110 likes | 263 Views
Contract based programming. Using pre- and post-conditions, and object invariants. Design by contract. Idea A program is correct if given correct input the program produces correct output. Correct input → PROGRAM → correct output A program is considered a kind of “black box”
E N D
Contract based programming Using pre- and post-conditions, and object invariants Contract based programming
Design by contract • Idea • A program is correct if given correct input the program produces correct output. • Correct input → PROGRAM → correct output • A program is considered a kind of “black box” • Same idea applies to parts of a program • Methods, functions, etc. • Correct input → METHOD → correct output • Precondition • Specification of correct input • Postcondition • Specification of correct output Contract based programming
Contracts • A supplier (programmer) writes a class or method to be used by a client (another programmer) • The contract specifies • The public interface of the class / method • Pre-conditions • Post-conditions • Object invariants Contract based programming
Pre- and post-conditions • Pre-condition • What does the method expect? • Must be true before it makes sense to call the method • Methods should check this and throw appropriate exceptions • C# examples • Convert.ToInt32(String str) • Assumes str is a string that contains number. • If not it throws FormatException, or OverflowException • Post-condition • What does the method guarantee? • After the method has executed • Returned value, and/or change of object state Contract based programming
Object invariant • An invariant is a statement that is invariable true • Object invariant • Statement about the objects state between method invocations • Example: Class Student • Name != null, age >= 0 Contract based programming
C# language support • In C# there is no direct language support for programming by contract • Pre- and post-conditions, can be specified as comments to the methods • Invariants can be specified as comments to the class. • Pre-conditions and invariants must be checked in the beginning of all modifying methods, like set methods, etc. • The exception throw is often • ArgumentException • ArgumentNullException, a sub-class of ArgumentException • ArgumentOutOfRangeException, a sub-class of ArgumentException Contract based programming
ArgumentException • Thrown if there is something wrong (according to the pre-condition) with the argument (parameter) to the method. • Some properties • Message • The error message: Should be readable to humans • ParamName • Name of the parameter that caused the exception Some constructors • InnerException • Different from null if the exception is chained • Some constructors • ArgumentException() • No parameter: The catcher does not know what is wrong. • Don’t use … • ArgumentException(String message) • The catcher can use the message to write to the user, etc. • ArgumentException(String message, String paramName) • ArgumentException(String message, Exception innerException) • Useful for exception chaining Contract based programming
ArgumentNullException • Thrown when null reference is thrown is passed to a method that does not accept it as a valid argument • http://msdn.microsoft.com/en-us/library/System.ArgumentNullException(v=vs.110).aspx • Some properties • Like base class: ArgumentException • Constructors • ArgumentNullException() • Default message, no parameter name set • ArgumentNullException(String paramName) • Default message with parameter name. • Use this for most cases! • ArgumentNullException(String message, String paramName) • ArgumentNullException(String message, Exception innerException) Contract based programming
ArgumentOutOfRangeException • Thrown if the actual value of an argument (aka parameter) is outside the legal range • Example: Teacher salary, legal range >= 0 • Some properties • Like base class ArgumentException • ActualValue: The actual value of the parameter • Some constructors • ArgumentOutOfRangeException() • Do not use! No information about the problem. • ArgumentOutOfRangeException(String paramName) • ArgumentOutOfRangeException(String paramName, String message) • ArgumentOutOfRangeException(String paramName, Object actualValue, String message) • ArgumentOutOfRangeException(String message, Exception innerException) • Useful for exception chaining Contract based programming
Some aliases • Contract based programming aka. • Bertrand Meier: The Eiffel programming language, 1986 • Design by contract aka. • Registered trademark (US) • Programming by contract aka. • Design-by-contract programming aka. • Code contracts [Microsoft terms] Contract based programming
References and further readings • WikipediaDesign by contract • http://en.wikipedia.org/wiki/Design_by_contract • Microsoft Research Code Contracts • http://research.microsoft.com/en-us/projects/contracts/ • http://visualstudiogallery.msdn.microsoft.com/1ec7db13-3363-46c9-851f-1ce455f66970 Contract based programming