Blame Analysis for Components

Slides:

Advertisements

Similar presentations

Chapter 17 Failures and exceptions. This chapter discusses n Failure. n The meaning of system failure. n Causes of failure. n Handling failure. n Exception.

Advertisements

RPC Robert Grimm New York University Remote Procedure Calls.

Introduction to JAVA Vijayan Sugumaran School of Business Administration Oakland University Rochester, MI

1 Lecture 11 Interfaces and Exception Handling from Chapters 9 and 10.

Chapter 8 Designing Classes. Assignment Chapter 9 Review Exercises (Written)  R8.1 – 8.3, 8.5 – 8.7, 8. 10, 8.11, 8.13, 8.15, 8.19, 8.20 Due Friday,

Tutorials 2 A programmer can use two approaches when designing a distributed application. Describe what are they? Communication-Oriented Design Begin with.

Copyright © 2006 The McGraw-Hill Companies, Inc. Programming Languages 2nd edition Tucker and Noonan Chapter 18 Program Correctness To treat programming.

Exceptions Three categories of errors: Syntax errors Runtime errors Logic errors Syntax errors: rules of the language have not been followed. Runtime error:

Slides prepared by Rose Williams, Binghamton University Chapter 13 Interfaces and Inner Classes.

OOP #10: Correctness Fritz Henglein. Wrap-up: Types A type is a collection of objects with common behavior (operations and properties). (Abstract) types.

Chair of Software Engineering Automatic Verification of Computer Programs.

Presentation Outline What is JUnit? Why Use JUnit? JUnit Features Design of JUnit Downloading JUnit Writing Tests – TestCase – TestSuite Organizing The.

.NET Mobile Application Development Remote Procedure Call.

Semester Programming Project for CS 356

CS 390- Unix Programming Environment CS 390 Unix Programming Environment Topics to be covered: Distributed Computing Fundamentals.

Lecture :2 1.  DEFENTION : Java is a programming language expressly designed for use in the distributed environment of the Internet. It was designed.

LAB 1CSIS04021 Briefing on Assignment One & RMI Programming February 13, 2007.

SWE 619 © Paul Ammann Procedural Abstraction and Design by Contract Paul Ammann Information & Software Engineering SWE 619 Software Construction cs.gmu.edu/~pammann/

Exceptions Handling Exceptionally Sticky Problems.

Exception Handling Unit-6. Introduction An exception is a problem that arises during the execution of a program. An exception can occur for many different.

Pre- and postconditions, Using assertions and exceptions 1 Pre- and postconditions Using assertions and exceptions.

Spec# Andreas Vida. Motivation Correct and maintainable software Correct and maintainable software Cost effective software production Cost effective software.

Computer Science 209 Software Development Handing Errors and Creating Documentation.

1 Applets. 2 Design of Applets 3 Sun wrote Java to be executable within a hosting application browser The applications are applets. An applet is downloaded.

ANU COMP2110 Software Design in 2003 Lecture 10Slide 1 COMP2110 Software Design in 2004 Lecture 12 Documenting Detailed Design How to write down detailed.

Creating a Java Application and Applet

Karlstad University Computer Science Design Contracts and Error Management External and internal errors and their contracts.

PROGRAMMING PRE- AND POSTCONDITIONS, INVARIANTS AND METHOD CONTRACTS B MODULE 2: SOFTWARE SYSTEMS 13 NOVEMBER 2013.

Remote Method Invocation A Client Server Approach.

Throw, Throws & Try-Catch Statements Explanations and Pictures from: Reference:

Topic 4: Distributed Objects Dr. Ayman Srour Faculty of Applied Engineering and Urban Planning University of Palestine.

CSE 374 Programming Concepts & Tools Hal Perkins Fall 2015 Lecture 17 – Specifications, error checking & assert.

Testing and Debugging UCT Department of Computer Science Computer Science 1015F Hussein Suleman March 2009.

Introduction to Java Import Scanner class to use in our program

Introduction to Optimization

Chapter 6 CS 3370 – C++ Functions.

APPENDIX a WRITING SUBROUTINES IN C

Logger, Assert and Invariants

Handling Exceptionally Sticky Problems

Java Programming Language

Programming Languages and Compilers (CS 421)

Topics: jGRASP editor ideosyncrasies assert debugger.

CSE 374 Programming Concepts & Tools

Software Development Handing Errors and Creating Documentation

Paper Reading Group:. Language-Based Information-Flow Security. A

PL/SQL Scripting in Oracle:

Programming Models for Distributed Application

Design by Contract Fall 2016 Version.

Shanna-Shaye Forbes Ben Lickly Man-Kit Leung

Introduction to Optimization

Hoare-style program verification

Generic programming in Java

Units with – James tedder

Algorithm Correctness

Distribution Infrastructures

Introduction to Optimization

NASA Secure Coding Rules

Assertions References: internet notes; Bertrand Meyer, Object-Oriented Software Construction; 4/25/2019.

Handling Exceptionally Sticky Problems

Effective Java, Chapter 9: Exceptions

Agenda Warmup Lesson 2.2 (parameters, etc)

Computer Science 340 Software Design & Testing

ENERGY 211 / CME 211 Lecture 27 November 21, 2008.

CMSC 202 Exceptions.

Programming Languages 2nd edition Tucker and Noonan

CSE341: Programming Languages Lecture 11 Type Inference

Static Contract Checking for Haskell

Presentation transcript:

Blame Analysis for Components Matthias Felleisen Rice University with Matthew Flatt (Utah) and Robby Findler (Rice)

Components and Errors Package Server: public class A { … public void method1(A a) { … } } public class B extends A { // method1 can only process B’s B b = (B)a; Package Client: class C { A anA = A( … ) ; B a_B = B( … ) ; … a_B.method1(anA); .. anA = a_B; ... } … it ends up raising a exception! This system type-checks but …

Who’s to blame? The designer of A and B were forced to type method1 as A -> void by Java’s type system The designer of B knows perfectly well that method1 can only work with arguments of type B -- but can only publish this restriction as an informal comment that the compiler can’t type-check (plus a run-time check inside of his code).

Contracts … We need contracts between components. (That’s an old idea.) Our contracts help us overcome weaknesses in existing type systems. For example, a contract can specify assertions like “the A input to method1 must always be a B”. Even such simple contracts require reasoning about “higher-order” data. (See very last slide)

… and Blame We need a mechanism for “enforcing” contracts with theorem-proving and/or run-time mechanisms so that we can assign blame. This requires a “blame transformation” --- a code transformation that distributes checks and issues proper error messages. Blame should take one of two forms: A component does not satisfy its “export” contract. A component violates its “import” contracts.

Components, Contracts, and Errors Package Server: public class A { … public void method1(A a) { … } } public class B extends A { B b = (B)a; Package Client: class C { A anA = A( … ) ; B a_B = B( … ) ; … a_B.method1 (… (B)anA … ) ... anA = a_B; …. } interface B { void method1(A a) “a must be a B”; … } The contract enables us to insert “contract code” into Client to make sure method1 receives only B’s.

Composing Components with Contracts No static type system is strong enough to specify all contractual assertions between components. Our example is simplistic but illustrates a point. We need to develop languages in which we specify easily computable assertions, and mechanisms for assigning blame in clients and servers. In addition, we need proof assistants to eliminate such code, where possible, and to warn programmers where failures may occur (relative to the proof system).

Higher-Order Problems (“Objects are Multi-Entry Closures”) Package Server: public class A { … public void method1(A a) { … } } public class B extends A { B b = (B)a; Package Client1; public class D { A anA = A( … ) ; B a_B = B( … ) ; public void method3() { ... a_b.method1 (… (B)anA … ) ... anA = a_B; } } Package Client2; class C { ... void method4(D d) { … d.method3(); } Object d is passed in, call to method3 triggers exception