Presentation is loading. Please wait.

Presentation is loading. Please wait.

OOP #10: Correctness Fritz Henglein. Wrap-up: Types A type is a collection of objects with common behavior (operations and properties). (Abstract) types.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "OOP #10: Correctness Fritz Henglein. Wrap-up: Types A type is a collection of objects with common behavior (operations and properties). (Abstract) types."— Presentation transcript:

1 OOP #10: Correctness Fritz Henglein

2 Wrap-up: Types A type is a collection of objects with common behavior (operations and properties). (Abstract) types can only be accessed through their operations. A type in object-oriented programming is usually decribed by an object protocal: which operations they have, but not what properties they have (object protocol)

3 Wrap-up: Types... An interface defines an object protocol. A class defines object protocol, class protocol and an implementation A type is a subtype of another if each object of the first type is also an object of the second type.

4 Wrap-up: Types... Upcasts and downcasts convert objects from one type to another Upcasts have no run-time effect on objects and can be omitted from the source code. (No code generated!) Downcasts on objects check the runtime type of an object; may raise exception. (Code for test generated!) Upcasts on objects correspond to application of subtype polymorphism; may be omitted.

5 Correctness Specification and code (Formal) verification Testing Design by contract

6 Specification and code Programs have a purpose Specification: explicit properties a program should have (what it should accomplish) Correctness: Proof/argument that a program satisfies its specification to a satisfactory degree

7 Verification Specification: Complete specification of all desired properties in formal, mathematical language Correctness: Formal or rigorous (mathematical) proof of correctness Requires: Formal/rigorous semantics for specification language and programming language

8 Verification: Properties Only method to ‘check’ the infinity of all possible inputs a program may ever be tried on Total bug elimination Requires mathematical sophistication in people and tools Doesn’t apply to ill-specified systems Doesn’t scale well. Expensive Applied in high-cost-per-bug areas (e.g., hardware, avionics)

9 Note: Verification: “Did we build the system right?” Validation: “Did we build the right system?”

10 Partial verification (type checking, static analysis) Partial verification: Formal verification of some properties, not all Usually applied to general robustness properties: doesn’t generate type error (static type checking) doesn’t dereference null pointers (extended static checking)

11 Testing Exercising (production) code on a well- design test suite Purpose: Finding as many bugs as possible within reasonable

12 Testing: Granularity Unit testing: testing of individual methods, classes Integration testing: testing of interaction between several units System testing: testing of whole system Acceptance testing (validation): testing of whole system

13 Testing: Methods White-box testing: Design test suite by analysis of code; ensure coverage of all statements in code Black-box testing: Design test suite by analysis of specification; ensure coverage of boundary cases, important cases.

14 Testing: Process Seed test suite (from specification) Incrementally: Add tests (‘specify’) and code (‘implement’) hand- in-hand Run test suit Fix code (plus add additional tests) Regression testing: Repeat execution of whole test suite to catch (re)introduction of bugs

15 Test-driven design Forces thinking about precise specifications, in particular interfaces Catches bugs early (the later the more expensive) Eases bug location Forces thinking about building support for testing into the program design

16 Design by contract Program design driven by ‘contract’ model (method) precondition: a property that must hold

17 Conditions (invariants) Precondition: a property that must hold upon entry into a method. Postcondition: a property that must hold upon exit from a method. Class invariant: a property that must hold both upon entry and upon exit from a method. Assertion: a property that must hold

18 Who is responsible? Precondition: The precondition must be ensured by the caller (client) Postcondition: The postcondition must be ensured by the method (service provider) Class invariant: The class invariant must be ensured by the class (service provider)

19 Property of what? Precondition: The precondition involves the receiver object and all arguments of a method call. Postcondition: The postcondition involves the receiver object and all arguments of a method call. Note: The receiver object’s properties should be statable through its public interface.

20 Property of what?... Class invariant: The class invariant involves instance variables and methods. Note: The class invariant may refer to private fields and methods.

21 Assertion (invariant) An assertion is any executable statement, which may either succeed or fail. Intention: The assertion should always succeed. An assertion is executed at runtime. If it fails the program is terminated, or a failure report is logged.

22 Design by contract Define interface with properties in the form of: method preconditions and postconditions class invariants loop invariants (assertion in loops) assertions other places Enforce invariants

23 Enforcing invariants Static checking: Prove that all invariants will always hold for any input Example: Extended Static Checking; e.g. ESC/Java Dynamic checking: Execute invariants as assertions at runtime; signal error if assertion doesn’t succeed (proof that invariants do not always hold)

24 Enforcing invariants Dynamic checking: Execute invariants as assertions at runtime; signal error if assertion doesn’t succeed (proof that invariants do not always hold) Example: Eiffel (built into the language); for Java: e.g. iContract (preprocessor), plus other tools

Download ppt "OOP #10: Correctness Fritz Henglein. Wrap-up: Types A type is a collection of objects with common behavior (operations and properties). (Abstract) types."

Similar presentations

Copyright © 2006 The McGraw-Hill Companies, Inc. Programming Languages 2nd edition Tucker and Noonan Chapter 18 Program Correctness To treat programming.

Copyright © 2006 The McGraw-Hill Companies, Inc. Programming Languages 2nd edition Tucker and Noonan Chapter 18 Program Correctness To treat programming.
Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
Copyright W. Howden1 Programming by Contract CSE 111 6/4/2014.

Copyright W. Howden1 Programming by Contract CSE 111 6/4/2014.
SPL/2010 Test-Driven Development (TDD) 1. SPL/2010 2.

SPL/2010 Test-Driven Development (TDD) 1. SPL/
Semantics Static semantics Dynamic semantics attribute grammars

Semantics Static semantics Dynamic semantics attribute grammars
Annoucements  Next labs 9 and 10 are paired for everyone. So don’t miss the lab.  There is a review session for the quiz on Monday, November 4, at 8:00.

Annoucements  Next labs 9 and 10 are paired for everyone. So don’t miss the lab.  There is a review session for the quiz on Monday, November 4, at 8:00.
Copyright © 2006 Addison-Wesley. All rights reserved.1-1 ICS 410: Programming Languages Chapter 3 : Describing Syntax and Semantics Axiomatic Semantics.

Copyright © 2006 Addison-Wesley. All rights reserved.1-1 ICS 410: Programming Languages Chapter 3 : Describing Syntax and Semantics Axiomatic Semantics.
ISBN 0-321-33025-0 Chapter 3 Describing Syntax and Semantics.

ISBN Chapter 3 Describing Syntax and Semantics.
CS 355 – Programming Languages

CS 355 – Programming Languages
Www.ics.mq.edu.au/ppdp ITEC200 Week02 Program Correctness and Efficiency.

ITEC200 Week02 Program Correctness and Efficiency.
Copyright W. Howden1 Lecture 13: Programming by Contract.

Copyright W. Howden1 Lecture 13: Programming by Contract.
Copyright © 2006 The McGraw-Hill Companies, Inc. Programming Languages 2nd edition Tucker and Noonan Chapter 18 Program Correctness To treat programming.

Copyright © 2006 The McGraw-Hill Companies, Inc. Programming Languages 2nd edition Tucker and Noonan Chapter 18 Program Correctness To treat programming.
Software Testing and Quality Assurance

Software Testing and Quality Assurance
Static and Dynamic Contract Verifiers For Java Hongming Liu.

Static and Dynamic Contract Verifiers For Java Hongming Liu.
JML and Class Specifications Class invariant JML definitions Queue example Running JML in Eclipse.

JML and Class Specifications Class invariant JML definitions Queue example Running JML in Eclipse.
Copyright © 2006 The McGraw-Hill Companies, Inc. Programming Languages 2nd edition Tucker and Noonan Chapter 18 Program Correctness To treat programming.

Copyright © 2006 The McGraw-Hill Companies, Inc. Programming Languages 2nd edition Tucker and Noonan Chapter 18 Program Correctness To treat programming.
Objectives Understand the basic concepts and definitions relating to testing, like error, fault, failure, test case, test suite, test harness. Understand.

Objectives Understand the basic concepts and definitions relating to testing, like error, fault, failure, test case, test suite, test harness. Understand.
Page 1 Building Reliable Component-based Systems Chapter 6 - Semantic Integrity in Component Based Development Chapter 6 Semantic Integrity in Component.

Page 1 Building Reliable Component-based Systems Chapter 6 - Semantic Integrity in Component Based Development Chapter 6 Semantic Integrity in Component.
1 Advanced Material The following slides contain advanced material and are optional.

1 Advanced Material The following slides contain advanced material and are optional.
Chapter 1 Principles of Programming and Software Engineering.

Chapter 1 Principles of Programming and Software Engineering.

Similar presentations

Ads by Google