1 Advanced Material The following slides contain advanced material and are optional.

Slides:



Advertisements
Similar presentations
Copyright © 2006 The McGraw-Hill Companies, Inc. Programming Languages 2nd edition Tucker and Noonan Chapter 18 Program Correctness To treat programming.
Advertisements

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
Configuration management
Chair of Software Engineering Einführung in die Programmierung Introduction to Programming Prof. Dr. Bertrand Meyer Exercise Session 5.
Control Structures Ranga Rodrigo. Control Structures in Brief C++ or JavaEiffel if-elseif-elseif-else-end caseinspect for, while, do-whilefrom-until-loop-end.
Chair of Software Engineering Concurrent Object-Oriented Programming Prof. Dr. Bertrand Meyer Exercise Session 1: Eiffel Introduction.
Chair of Software Engineering OOSC - Summer Semester Object-Oriented Software Construction Bertrand Meyer.
Chair of Software Engineering Einführung in die Programmierung Introduction to Programming Prof. Dr. Bertrand Meyer Exercise Session 6.
Introduction to Computer Programming in C
Design by Contract ™. 2 Design by Contract A discipline of analysis, design, implementation, management.
1 Advanced Material The following slides contain advanced material and are optional.
Chair of Software Engineering ATOT - Lecture 12, 12 May Advanced Topics in Object Technology Bertrand Meyer.
Principles of Object-Oriented Software Development The language Eiffel.
Chair of Software Engineering Einführung in die Programmierung Introduction to Programming Prof. Dr. Bertrand Meyer Lecture 6: Object Creation.
Chair of Software Engineering Einführung in die Programmierung Introduction to Programming Prof. Dr. Bertrand Meyer Exercise Session 3.
1 Advanced Material The following slides contain advanced material and are optional.
Chair of Software Engineering Einführung in die Programmierung Introduction to Programming Prof. Dr. Bertrand Meyer Lecture 4: The Interface of a Class.
Chair of Software Engineering OOSC - Summer Semester Object-Oriented Software Construction Bertrand Meyer Lecture 12: Design by Contract™
Chair of Software Engineering Einführung in die Programmierung Introduction to Programming Prof. Dr. Bertrand Meyer Lecture 4: The Interface of a Class.
Chair of Software Engineering Einführung in die Programmierung Introduction to Programming Prof. Dr. Bertrand Meyer Lecture 9: Abstraction.
OOP #10: Correctness Fritz Henglein. Wrap-up: Types A type is a collection of objects with common behavior (operations and properties). (Abstract) types.
Chair of Software Engineering Concurrent Object-Oriented Programming Prof. Dr. Bertrand Meyer Lecture 9: Contracts and Inheritance (based on work with.
Chair of Software Engineering ATOT - Lecture 11, 7 May Advanced Topics in Object Technology Bertrand Meyer.
Chair of Software Engineering Einführung in die Programmierung Introduction to Programming Prof. Dr. Bertrand Meyer Exercise Session 4.
Chair of Software Engineering Einführung in die Programmierung Introduction to Programming Prof. Dr. Bertrand Meyer Lecture 6: Object Creation.
1 Advanced Material The following slides contain advanced material and are optional.
Chair of Software Engineering Automatic Verification of Computer Programs.
Chair of Software Engineering Einführung in die Programmierung Introduction to Programming Prof. Dr. Bertrand Meyer Exercise Session 3.
Eiffel Language and Design by Contract Contract –An agreement between the client and the supplier Characteristics –Expects some benefits and is prepared.
Chair of Software Engineering Einführung in die Programmierung Introduction to Programming Prof. Dr. Bertrand Meyer Exercise Session 5.
Adding Contracts to Ada Ehud Lamm Adding Design By Contract to Ada.
Chair of Software Engineering Einführung in die Programmierung Introduction to Programming Prof. Dr. Bertrand Meyer Lecture 9: Abstraction.
Chair of Software Engineering Einführung in die Programmierung Introduction to Programming Prof. Dr. Bertrand Meyer Exercise Session 3.
Database Management Systems (DBMS)
Forms 3, 4 and 5 Filer Demonstration Command Financial.
Ranga Rodrigo. Class is central to object oriented programming.
Training Workshop on the use of the CRF Reporter for European Community Experts Introduction Copenhagen – 12 September 2005 James Grabert Inventories sub-programme.
Chair of Software Engineering 1 Introduction to Programming Bertrand Meyer Exercise Session October 2008.
Slideshow Slideshow 1B Creating the Chart of Accounts and Batch Processing in the General Ledger.
Tammy Dahlgren with Tom Epperly, Scott Kohn, and Gary Kumfert Center for Applied Scientific Computing Common Component Architecture Working Group October.
Chair of Software Engineering Einführung in die Programmierung Introduction to Programming Prof. Dr. Bertrand Meyer Exercise Session 5.
Contracts for Concurrency - Contracts & Inheritance Aryabrata Basu University of Georgia.
2-3 Tree. Slide 2 Outline  Balanced Search Trees 2-3 Trees Trees.
Binary Search Tree vs. Balanced Search Tree. Why care about advanced implementations? Same entries, different insertion sequence: 10,20,30,40,50,60,70,
Chair of Software Engineering Einführung in die Programmierung Introduction to Programming Prof. Dr. Bertrand Meyer Exercise Session 5.
CPSC 252 The Big Three Page 1 The “Big Three” Every class that has data members pointing to dynamically allocated memory must implement these three methods:
More on Correctness. Prime Factorization Problem: Write a program that computes all the prime factors of a given number Solution (Idea): Factors are less.
Intermediate 2 Computing Unit 2 - Software Development.
Chair of Software Engineering 1 Introduction to Programming Bertrand Meyer Exercise Session October 2008.
Chair of Software Engineering Einführung in die Programmierung Introduction to Programming Prof. Dr. Bertrand Meyer Exercise Session 3.
Chair of Software Engineering 1 Introduction to Programming Bertrand Meyer Exercise Session October 2008.
ANU COMP2110 Software Design in 2003 Lecture 10Slide 1 COMP2110 Software Design in 2004 Lecture 12 Documenting Detailed Design How to write down detailed.
Understanding ADTs CSE 331 University of Washington.
1 Assertions. 2 A boolean expression or predicate that evaluates to true or false in every state In a program they express constraints on the state that.
PROGRAMMING PRE- AND POSTCONDITIONS, INVARIANTS AND METHOD CONTRACTS B MODULE 2: SOFTWARE SYSTEMS 13 NOVEMBER 2013.
Week 9, Class 3: Java’s Happens-Before Memory Model (Slides used and skipped in class) SE-2811 Slide design: Dr. Mark L. Hornick Content: Dr. Hornick Errors:
DBC NOTES. Design By Contract l A contract carries mutual obligations and benefits. l The client should only call a routine when the routine’s pre-condition.
Chair of Software Engineering 1 Introduction to Programming Bertrand Meyer Exercise Session October 2008.
1 Exceptions When the Contract is Broken. 2 Definitions A routine call succeeds if it terminates its execution in a state satisfying its contract A routine.
Design by Contract. The Goal Ensure the correctness of our software (correctness) Recover when it is not correct anyway (robustness) Correctness: Assertions.
1 Handling Errors and Exceptions Chapter 6. 2 Objectives You will be able to: 1. Use the try, catch, and finally statements to handle exceptions. 2. Raise.
Week 8, Class 3: Model-View-Controller Final Project Worth 2 labs Cleanup of Ducks Reducing coupling Finishing FactoryMethod Cleanup of Singleton SE-2811.
© Bertrand Meyer and Yishai Feldman Notice Some of the material is taken from Object-Oriented Software Construction, 2nd edition, by Bertrand Meyer (Prentice.
Chair of Software Engineering Void safety these slides contain advanced material and are optional.
Design by Contract Jim Fawcett CSE784 – Software Studio
Design by Contract Jim Fawcett CSE784 – Software Studio
Chapter 9 :: Subroutines and Control Abstraction
The following slides contain advanced material and are optional.
Einführung in die Programmierung Introduction to Programming Prof. Dr
Einführung in die Programmierung Introduction to Programming Prof. Dr
Presentation transcript:

1 Advanced Material The following slides contain advanced material and are optional.

2 Outline  Invariants  Violating the invariant  Marriage problem

3 Invariants explained in 60 seconds  Consistency requirements for a class  Established after object creation  Hold, when an object is visible  Entry of a routine  Exit of a routine class ACCOUNT feature balance: INTEGER invariant balance >= 0 end

4 Temporary violation  Invariants can be violated temporarily e.g. on object creation  In Eiffel, invariants are checked on entry and exit of a qualified feature call  One exception: for calls to creation procedures, invariants are not checked on entry to routine  e.g create cell.set_item (1)  But checked for normal call: cell.set_item (1)  See demo.

5 Public interface of person (without contracts) class PERSON feature spouse: PERSON -- Spouse of Current. marry (a_other: PERSON) -- Marry `a_other’. do … end class MARRIAGE feature make local alice: PERSON bob: PERSON do create alice create bob bob.marry (alice) end

6 Write the contracts class PERSON feature spouse: PERSON marry (a_other: PERSON) require ?? ensure ?? invariant ?? end Hands-On

7 A possible solution class PERSON feature spouse: PERSON marry (a_other: PERSON) require a_other /= Void a_other.spouse = Void spouse = Void ensure spouse = a_other a_other.spouse = Current end invariant spouse /= Void implies spouse.spouse = Current spouse /= Current end

8 Implementing marry class PERSON feature spouse: PERSON marry (a_other: PERSON) require a_other /= Void a_other.spouse = Void spouse = Void do ?? ensure spouse = a_other a_other.spouse = Current end invariant spouse /= Void implies spouse.spouse = Current spouse /= Current end

9 Implementing marry I class PERSON feature spouse: PERSON marry (a_other: PERSON) require a_other /= Void a_other.spouse = Void spouse = Void do a_other.spouse := Current spouse := a_other ensure spouse = a_other a_other.spouse = Current end invariant spouse /= Void implies spouse.spouse = Current spouse /= Current end Hands-On Compiler Error: No assigner command for a_other

10 class PERSON feature spouse: PERSON marry (a_other: PERSON) require a_other /= Void a_other.spouse = Void spouse = Void do a_other.set_spouse (Current) spouse := a_other ensure spouse = a_other a_other.spouse = Current end set_spouse (a_person: PERSON) do spouse := a_person end invariant spouse /= Void implies spouse.spouse = Current spouse /= Current end Implementing marry II Hands-On local bob, alice: PERSON do create bob; create alice bob.marry (alice) bob.set_spouse (Void) -- What about the invariants -- of bob and alice? end

11 Implementing marry III class PERSON feature spouse: PERSON marry (a_other: PERSON) require a_other /= Void a_other.spouse = Void spouse = Void do a_other.set_spouse (Current) spouse := a_other ensure spouse = a_other a_other.spouse = Current end feature {PERSON} set_spouse (a_person: PERSON) do spouse := a_person end invariant spouse /= Void implies spouse.spouse = Current spouse /= Current end Hands-On What about the invariant of a_other in feature marry?

12 Implementing marry : final version class PERSON feature spouse: PERSON marry (a_other: PERSON) require a_other /= Void a_other.spouse = Void spouse = Void do spouse := a_other a_other.set_spouse (Current) ensure spouse = a_other a_other.spouse = Current end feature {PERSON} set_spouse (a_person: PERSON) do spouse := a_person end invariant spouse /= Void implies spouse.spouse = Current spouse /= Current end

13 Ending the marriage class PERSON feature spouse: PERSON divorce require spouse /= Void do spouse.set_spouse (Void) spouse := Void ensure spouse = Void (old spouse).spouse = Void end invariant spouse /= Void implies spouse.spouse = Current spouse /= Current end Hands-On Is the order of instructions in divorce important for the invariant?

14 What we have seen  Invariant should only depend on Current object  If invariant depends on other objects  Take care who can change state  Take care in which order you change state  Invariant can be temporarily violated  You can still call features on Current object  Take care in calling other objects, they might call back Although writing invariants is not that easy, they are necessary to do formal proofs. This is also the case for loop invariants (which will come later).

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.