Contracts for Concurrency - Contracts & Inheritance Aryabrata Basu University of Georgia.

Slides:



Advertisements
Similar presentations
Chapter 17 Failures and exceptions. This chapter discusses n Failure. n The meaning of system failure. n Causes of failure. n Handling failure. n Exception.
Advertisements

Design by Contract.
Copyright W. Howden1 Programming by Contract CSE 111 6/4/2014.
SCOOP: Simple Concurrent Object-Oriented Programming Extend the pure, strongly typed, object-oriented language Eiffel with a general and powerful concurrency.
Chair of Software Engineering Concurrent Object-Oriented Programming Prof. Dr. Bertrand Meyer Lecture 10: Advanced Object-Oriented Mechanisms (based on.
Chair of Software Engineering Concurrent Object-Oriented Programming Prof. Dr. Bertrand Meyer Exercise Session 1: Eiffel Introduction.
2 nd Microsoft Rotor Workshop, Pisa, April 23-25, SCOOPLI for.NET: a library for concurrent object-oriented programming Volkan Arslan, Piotr Nienaltowski.
SCOOP on.NET Volkan Arslan Chair of Software Engineering ETH Zurich, Switzerland
Design by Contract. Design by contract is the process of developing software based on the notion of contracts between objects, which are expressed as.
Chair of Software Engineering OOSC - Summer Semester Object-Oriented Software Construction Bertrand Meyer.
Chair of Software Engineering Concurrent Object-Oriented Programming Prof. Dr. Bertrand Meyer Lecture 7: SCOOP Type System (based on work with Piotr Nienaltowski)
Chair of Software Engineering PPoPP 2003, , San Diego SCOOP it up! Piotr Nienaltowski Chair of Software Engineering, ETH Zurich, Switzerland.
Copyright © 2006 Addison-Wesley. All rights reserved.1-1 ICS 410: Programming Languages Chapter 3 : Describing Syntax and Semantics Axiomatic Semantics.
1 Design by Contract Building Reliable Software. 2 Software Correctness Correctness is a relative notion  A program is correct with respect to its specification.
Chair of Software Engineering OOSC - Summer Semester Object-Oriented Software Construction Bertrand Meyer.
Chair of Software Engineering Piotr Nienaltowski, SCOOP Simple Concurrent Object-Oriented Programming.
Design by Contract. Specifications Correctness formula (Hoare triple) {P} A {Q} – A is some operation (for example, a routine body) – P and Q are predicates.
Chair of Software Engineering OOSC - Summer Semester Object-Oriented Software Construction Bertrand Meyer.
Avoid a void Bertrand Meyer With major contributions by Emmanuel Stapf & Alexander Kogtenkov (Eiffel Software)
Chair of Software Engineering Piotr Nienaltowski, , Concurrent Object-Oriented Programming Bertrand Meyer, Piotr Nienaltowski.
Chair of Software Engineering Piotr Nienaltowski, , Concurrent Object-Oriented Programming Bertrand Meyer, Piotr Nienaltowski.
Software Testing and Quality Assurance
1 Advanced Material The following slides contain advanced material and are optional.
Chair of Software Engineering OOSC - Summer Semester Object-Oriented Software Construction Bertrand Meyer.
Chair of Software Engineering ATOT - Lecture 12, 12 May Advanced Topics in Object Technology Bertrand Meyer.
Principles of Object-Oriented Software Development The language Eiffel.
Static and Dynamic Contract Verifiers For Java Hongming Liu.
Chair of Software Engineering ATOT - Lecture 26, 30 June Advanced Topics in Object Technology Bertrand Meyer.
Chair of Software Engineering 1 Introduction to Programming Bertrand Meyer Exercise Session 6 7 October 2008.
Covariance & anchored types 2 Covariance? Within the type system of a programming language, a typing rule or a type conversion operator is*:
OOP #10: Correctness Fritz Henglein. Wrap-up: Types A type is a collection of objects with common behavior (operations and properties). (Abstract) types.
Chair of Software Engineering ATOT - Lecture 25, 30 June Advanced Topics in Object Technology Bertrand Meyer.
Chair of Software Engineering Avoid a void Bertrand Meyer ©Bertrand Meyer, 2008.
Chair of Software Engineering Concurrent Object-Oriented Programming Prof. Dr. Bertrand Meyer Lecture 9: Contracts and Inheritance (based on work with.
Chair of Software Engineering 1 Introduction to Programming Exercise Session Week 9 M. Piccioni 17/18 November 2008.
Chair of Software Engineering ATOT - Lecture 23, 23 June Advanced Topics in Object Technology Bertrand Meyer.
1 Sharing Objects – Ch. 3 Visibility What is the source of the issue? Volatile Dekker’s algorithm Publication and Escape Thread Confinement Immutability.
CS 330 Programming Languages 09 / 16 / 2008 Instructor: Michael Eckmann.
Chair of Software Engineering Concurrent Object-Oriented Programming Prof. Dr. Bertrand Meyer Lecture 6:Computational Model (based on work with Piotr Nienaltowski)
Chair of Software Engineering Concurrent Object-Oriented Programming Prof. Dr. Bertrand Meyer Lecture 2: an overview of SCOOP.
Chair of Software EngineeringPiotr Nienaltowski, 2 nd SCOOP workshop, SCOOP update and proposed extensions Piotr Nienaltowski.
Chair of Software EngineeringOOSC – Summer Semester 2005 Object-Oriented Software Construction Bertrand Meyer Lecture 19: SCOOP Simple Concurrent Object-Oriented.
Subclasses and Subtypes CMPS Subclasses and Subtypes A class is a subclass if it has been built using inheritance. ▫ It says nothing about the meaning.
1 Abstraction  Identify important aspects and ignore the details  Permeates software development programming languages are abstractions built on hardware.
More About Classes Ranga Rodrigo. Information hiding. Copying objects.
ABSTRACT The real world is concurrent. Several things may happen at the same time. Computer systems must increasingly contend with concurrent applications.
© 2006 Pearson Addison-Wesley. All rights reserved 2-1 Chapter 2 Principles of Programming & Software Engineering.
(c) University of Washington13-1 CSC 143 Java Specifications: Programming by Contract Reading: Ch. 5.
ANU COMP2110 Software Design in 2003 Lecture 10Slide 1 COMP2110 Software Design in 2004 Lecture 12 Documenting Detailed Design How to write down detailed.
L13: Design by Contract Definition Reliability Correctness Pre- and post-condition Asserts and Exceptions Weak & Strong Conditions Class invariants Conditions.
Ceg860 (Prasad)L17IT1 Inheritance Techniques Subcontracting Anchored Types.
1 Assertions. 2 A boolean expression or predicate that evaluates to true or false in every state In a program they express constraints on the state that.
Defensive Programming CNS 3370 Copyright 2003, Fresh Sources, Inc.
CSCI-383 Object-Oriented Programming & Design Lecture 24.
PROGRAMMING PRE- AND POSTCONDITIONS, INVARIANTS AND METHOD CONTRACTS B MODULE 2: SOFTWARE SYSTEMS 13 NOVEMBER 2013.
CSSE501 Object-Oriented Development. Chapter 10: Subclasses and Subtypes  In this chapter we will explore the relationships between the two concepts.
Specifying Multithreaded Java semantics for Program Verification Abhik Roychoudhury National University of Singapore (Joint work with Tulika Mitra)
DBC NOTES. Design By Contract l A contract carries mutual obligations and benefits. l The client should only call a routine when the routine’s pre-condition.
Object Design More Design Patterns Object Constraint Language Object Design Specifying Interfaces Review Exam 2 CEN 4010 Class 18 – 11/03.
Design by Contract. The Goal Ensure the correctness of our software (correctness) Recover when it is not correct anyway (robustness) Correctness: Assertions.
© Bertrand Meyer and Yishai Feldman Notice Some of the material is taken from Object-Oriented Software Construction, 2nd edition, by Bertrand Meyer (Prentice.
CSCI 383 Object-Oriented Programming & Design Lecture 22 Martin van Bommel.
© Bertrand Meyer and Yishai Feldman Notice Some of the material is taken from Object-Oriented Software Construction, 2nd edition, by Bertrand Meyer (Prentice.
Design by Contract Jim Fawcett CSE784 – Software Studio
Design by Contract Jim Fawcett CSE784 – Software Studio
SCOOPLI for .NET: a library for concurrent object-oriented programming
Component Based Software Engineering
Simple Concurrent Object-Oriented Programming
Adaptive Code Via C#
Presentation transcript:

Contracts for Concurrency - Contracts & Inheritance Aryabrata Basu University of Georgia

Preconditions In sequential context: precondition is correctness condition In concurrent context: feature call and feature application do not usually coincide “A supplier cannot assume that a property satisfied at the call time still holds at the execution time”.

Preconditions

Preconditions A precondition expresses the necessary requirements for a correct feature application. Precondition viewed as synchronization mechanism: A called feature cannot be executed unless the preconditions holds A violated precondition delays the feature’s execution The guarantee given to the supplier is exactly the same as with the traditional semantics.

Post-conditions A post-condition describes the result of a feature’s application. Post-conditions are evaluated asynchronously; wait by necessity does not apply. Post-condition clauses that do not involve calls on objects handled by the same processors are evaluated independently.

Post-conditions

Invariants Standard Eiffel semantics applies to class invariants in SCOOP because all the calls appearing in invariants must be non-separate. from x := 0 invariant x<= 10 until x= 10 loop x := x+1 end

Loop Invariants, Loop Variants and Check Asynchronous semantics is applied to loop variants, loop invariants, and check instruction. Check/Loop Execution Variants Invariants

Loop Invariants and Loop Variants

Reasoning about Objects: Sequential

Reasoning about Objects: Concurrent Hoare-style sequential reasoning Controlled expressions (known statically as part of the type system) are both: - Attached (statically known to be non void) - Handled by processor locked in current context

Inheritance Can we use inheritance as in the sequential world? Is multiple inheritance allowed? Does SCOOP suffer from inheritance anomalies?

Example: Dining Philosophers

Dining Philosophers

Inheritance Full support for inheritance (including multiple inheritance) Most inheritance anomalies eliminated thanks to the proper use of OO mechanisms What’s about Active objects?

Inheritance and Contracts Preconditions may be kept or weakened. - Less waiting Post-conditions may me kept or strengthened. - More guarantees to the client Invariants may be kept or strengthened - More consistency conditions See “Contracts for concurrency” paper.

Inheritance: Result re-declaration Covariant result re-declaration causes no problems. The client waits less.

Inheritance: formal argument re-declaration Formal argument types may be redefined contra-variant w.r.t processor tag. The client may only use non-separate actual arguments in polymorphic calls, so no additional blocking will happen.

Inheritance: formal argument re-declaration Formal argument types may be redefined contra-variant w.r.t detachable tags. The client waits less.

Impact on contracts Inherited precondition and post-condition clauses that involve calls on the redefined arguments may become invalid.

Impact on Contracts The re-declaring feature cannot rely on the precondition clauses involving the formal argument. Inherited precondition clauses involving calls on detachable formal arguments hold vacuously (trivially true). Post-conditions involving detachable formal arguments cannot be allowed.

Feature Re-declaration The redefinition rules for the individual components of a type are now clarified ◦ Class types may be redefined covariant both in result types and argument types but the redefinition of a formal argument forces it to become detachable. For example, assuming that Y conforms to X, an argument x: X may be redefined into x: detachable Y but not x: Y. An attribute may be redefined from my_x: X into my_x: Y. ◦ Detachable tags may be redefined from ? to ! in result types. They may be changed from ! to ? in argument types, provided that no call on the redefined argument occurs in the original post-condition. ◦ Processor tags may be redefined from T to something more specific in result types, and from more specific to T in argument types.

Problems with Precursor Calls Use of Precursor is not always possible.

Solution for Precursor Calls Need object test (downcast):

References -

Questions ?!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.