Behavioral Contracts and Behavioral Subtyping - PowerPoint PPT Presentation

1 / 19
About This Presentation
Title:

Behavioral Contracts and Behavioral Subtyping

Description:

Reusable S/W components (McIlroy, 1969) Produced with well specified interfaces ... Karaorman, Holzle, Bruno 'A reflective Java library to support design by contract' ... – PowerPoint PPT presentation

Number of Views:112
Avg rating:3.0/5.0
Slides: 20
Provided by: jungyo
Category:

less

Transcript and Presenter's Notes

Title: Behavioral Contracts and Behavioral Subtyping


1
Behavioral Contracts and Behavioral Subtyping
R. B. Findler, M. Latendresse, M.
Felleisen Proc. of ACM conference, Found. Of SE,
2001
  • 2002. 8.14
  • Jungyoon Kim

2
Contents
  • Introduction
  • Behavioral subtyping condition
  • Problems with prior work
  • Properly monitoring contracts
  • Related work
  • Conclusion future works

3
Introduction (1/2)
  • Reusable S/W components (McIlroy, 1969)
  • Produced with well specified interfaces
  • Adapted with wrapper
  • Component must not break its promises
  • Components contracts (Beugnard et al)
  • Synthetic contracts
  • ? Type
  • Behavioral contracts
  • ? pre, post condition and invariants
  • Sequencing contracts
  • ? threading, timing constraints
  • Quality of service contracts
  • ? time, space guarantees

4
Introduction (2/2)
  • Motivation
  • The flaws of existing tools (Extended Static
    Checking group)
  • verification is not possible if contracts are
    not violated
  • neither complete nor sound
  • computationally expensive
  • Contracts in Procedural, successful but,
  • in OOP, entirely missing blame for
    violations
  • Contribution
  • Demonstrates how to integrate contracts properly
  • according to the notion of behavioral subtyping
  • into a contract monitoring tool for java
  • Based on that of America, Liskov, Wing, Meyer

5
Behavioral Subtyping Condition (1/4)
  • Basic Idea
  • Covariance / Contravariance
  • Since B is an A, if code 1 is ok then code 2
    must be ok

interface A R foo(in P) interface B A
S foo(in Q) x A.foo(y) -------code 1
x B.foo(y) -------code 2
Contravariance S must be sub of R Covariance
P must be sub of Q
6
Behavioral Subtyping Condition (2/4)
  • Basic Idea
  • Covariance / Contravariance
  • Violation examples

Pfloat, Qint (violation of co..)
A.foo(2.1) --- ok B.foo(2.1) --- wrong
Sfloat, Rint (violation of contra..) B b
A a b 2.1 b.foo(y) -- ok 2.1 a.foo(y)
-- wrong
interface A R foo(in P) interface B A
S foo(in Q) x A.foo(y) ------code 1
x B.foo(y) ------code 2
7
Behavioral Subtyping Condition (3/4)
  • The condition

8
Behavioral Subtyping Condition (4/4)
  • The condition (multiple inheritance)

9
Problems with prior work (1/3)
  • Eiffel style contracts for Java
  • iContract, JMSAssert, jContractor, HandShake
  • Evaluating pre, post conditions

The basic mechanism If precondition fail ?
blame the calling code If postcondition fail ?
blame the method itself
10
Problem with prior work (2/3)
  • Eiffel style contracts for Java
  • Contract checking for Inheritance

11
Problem with prior work (3/3)
  • Eiffel style contracts for Java
  • Erroneous contract example
  • (agt0) (agt10)

Delayed, Incorrect Explanation for Contract
Violation blaming wrong part, making
the problem difficult to understand
12
Properly Monitoring Contracts (1/6)
  • Hierarchy Blame

Blame must be assigned to Cathy Cathy does
not violate the pre/post condition, but the
two preconditions have wrong relationship
13
Properly Monitoring Contracts (2/6)
  • Contract compiler

Contract Compiler
Pre and Post conditions
Wrapper methods
Wrapper check the contracts and call the
corresponding original method
14
Properly Monitoring Contracts (3/6)
  • Pattern Overview

15
Properly Monitoring Contracts (4/6)
  • Simple case
  • No hierarchy

Blames caller Blames class
16
Properly Monitoring Contracts (5/6)
  • An interface and
  • its implementation
  • Hierarchy

Four possibilities for precondition C and I 1.
both are true 2. both are false ----------
caller blamed 3. in C false, in I true--- C is
blamed 4. in C true, in I false--- no violation
signals - if instance of I --- caller is
blamed - if instance of C --- no error The
case of postcondition is similar
17
Hierarchy checking methods are generated for each
interface and class method
18
Related Work
  • Karaorman, Holzle, Bruno
  • A reflective Java library to support design by
    contract
  • does not check the hierarchy property
  • Edwards et al
  • create a parallel object to each original object
  • no guarantee that if created object satisfy then
    original too
  • Dhara, Leavens
  • disjunction of preconditions, conjunction of
    postconditions
  • the same problems mentioned previous slide
  • (agt0) (agt10)

19
Conclusion and Futurework
  • Existing contract tools are incorrect for certain
    violations
  • This paper suggests implementation idea for
    contract
  • handles three kind of errors (pre/postcondition
    and hierarchy)
  • Future work
  • Extends the translator to explicitly specify that
    a derived class is not behavioral subtype
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2025 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Behavioral Contracts and Behavioral Subtyping" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!