Class Invariants Pre-conditions and post-conditions describe the properties of individual methods. A class invariant is a global property of the instances.

Slides:



Advertisements
Similar presentations
Copyright © 2006 The McGraw-Hill Companies, Inc. Programming Languages 2nd edition Tucker and Noonan Chapter 18 Program Correctness To treat programming.
Advertisements

Design by Contract.
Presenter: Chris Treml
272: Software Engineering Fall 2012
© Bertrand Meyer and Yishai Feldman Notice Some of the material is taken from Object-Oriented Software Construction, 2nd edition, by Bertrand Meyer (Prentice.
ICE1341 Programming Languages Spring 2005 Lecture #6 Lecture #6 In-Young Ko iko.AT. icu.ac.kr iko.AT. icu.ac.kr Information and Communications University.
1 Computer Science 340 Software Design & Testing Inheritance & Design By Contract.
Design by Contract. Design by contract is the process of developing software based on the notion of contracts between objects, which are expressed as.
Chair of Software Engineering OOSC - Summer Semester Object-Oriented Software Construction Bertrand Meyer.
Error Management with Design Contracts Karlstad University Computer Science Error Management with Design Contracts Eivind J. Nordby, Martin Blom, Anna.
ISBN Chapter 3 Describing Syntax and Semantics.
Copyright © 2006 Addison-Wesley. All rights reserved. 3.5 Dynamic Semantics Meanings of expressions, statements, and program units Static semantics – type.
1 Design by Contract Building Reliable Software. 2 Software Correctness Correctness is a relative notion  A program is correct with respect to its specification.
Dept. of Computer Science A Runtime Assertion Checker for the Java Modeling Language (JML) Yoonsik Cheon and Gary T. Leavens SERP 2002, June 24-27, 2002.
Inheritance 2 Ranga Rodrigo Based on Mark Priestley's Lectures.
Design by Contract ™. 2 Design by Contract A discipline of analysis, design, implementation, management.
Feb 2003 R McFadyen1 Contracts (Ch 13) Used to help understand requirements more completely based on assertions; assertions are applicable to any.
Design by Contract. Specifications Correctness formula (Hoare triple) {P} A {Q} – A is some operation (for example, a routine body) – P and Q are predicates.
Jan 2005 Ron McFadyen1 Contracts Used to help understand requirements more completely (and so may not always be necessary) based on assertions;
Inheritance. In this chapter, we will cover: The concept of inheritance Extending classes Overriding superclass methods Working with superclasses that.
Software Testing and Quality Assurance
Chair of Software Engineering ATOT - Lecture 12, 12 May Advanced Topics in Object Technology Bertrand Meyer.
Static and Dynamic Contract Verifiers For Java Hongming Liu.
OOP #10: Correctness Fritz Henglein. Wrap-up: Types A type is a collection of objects with common behavior (operations and properties). (Abstract) types.
Copyright © 2006 The McGraw-Hill Companies, Inc. Programming Languages 2nd edition Tucker and Noonan Chapter 18 Program Correctness To treat programming.
Chair of Software Engineering Concurrent Object-Oriented Programming Prof. Dr. Bertrand Meyer Lecture 9: Contracts and Inheritance (based on work with.
Design by Contract David Talby. Software Correctness When is a class correct? – It ’ s a relative concept; what is required? – But it ’ s the correct.
Describing Syntax and Semantics
Eiffel Language and Design by Contract Contract –An agreement between the client and the supplier Characteristics –Expects some benefits and is prepared.
Inheritance and Polymorphism CS351 – Programming Paradigms.
Subclasses and Subtypes CMPS Subclasses and Subtypes A class is a subclass if it has been built using inheritance. ▫ It says nothing about the meaning.
Computer Science 340 Software Design & Testing Design By Contract.
Ranga Rodrigo. Class is central to object oriented programming.
1 Abstraction  Identify important aspects and ignore the details  Permeates software development programming languages are abstractions built on hardware.
Design by Contract in Java Concept and Comparison.
111 Protocols CS 4311 Wirfs Brock et al., Designing Object-Oriented Software, Prentice Hall, (Chapter 8) Meyer, B., Applying design by contract,
Low-Level Detailed Design SAD (Soft Arch Design) Mid-level Detailed Design Low-Level Detailed Design Design Finalization Design Document.
Contracts for Concurrency - Contracts & Inheritance Aryabrata Basu University of Georgia.
A Survey on Java Modeling Languages Gergely Kovásznai,Eszterházy Károly College Wolfgang Schreiner,Johannes Kepler University Gábor Kusper,Eszterházy Károly.
ISBN Chapter 3 Describing Semantics.
Chapter 3 Part II Describing Syntax and Semantics.
ANU COMP2110 Software Design in 2003 Lecture 10Slide 1 COMP2110 Software Design in 2004 Lecture 12 Documenting Detailed Design How to write down detailed.
L13: Design by Contract Definition Reliability Correctness Pre- and post-condition Asserts and Exceptions Weak & Strong Conditions Class invariants Conditions.
Evaluating an Object-Oriented Design ©SoftMoore ConsultingSlide 1.
SWE 4743 Abstract Data Types Richard Gesick. SWE Abstract Data Types Object-oriented design is based on the theory of abstract data types Domain.
Ceg860 (Prasad)L17IT1 Inheritance Techniques Subcontracting Anchored Types.
Defensive Programming CNS 3370 Copyright 2003, Fresh Sources, Inc.
PROGRAMMING PRE- AND POSTCONDITIONS, INVARIANTS AND METHOD CONTRACTS B MODULE 2: SOFTWARE SYSTEMS 13 NOVEMBER 2013.
CSSE501 Object-Oriented Development. Chapter 10: Subclasses and Subtypes  In this chapter we will explore the relationships between the two concepts.
CSC3315 (Spring 2009)1 CSC 3315 Languages & Compilers Hamid Harroud School of Science and Engineering, Akhawayn University
DBC NOTES. Design By Contract l A contract carries mutual obligations and benefits. l The client should only call a routine when the routine’s pre-condition.
Object Design More Design Patterns Object Constraint Language Object Design Specifying Interfaces Review Exam 2 CEN 4010 Class 18 – 11/03.
© Bertrand Meyer and Yishai Feldman Notice Some of the material is taken from Object-Oriented Software Construction, 2nd edition, by Bertrand Meyer (Prentice.
9.1 CLASS (STATIC) VARIABLES AND METHODS Defining classes is only one aspect of object-oriented programming. The real power of object-oriented programming.
Design by Contract Jim Fawcett CSE784 – Software Studio
Design by Contract Jim Fawcett CSE784 – Software Studio
Used to help understand requirements more completely
Component Based Software Engineering
Design by Contract in Python: Present and Future Aaron Bingham
Types of Programming Languages
Programming Languages 2nd edition Tucker and Noonan
Design by contract Object-Oriented Software Construction by Bertrand Meyer, Prentice Hall The presence of a precondition or postcondition in a routine.
Parameter Passing Actual vs formal parameters
Design by contract Object-Oriented Software Construction by Bertrand Meyer, Prentice Hall The presence of a precondition or postcondition in a routine.
Inheritance.
Assertions References: internet notes; Bertrand Meyer, Object-Oriented Software Construction; 4/25/2019.
Lecture 13: Subtyping Rules Killer Bear Climber
Computer Science 340 Software Design & Testing
Programming Languages 2nd edition Tucker and Noonan
Programming Languages 2nd edition Tucker and Noonan
Presentation transcript:

Class Invariants Pre-conditions and post-conditions describe the properties of individual methods. A class invariant is a global property of the instances of a class, which must be preserved by all methods. A class invariant is an assertion in the class definition. E.g. a stack class might have the following class invariant: count >= 0 and count <= capacity and stack_is_empty = (count = 0)

Class Invariants An invariant for a class C must be satisfied by every instance of C at all “stable” times. “Stable” times are those in which the instance is in an observable state

invariant: min <= max. Example A (mutable) class representing a range of real numbers: public class RealRange { private RealNumber min, max; public RealRange(RealNumber min, RealNumber max) { this.min = min; this.max = max; } public void setRange(RealNumber newMin, RealNumber newMax) { this.min = newMin; this.max = newMax; } invariant: min <= max.

An assertion I is a correct invariant for a class C if and only if: The Invariant Rule An assertion I is a correct invariant for a class C if and only if: Every constructor of C, when applied to arguments satisfying its precondition in a state where the attributes have their default values, yields a state satisfying I. Every method of the class, when applied to arguments and a state satisfying both I and the method’s precondition, yields a state satisfying I.

What happens to assertions when classes are inherited? DbC and Inheritance What happens to assertions when classes are inherited? How can assertions be “preserved” in the face of redeclaration (overriding) and dynamic binding? Actually assertions help maintain the semantics of classes and methods when they are inherited.

The parents’ invariants need not be repeated in the class. The invariants of all the parents of a class apply to the class itself. The parents’ invariants are added (logically “and”ed) to the class’s own invariants. Class Parent Attrs … Methods … Inv: P Class Parent Attrs … Methods … Inv: P  Class Child Attrs … Methods … Inv: C Class Child Attrs … Methods … Inv: P  C The parents’ invariants need not be repeated in the class.

Pre and Postconditions A method redeclaration may only do the following: Pre-condition Post-condition replace the original precondition by one equal or weaker replace the original postcondition by one equal or stronger The new version must accept all calls that were acceptable to the original. The new version must guarantee at least as much as the original. It may, but does not have to, accept more cases. It may, but does not have to, guarantee more. e.g. replace pre: x<10 by pre: x<=10 e.g. replace post: x<=10 by post: x=10

Summary Software reliability requires precise specifications which are honoured by both the supplier and the client. DbC uses assertions (pre and postconditions, invariants) as a contract between supplier and client. DbC works equally well under inheritance.

Languages with third-party support: C and C++: DBC for C preprocessor, GNU Nana C#: eXtensible C# (XC#). Java: iContract2, Contract4J, jContractor, Jcontract, C4J, CodePro Analytix, STclass, Jass preprocessor, OVal with AspectJ, Java Modeling Language (JML), SpringContracts for the Spring framework, or Modern Jass, Custos using AspectJ. JavaScript: Cerny.js or ecmaDebug. Common Lisp: the macro facility or the CLOS metaobject protocol. Scheme: the PLT Scheme extension Perl: the CPAN modules Class::Contract , Carp::Datum Python, PyDBC , Contracts for Python. Ruby: Ruby DBC , ruby-contract.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.