1 / 24

David Evans http://www.cs.virginia.edu/~evans

Lecture 12: Subtyping Rules. Killer. Bear. Climber. What’s the difference between a Black Bear and a Grizzly Bear?. KillingBear. David Evans http://www.cs.virginia.edu/~evans.

fairfax
Télécharger la présentation

David Evans http://www.cs.virginia.edu/~evans

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Lecture 12: Subtyping Rules Killer Bear Climber What’s the difference between a Black Bear and a Grizzly Bear? KillingBear David Evans http://www.cs.virginia.edu/~evans When you climb up the tree, the Black Bear climbs up after you. The Grizzly Bear knocks down the tree. (Which is the behavioral subtype?) BlackBear GrizzlyBear CS201j: Engineering Software University of Virginia Computer Science

  2. Recap • If B is a subtype of A, everywhere the code expects an A, a B can be used instead • To implement a subtype, it is often useful to use the implementation of its supertype class B extends A B is a subtype of A B inherits from A class C implements F C is a subtype of F CS 201J Fall 2002

  3. Subtyping Example public class Bear { public Bear () { } abstract public boolean chaseHuman (Human h); public void eatHuman (Human h) { if (chaseHuman (h)) say (“Yum Yum!”); } public void say (String s) { System.err.println (“Bear says: ” + s); } public class BlackBear extends Bear { public boolean chaseHuman (Human h) { // follow h and climb the tree return true; } public void say (String s) { System.err.println (“BlackBear says: ” + s); } BlackBear b = new BlackBear (); b.eatHuman (h); CS 201J Fall 2002

  4. How do we know if saying B is a subtype of Ais safe?

  5. Substitution Principle • If B is a subtype of A, everywhere the code expects an A, a B can be used instead For a function f (A), if f satisfies its specification when passed an object whose actual type is type A, f also satisfies its specification when passed an object whose actual type is B. CS 201J Fall 2002

  6. What needs to be true? For a function f (a A), if f satisfies its specification when passed an object whose actual type is type A, f also satisfies its specification when passed an object whose actual type is B. public int f (a A, x X) { return a.m (x); } CS 201J Fall 2002

  7. Subtype Condition 1: Signature Rule We can use a subtype method where a supertype methods is expected: • Subtype must implement all of the supertype methods • Argument types must not be more restrictive • Result type must be at least as restrictive • Subtype method must not throw exceptions that are not subtypes of exceptions thrown by supertype CS 201J Fall 2002

  8. Signature Rule class A { public RA m (PA p) ; } class B extends A { public RB m (PB p) ; } RB must be a subtype of RA: RB <= RA PB must be a supertype of PA: PB >= PA covariant for results, contravariant for parameters CS 201J Fall 2002

  9. Signature Examples public class Object { public boolean equals (Object o) ; } public class String extends Object { } public boolean equals (Object o) ; CS 201J Fall 2002

  10. Signature Examples public class CellSet { // A set of Cell’s. public Cell choose () throws NoSuchElementException ; } public class ConwayCellSet extends CellSet { // A set of ConwayCell (<= Cell) objects. public ConwayCell choose () } public Cell choose () ; Return type must be a supertype. CS 201J Fall 2002

  11. Java’s Rule • Java compiler is stricter than this: doesn’t allow any variation in types (“novariant”): • Overriding method must have same return and parameter types • Overriding method can throw fewer exceptions. CS 201J Fall 2002

  12. What needs to be true? For a function f (a A), if f satisfies its specification when passed an object whose actual type is type A, f also satisfies its specification when passed an object whose actual type is B. public int f (a A, x X) { // REQUIRES: a is initialized // EFFECTS: returns a.value * x.value return a.m (x); } CS 201J Fall 2002

  13. Subtype Condition 2: Methods Rule • Precondition of the subtype method must be weaker than the precondition of the supertype method. mA.pre  mB.pre • Postcondition of the subtype method must be stronger than the postcondition of the supertype method. mB.post  mA.post CS 201J Fall 2002

  14. Methods Rule Example public int f (a A, x X) { // REQUIRES: a is initialized // EFFECTS: returns a.value * x.value return a.m (x); } public class A { // An A may be initialized or uninitialized. // An initialized A has an associated int value. public int m (x X) { // REQUIRES: this is initialized } public class B extends A { // A B may be initialized or uninitialized. // A B may be awake or asleep. // An initialized B has an associated int value. public int m (x X) { // REQUIRES: this is initialized and awake } Can’t make the precondition stronger! The callsite might not satisfy it. CS 201J Fall 2002

  15. Methods Rule Example public int f (a A, x X) { // REQUIRES: a is initialized // EFFECTS: returns a.value * x.value return a.m (x); } public class A { // An A may be initialized or uninitialized. // An initialized A has an associated int value. public int m (x X) { // REQUIRES: this is initialized } public class B extends A { // A B may be initialized or uninitialized. // A B may be awake or asleep. // An initialized B has an associated int value. public int m (x X) { // REQUIRES: nothing } CS 201J Fall 2002

  16. Subtype Condition 3: Properties Subtypes must preserve all properties described in the overview specification of the supertype. CS 201J Fall 2002

  17. Substitution Principle Is this the only way? CS 201J Fall 2002

  18. Substitution Principle Summary • Signatures: subtype methods must be type correct in supertype callsites: result is a subtype (covariant), parameters are supertypes (contravariant) • Methods: subtype preconditions must be weaker than supertype preconditions (covariant); subtype postconditions must be stronger than supertype postconditions (contravariant) • Properties: subtype must preserve all properties specified in supertype overview CS 201J Fall 2002

  19. Eiffel’s Rules (Described in Bertrand Meyer paper out today) CS 201J Fall 2002

  20. Eiffel Rules The types of the parameters in the subtype method may be subtypes of the supertype parameters. How can Girl override set_roomate? set_roommate (Girl g) set_roommate (Boy b) Opposite of substitution principle! Skier set_roommate (Skier) Boy Girl CS 201J Fall 2002

  21. Can’t Get Up? s: skier; g: girl; b: boy; s := g; ... s.set_roommate (b); Skier set_roommate (Skier) Girl set_roomate (Girl) Boy CS 201J Fall 2002

  22. Meyer’s Excuse Strangely enough, some workers in the field have been advocating a contravariant policy. Here it would mean that if we go for example to class RANKED_GIRL, where the result of roommate is naturally redefined to be of type RANKED_GIRL, we may for the argument of routine share use type GIRL, or rather scaringly, SKIER of the most general kind. One type that is never permitted in this case is RANKED_GIRL! Here is what, under various mathematical excuses, some professors have been promoting. No wonder teenage pregnancies are on the rise. CS 201J Fall 2002

  23. PS5 • First part (due Thursday Oct 24): • Questions about subtyping rules • Which rules make most sense? • Which rules are most useful for real programs? • Exercises to learn about concurrency (Thursday) • Design a distributed simulation of something interesting • Second part (due Halloween): • Implement your distributed simulation CS 201J Fall 2002

  24. Charge Must it be assumed that because we are engineers beauty is not our concern, and that while we make our constructions robust and durable we do not also strive to make them elegant? Is it not true that the genuine conditions of strength always comply with the secret conditions of harmony? Gustav Eiffel CS 201J Fall 2002

More Related