as the reason for failure. In particular, this should make bugs in state machine specifications easier to find.

A new function for use in the shell, eqc:watch_shrinking(), displays all the test cases explored while shrinking the last failed test, together with their test result. This can be used in two different ways:\n* To see how shrinking is being performed, so that it can be improved if necessary.\n* To compare the smallest failing test case with similar cases that do not fail. The last few test cases printed often give an immediate clue to the reason a test failed.

Properties that use eqc_statem often print the //history// that run_commands returns as part of the output when a test fails. To interpret the history, it is helpful to know //which command// generated each element. This can be deduced from the QuickCheck output, but may require scrolling backwards and forwards to look at the list of commands and the history alternately. By //zipping together// the list of commands and the history, that is printing zip(Cmds,H) instead of just H, each command appears in the output together with the state before it was executed, and its result.\n\nThe zip function in the lists module cannot be used for this, because it exits if passed lists of different length--and when a command in the middle of the command list fails, then the list of commands and the history are of different lengths. The zip function in eqc_statem returns the same result as lists:zip when both succeed, but when it is given lists of different lengths, it returns a list as long as its shorter argument.\n\nIn short: replace ?WHENFAIL(io:format("~p~n",[H]), in your properties by ?WHENFAIL(io:format("~p~n",[zip(Cmds,H)]).