1 / 8

Contract based programming

Contract based programming. using pre- and post-conditions. Design by contract. Idea A program is correct if given correct input the program produces correct output. Correct input → PROGRAM → correct output A program is considered a kind of “black box”

edythe
Télécharger la présentation

Contract based programming

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Contract based programming using pre- and post-conditions Pre- and post-conditions, Using exceptions

  2. Design by contract • Idea • A program is correct if given correct input the program produces correct output. • Correct input → PROGRAM → correct output • A program is considered a kind of “black box” • Same idea applies to parts of a program • Methods, functions, etc. • Correct input → METHOD → correct output • Precondition • Specification of correct input • Postcondition • Specification of correct output Pre- and post-conditions, Using exceptions

  3. Pre- and postconditions • Statement that evaluates to true or false • Many Java methods have a precondition • Class.forName(String className) • Assumes className != null and that the class exists. • Integer.parseInt(String s) • Assumes that the String s contains a number • If you don’t respect the precondition the methods will most likely throw some kind of (runtime) exception • IllegalArgumentException • NumberFormatException • A subclass of IllegalArgumentException • In Java pre- and postconditions are not part of method signatures • You can specify pre- an postconditions as comments Pre- and post-conditions, Using exceptions

  4. class S { // pre: A; post: B method(int p) { … } } class T extends S { // pre: X; post: Y method(int p) { … } } X can be weaker than A Y can be stronger than B Example A: p > 0 disallows 0 X: p ≥ 0 allows 0 B result is true or false Example: Collection.add() Y result is always true Example: List.add() Pre- and postconditions used with method overriding Pre- and post-conditions, Using exceptions

  5. Invariant • An invariant is a statement that is invariably true. • Class invariant • Statement about the objects state between method invocation • Loop invariant • Statement about the state of variables in a loop Pre- and post-conditions, Using exceptions

  6. Proof of post condition • The idea of introducing pre- and postconditions is to formally (mathematically) prove the postcondition from the preconditions • Precondition AND program implies post condition • An invariant may help doing the proof. • However, often the proof can be quite hard to do. • Usually only done in critical systems • Controlling hospital equipment, satellites, etc. • Usually more errors in the proof than in the program • But gives you a chance to rethink you program. Pre- and post-conditions, Using exceptions

  7. Stating pre- and post-conditions • In Java pre- and post-conditions are usually described in the JavaDoc comments • /** PRE: a > 0*/ • void method(int a) {…} Pre- and post-conditions, Using exceptions

  8. Checking pre-conditions • In Java pre-conditions can be checked using simple if-statements • If (parameter is not legal) throw SomeException • The exception thrown is often an IllegalArgumentException, or one of its subclasses • NumberFormatException Pre- and post-conditions, Using exceptions

More Related