Meta's new LLM-based test generator

Yes. There's also other (better) ways to solve this issue: for instance sampling input/outputs in production and srtting them in stone in the tests.

An issue with going with llms will be to validate if the behavior described are merely tolerated or if they're correct. Another will be wether something is actually tested (e.g. a code change still wouldn't break the test). Too granular output check would be an issue as well.

All in all this feels like a bad idea, but I hope to be wrong.

Couldn’t an llm provided with the right level of logs write really good characterization tests?

Agreed, that's a great use case for autogenerated tests.

Imagine dealing with say COBOL where even the team who was hired to maintain it is going to retire. It's the closest to "lost technology" trope from Sci-Fi we have ever been.

When I do code review I always review the tests first. If they look through and reasonable then I can be a lot less careful reviewing the rest.

This is how I feel too. For me, tests usually end up being a concrete specification which I can execute.

Getting LLMs to write tests is like getting LLMs to write my spec.

Your tests only need to assert what failure states the user should expect under what conditions, not cover how it should be implemented. If, say, your implementation uses panic/recover instead, your tests shouldn't care. Asserting 'how' the code is to be implemented is how you get brittle tests that are a nightmare to maintain.

And making those assertions shouldn't be mindless work. Documenting the failure cases should be the most interesting work of all the code you are writing. If you are finding that it isn't, then that tells you that you should be using a DSL that has already properly abstracted the failure cases for your problem space away.

This is my experience, unless I try to make the contract of the thing simple to test via property testing. Then, writing tests often becomes basically an exercise in writing down the contract in a succinct way.

Sadly, this is a rare approach, so if you cooperate with others it's hard to use it.

Yeah, I suppose this is very language dependent. In Ruby I actually quite enjoy writing tests, whereas in Java it was boilerplate pain.

I actually enjoy writing unit tests, but I do frontend stuff. For me it's the moment of calm and reflection when I step back and look carefully at what I built and say "nice, it works" to myself.

it("displays the user's name") isn't very novel, and is probably pretty easy for a LLM to generate.

Arguably the implementation that passes such a test is even simpler, making it a bit questionable why we have the human write that part.

Well, someone needs to define that the username should be shown in the first place

I've also had managers who told me I wasn't allowed to write tests firsts as it was slower.

Sounds like a great place to work.

managers who told me I wasn't allowed to write tests firsts as it was slower.

You're suppose to write them together, at the same time. What's slower is spending all of your time mousing around the GUI like a caveman and then having missing tests and then trying to debug every future recurring regression forever the rest of the project's lifespan.

The only thing that's slower is perhaps trying to do TDD for the first time. After that, you're embarrassed at how much time you wasted wandering in a browser before your API tests were finished.

You are probably right and the percentages change with the language and framework being used. When I write Ruby I write enormous amounts of tests and many of these could probably be derived from the higher-level integration tests I stared with. In Rust on the other hand, I write very few tests. I wonder if this also shows which code could be entirely generated based on the high-level tests.

My best example of that was a test that was asserting that a monitoring metric changes in some way with a comment expressing doubt whether the asserted values are correct (but whoever wrote it still wrote the test that enshrined the behaviour that they themselves doubted).

Some revered novelists spend all day to write a single page and others are able to get in a flow and produce a chapter in that same time.

Without getting into touchy questions of quality and talent and the whole 10x trope, there are a lot of working engineers out there that produce code a lot more slowly than others and that work on more common problems than others. My sense is copilot-like products provide the biggest boon to those people and are a lot harder for people who are more naturally prolific or who work on more esoteric things.

It all seems to depend on what you are doing. The more niche and technical the task, the less the AI can help. If you are just generating crud and points for a common web language and framework, it can be an 80% boost.

I think the real problem with this is that people aren't differentiating these different types of work when they give these numbers.

Try this: in a situation where you need a small change to an existing class that you haven't looked at in a long time, dump the code and spec to ChatGPT with a request to add the feature or make the change along with a supporting spec. This can really speed up getting to the final result.

So I wanted to take a heatmap and bin it into fifteen values on a logarithmic basis. So I asked ChatGPT to do it for me, and it just worked.

Would this have been difficult for me to just write? No. I wouldn't call it difficult. But it would have involved effort, which is a resource I'm happy to conserve. It's like the difference between a sandwich you make and a sandwich you ask someone to make.

Then I asked it to generate the integer ranges which correspond to each bucket. It screwed that one up, which I found out by copying the function to a scratch file and trying some representative values in the REPL. So I told it to iterate all the values between in and max and generate the ranges that way. That one worked. Net of less effort, plus I had a test for it which I could copy-paste from the REPL to the test suite.

Faster? Maybe, maybe not. But I'm rate-limited by gumption, not minutes. When it's easier to describe the function than write it, and it's simple enough that the robot won't screw the pooch, I hand it off to the LLM. It's a great addition to the toolkit.

The co-pilot equivalent tool I use makes me about 10-15% more productive. Noticeable but not life changing.

IMO a chunk of it is like Peel developers: people that prioritize their own speed above all else: readability, team reviews, etc. I'd love to be proven wrong.

Its usually with simple things like code completion on logging, boiler plate, repetitive tasks etc. I am surprised sometimes how copilot knows what my next step is. I am typing in the start of an algorithm and copilot gives me the rest. And it predicts a lot of things correctly. It saves me tons of time. Another thing what i like is that I no longer need to no all the programming language related syntax. In the past I looked up stuff on stackoverflow. Now i simply type a short comment like "reverse the array...". Copilot automatically suggests the right syntaxes. Sometimes need some adjustments, but thats fine.

For myself I have several distinct cognitive weaknesses that I can often just unload onto an AI in a conversational style.

For instance I know I'm good at breaking up large tasks into smaller ones, but because planning and executive functioning is by far my worst energy consuming skill (adhd) I can save a lot of energy (but not time) by approaching it conversationally. I'd often use colleagues for the same thing, but then my productivity costs 2 salaries

Similarly, I have some trouble with memory and cognitive speed when I'm tired which is unfortunately often the case due to my health, I know well enough what I kinda "want" to do and I let the AI generate something that comes near what I need and I can work from there once I have the right starting point.

Just my personal experience I'd wanted to share.

I rarely find interfacing with an external chat interface useful, but integration with the coding environment (e.g. Copilot) is an immediate productivity boost.

People said the same thing about garbage collectors.

My thinking as well. If coding assistants become so good that I'm at a competitive disadvantage, I'll just start using them. It's not rocket science. So far, everything I've tried largely slowed me down. As a Google/SO replacement for some types of questions, they sure save me maybe an hour per week, but that's really all I could extract so far.

Maybe my work is not too typical though, I spend only a fraction of my time actually typing in code. And I do eliminate the need for boilerplate through other means (picking frameworks/libraries that are a good fit for the problem, refactoring, meta programming, scripts, suitable tool chain etc).

Funny you mention that, since lawyers have already gotten in trouble for citing fictional cases when submitting work performed by chatgpt.

For something like legal work, you don’t want a raw LLM. You want an agent integrated with a legal database, in such a way that it can’t cite cases which don’t exist in the database. And it can’t generate a direct quote from a case unless that text actually occurs in the case.

You still need a human lawyer familiar with the law to pick up on subtler errors, but better technology can prevent the grosser ones. And the subtler errors (e.g. misrepresenting what a case says through partial or out of context quoting) is the kind of error human lawyers sometimes make too - like every other profession, lawyers vary greatly in their competence, and often only the grosser cases of incompetence incur sanctions

I agree, but it does change the shape of the work you would be doing. Validating work isn't the same as generating new work.

Whether that's better, or useful, probably differs by situation.

you still need to give it just as much attention as if you'd done it yourself.

It's different than a Lawyers case, where the facts require manually cross referencing. In our case, that verification can come via directly and immediately running the code. How good the actual code is varies, but the fundamental difference remains.

No op, but I don’t think test-driven development resounds with everyone who writes code.

I don’t want to write tests for everything. I just want to write the ones that matter.

How do you know that the tests accurately define what the code is supposed to do?

Another way, if you know what the code is supposed to do, why write it down in two places?

Without deliberate tests it can be very difficult and time consuming to parse out intended change from unwanted or incidental change.

It tightly couples domain needs with implementation details.

Thinking of it as a leaky abstraction helps me.

I try hard to separate domain logic tests from implementation specific tests.

Your code could be loosely coupled with high cohesion, but with lots of random tests like you get when code coverage is a performance metric, you have to add a lot of complexity that only relates to an implementation.

It can be. E.g. consider GUI testing where people sometimes take automatic "golden" screenshots. The problem there is that if you change some minor thing that e.g. moves text by 1 pixel it will fail the test even though that's probably fine.

People then get used to just blindly updating the golden images. It becomes basically "the output changed, do you want to continue anyway" which is not the most useful thing. You really want it to say "the output is wrong".

I don't know where you're getting that from but it's simply wrong. Testing is quite easy IMO. I've been working at the same place for almost 10 years and I introduced our testing framework. We have hundreds of thousands of tests. New guys have some trouble to get started, but after a couple of months they're writing tests for our systems like a pro.

Most tests are use-case based or written for checking error-handling.

Use-case tests are easy to write: you don't even need to be a programmer (in fact, it's good if use-cases are defined by a Product Owner or Tester), though of course some cases are only known to the programmer as they're the only ones who dive into the details. The programmer should come up with all use-cases the PO missed, of course, and judge whether or not they need to test those too... sometimes it's ok to not test as the cost-benefit is low. Anyway, once you have this use-case based test mentality, it's very easy to write the tests (using a proper language to do it is important! Don't use just JUnit if you're doing Java as it will be really tedious to write and you will stop midway - I know, I've been there... I highly recommend using Spock, though other frameworks to make writing test pleasurable exist).

This applies mostly for "integration tests". For unit tests, hopefully you don't find them difficult to write?! I find them quite easy to write since I know how to write testable code, which takes a while to learn but once you do, it's really easy.

If you have examples of difficult to write tests, I would be curious to see it! Perhaps we can discuss how to make them easy.

Which is why they should be treated as a waste of time unless specific tests can be justified.

Counterpoint, those tests are really useful when you're working on a shared sub-component/library and want to understand the scope of a change, or want to be confident that what should be a no-op change from the caller's point of view is indeed a no-op.

But yea 9/10 times that a snapshot test fails, it's noise rather than signal.

Disagree, I find them very useful to quickly explain new libraries or do tedious things like regex

…unless the LLM hallucinates the comments and docs.

It will be worse because there will be a lot more of it

Not exactly well paid either, I suspect.

I’m old enough to remember the first time they said this about offshoring.

This made me think of that midwit meme with “delete the tests, green check mark in CI” on either side of the graph and “100% coverage” in the centre. Not totally valid, but… A bit of truth, haha.

Maybe the right side should be something about fuzzing and using static types. Use systemic and automated checks. I’m a little ashamed that I thought in memes so readily.

I think those people overestimate how useful it is to get a bunch of random code snippets from some company, that may or may not even reach production unchanged.

I suspect a lot of people overestimate how special their code is. Also, if your code exists in a private repo on GitHub, then you're already trusting the same third party when using GitHub Copilot.

Oddly enough it doesn't.

The secret sauce is: the robot doesn't run the tests. It digests the code and writes tests for it.

So it doesn't know if they'll pass or not. And sure enough, some of them don't, because the code was buggy.

I've seen some awful code come out of ChatGPT, but never a bad test. Good tests are short, which makes them hard to screw up. It has a reasonable grasp on what an edge case is as well.

Of course not!

The Power of AI™ can figure out the true intent of the code by looking at the initial (and, potentially, buggy) implementation, and help the programmer by generating edge test cases where the code doesn't produce correct results.

The programmer will easily tell those test cases from the ones where the AI did a mistake and generated a flawed test case because the AI doesn't make such silly mistakes; clearly, it's the programmer's code that needs to be corrected.

In fact, the AI would do a better job at that, too, which clearly speeds up the development cycle.

The correct way to use the tool is to let the AI both generate the test cases and modify the code so that it would pass the tests it generates.

After all, if the AI can't figure out what you wanted to do in the first place — how can you?

Of course, there's more to it.

Whichever problems you run into can be surely attributed to writing the code in an AI-unfriendly way.

In the past, we had the adage that the code is read more times than it's written. This is still true, but we need to abandon the old habit habit of having a human reader in mind.

Just like you rearrange your furniture to make your house more accessible to the robot vacuum cleaner, you need to write the code with the AI in mind.

When you write a Google query or a prompt for ChatGPT (effectively the same thing anyway), you don't write it like you'd talk to a person.

You're going to have to write code the same way to be truly effective, and think a little bit like AI to get the most use out of it.

That might sound like a lot of work to get code that does what you want.

But of course, that's not the case.

Just use the AI for this.

Thanks for engaging with the above constructive criticism, it's a refreshing change from what is sadly the norm.

One additional question - do you forsee any issues with this application where LLMs enter a non-value add "doom loop"? I can imagine a scenario where a test generation LLM gets hooked on the lower value simplistic tests, and yet management sees such a huge increase on the test metric ("100x increase in unit tests in an afternoon? Let's do it again!") that they continue to bloat the test suite to near-infinity. Now we're in a situation where all future training data is now training on complete cesspool of meaningless tests that technically add coverage, but mostly just to cover an edge case that only an LLM would create.

Not sure if that makes sense, but tl;dr - having LLMs in the loop for both code creation and code testing seems like it's a feedback loop waiting to happen, with what seems like solely negative repercussions for future LLM training data.

Pedantic warning here. In fast and loose day-to-day common English language "exponentially more" means "fast growth" or "a whole lot". But that usage is meaningless! Why?, technically, you can't have exponential growth without a dependent variable. You can have exponential growth as a function of time, height, spend, distance, any freaking metric or variable. But it has to be as a function of a value.

You CAN'T have exponential growth that is not a function of some value or variable or input.

I suppose in this case you could argue you have exponential growth as a function of the discrete using-an-LLM or not-using-an-LLM, but I've never heard of exponential growth as a function of a discrete.

Often people using the term "exponential growth" in common English don't understand what it means. Sorry.

Seconding digdugdirk's comment :) Thanks for the thoughtful response and I apologize if I came across as mean.

My problem is we have no clue what those lines actually were. If it was effectively dead code, then it's not surprising that it was untested, and the LLM-generated test wouldn't be valuable to the team. We have no clue what the value of the test actually was, and using a single stat like "lines of code covered" doesn't actually tell us anything. Saying the test was "exponentially more valuable" is pure speculation, and IMO not an especially well-founded one. (Sort of like saying people who write more lines of code are more productive.)

This speculation seems downright irresponsible when the paper specifically emphasizes that this result was a fluke. When the authors said "hit the jackpot" they did not mean "hit the jackpot with a valuable test", they meant "hit the jackpot with an outlier that somewhat artificially juked the stats." I truly believe if the LLM managed to write a unusually valuable test with such broad coverage they would have mentioned it in the qualitative discussion. Instead they went out of their way to dismiss the importance of the 1,326 figure.

Ensuring that `if x == 1` works when x == 1.

Very important. Very valuable.

Imagine if `if err != nil { return err }` just stopped working tomorrow. Your tests would detect it! Outage prevented!

Beyond the type system, you're snapshoting exact behavior. Differences between x = y, and 2x=y that the types don't encapsulate, even in rust.

There's a persistent rather large minority that has a nuanced take: it can't write code they like (don't want to edit), but it's great for weekend projects (where they're trying new things without established personal preferences).

Forest for the trees if you ask me, but, to each their own.

That I can fully agree with (particularly, comparison with fuzzing).

Your comment presents a way more grounded perspective on the future of LLMs in programming than the article does.