writing complete contracts
play

Writing Complete Contracts EECS3311: Software Design Fall 2017 C - PowerPoint PPT Presentation

Mar 31, 2024 •405 likes •659 views

Writing Complete Contracts EECS3311: Software Design Fall 2017 C HEN -W EI W ANG How are contracts checked at runtime? All contracts are specified as Boolean expressions. Right before a feature call (e.g., acc.withdraw(10) ): The

  1. Writing Complete Contracts EECS3311: Software Design Fall 2017 C HEN -W EI W ANG

  2. How are contracts checked at runtime? ● All contracts are specified as Boolean expressions. ● Right before a feature call (e.g., acc.withdraw(10) ): ○ The current state of acc is called its pre-state . ○ Evaluate pre-condition using current values of attributes/queries. ○ Cache values of all expressions involving the old keyword in the post-condition . e.g., cache the value of old balance via old balance ∶= balance ● Right after the feature call: ○ The current state of acc is called its post-state . ○ Evaluate invariant using current values of attributes and queries. ○ Evaluate post-condition using both current values and “cached” values of attributes and queries. 2 of 25

  3. When are contracts complete? ● In post-condition , for each attribute , specify the relationship between its pre-state value and its post-state value. ○ Eiffel supports this purpose using the old keyword. ● This is tricky for attributes whose structures are composite rather than simple : e.g., ARRAY , LINKED LIST are composite-structured. e.g., INTEGER , BOOLEAN are simple-structured. ● Rule of thumb: For an attribute whose structure is composite, we should specify that after the update: 1. The intended change is present; and 2. The rest of the structure is unchanged . ● The second contract is much harder to specify: ○ Reference aliasing [ ref copy vs. shallow copy vs. deep copy ] ○ Iterable structure [ use across ] 3 of 25

  4. Account class ACCOUNT deposit ( a : INTEGER ) inherit do ANY balance := balance + a redefine is_equal end ensure create balance = old balance + a make end feature is_equal ( other : ACCOUNT ): BOOLEAN owner : STRING do balance : INTEGER Result := owner ∼ other . owner make ( n : STRING ) and balance = other . balance do end owner := n end balance := 0 end 4 of 25

  5. Bank class BANK create make feature accounts : ARRAY [ ACCOUNT ] make do create accounts . make_empty end account_of ( n : STRING ): ACCOUNT require existing : across accounts as acc some acc . item . owner ∼ n end do . . . ensure Result . owner ∼ n end add ( n : STRING ) require non_existing : across accounts as acc all acc . item . owner / ∼ n end local new_account : ACCOUNT do create new_account . make ( n ) accounts . force ( new_account , accounts . upper + 1) end end 5 of 25

  6. Roadmap of Illustrations We examine 5 different versions of a command deposit on ( n ∶ STRING ; a ∶ INTEGER ) V ERSION I MPLEMENTATION C ONTRACTS S ATISFACTORY ? 1 Correct Incomplete No 2 Wrong Incomplete No 3 Wrong Complete (reference copy) No 4 Wrong Complete (shallow copy) No 5 Wrong Complete (deep copy) Yes 6 of 25

  7. Object Structure for Illustration We will test each version by starting with the same runtime object structure: BANK 0 1 b.accounts accounts b ACCOUNT ACCOUNT owner owner “Bill” “Steve” balance 0 balance 0 7 of 25

  8. Version 1: Incomplete Contracts, Correct Implementation class BANK deposit_on_v1 ( n : STRING ; a : INTEGER ) require across accounts as acc some acc . item . owner ∼ n end local i : INTEGER do from i := accounts . lower until i > accounts . upper loop if accounts [ i ]. owner ∼ n then accounts [ i ]. deposit ( a ) end i := i + 1 end ensure num_of_accounts_unchanged : accounts . count = old accounts . count balance_of_n_increased : account_of ( n ). balance = old account_of ( n ). balance + a end end 8 of 25

  9. Test of Version 1 class TEST_BANK test_bank_deposit_correct_imp_incomplete_contract : BOOLEAN local b : BANK do comment ("t1: correct imp and incomplete contract") create b . make b . add ("Bill") b . add ("Steve") -- deposit 100 dollars to Steve’s account b.deposit on v1 ("Steve", 100) Result := b . account_of ("Bill"). balance = 0 and b . account_of ("Steve"). balance = 100 check Result end end end 9 of 25

  10. Test of Version 1: Result 10 of 25

  11. Version 2: Incomplete Contracts, Wrong Implementation class BANK deposit_on_v2 ( n : STRING ; a : INTEGER ) require across accounts as acc some acc . item . owner ∼ n end local i : INTEGER do -- same loop as in version 1 -- wrong implementation: also deposit in the first account accounts[accounts.lower].deposit(a) ensure num_of_accounts_unchanged : accounts . count = old accounts . count balance_of_n_increased : account_of ( n ). balance = old account_of ( n ). balance + a end end Current postconditions lack a check that accounts other than n are unchanged. 11 of 25

  12. Test of Version 2 class TEST_BANK test_bank_deposit_wrong_imp_incomplete_contract : BOOLEAN local b : BANK do comment ("t2: wrong imp and incomplete contract") create b . make b . add ("Bill") b . add ("Steve") -- deposit 100 dollars to Steve’s account b.deposit on v2 ("Steve", 100) Result := b . account_of ("Bill"). balance = 0 and b . account_of ("Steve"). balance = 100 check Result end end end 12 of 25

  13. Test of Version 2: Result 13 of 25

  14. Version 3: Complete Contracts with Reference Copy class BANK deposit_on_v3 ( n : STRING ; a : INTEGER ) require across accounts as acc some acc . item . owner ∼ n end local i : INTEGER do -- same loop as in version 1 -- wrong implementation: also deposit in the first account accounts[accounts.lower].deposit(a) ensure num_of_accounts_unchanged : accounts . count = old accounts . count balance_of_n_increased : account_of ( n ). balance = old account_of ( n ). balance + a others unchanged : across old accounts as cursor all cursor . item . owner / ∼ n implies cursor . item ∼ account_of ( cursor . item . owner ) end end end 14 of 25

  15. Test of Version 3 class TEST_BANK test_bank_deposit_wrong_imp_complete_contract_ref_copy : BOOLEAN local b : BANK do comment ("t3: wrong imp and complete contract with ref copy") create b . make b . add ("Bill") b . add ("Steve") -- deposit 100 dollars to Steve’s account b.deposit on v3 ("Steve", 100) Result := b . account_of ("Bill"). balance = 0 and b . account_of ("Steve"). balance = 100 check Result end end end 15 of 25

  16. Test of Version 3: Result 16 of 25

  17. Version 4: Complete Contracts with Shallow Object Copy class BANK deposit_on_v4 ( n : STRING ; a : INTEGER ) require across accounts as acc some acc . item . owner ∼ n end local i : INTEGER do -- same loop as in version 1 -- wrong implementation: also deposit in the first account accounts[accounts.lower].deposit(a) ensure num_of_accounts_unchanged : accounts . count = old accounts . count balance_of_n_increased : account_of ( n ). balance = old account_of ( n ). balance + a others unchanged : across old accounts.twin as cursor all cursor . item . owner / ∼ n implies cursor . item ∼ account_of ( cursor . item . owner ) end end end 17 of 25

  18. Test of Version 4 class TEST_BANK test_bank_deposit_wrong_imp_complete_contract_shallow_copy : BOOLEAN local b : BANK do comment ("t4: wrong imp and complete contract with shallow copy") create b . make b . add ("Bill") b . add ("Steve") -- deposit 100 dollars to Steve’s account b.deposit on v4 ("Steve", 100) Result := b . account_of ("Bill"). balance = 0 and b . account_of ("Steve"). balance = 100 check Result end end end 18 of 25

  19. Test of Version 4: Result 19 of 25

  20. Version 5: Complete Contracts with Deep Object Copy class BANK deposit_on_v5 ( n : STRING ; a : INTEGER ) require across accounts as acc some acc . item . owner ∼ n end local i : INTEGER do -- same loop as in version 1 -- wrong implementation: also deposit in the first account accounts[accounts.lower].deposit(a) ensure num_of_accounts_unchanged : accounts . count = old accounts . count balance_of_n_increased : account_of ( n ). balance = old account_of ( n ). balance + a others unchanged : across old accounts.deep twin as cursor all cursor . item . owner / ∼ n implies cursor . item ∼ account_of ( cursor . item . owner ) end end end 20 of 25

  21. Test of Version 5 class TEST_BANK test_bank_deposit_wrong_imp_complete_contract_deep_copy : BOOLEAN local b : BANK do comment ("t5: wrong imp and complete contract with deep copy") create b . make b . add ("Bill") b . add ("Steve") -- deposit 100 dollars to Steve’s account b.deposit on v5 ("Steve", 100) Result := b . account_of ("Bill"). balance = 0 and b . account_of ("Steve"). balance = 100 check Result end end end 21 of 25

  22. Test of Version 5: Result 22 of 25

  23. Exercise ● Consider the query account of (n: STRING) of BANK . ● How do we specify (part of) its postcondition to assert that the state of the bank remains unchanged: ○ [ × ] accounts = old accounts ○ [ × ] accounts = old accounts . twin ○ [ × ] accounts = old accounts . deep_twin ○ [ × ] accounts ˜ old accounts ○ [ × ] accounts ˜ old accounts . twin ○ [ ✓ ] accounts ˜ old accounts . deep_twin ● Which equality of the above is appropriate for the postcondition? ● Why is each one of the other equalities not appropriate? 23 of 25

Recommend

When are contracts complete? In post-condition , for each attribute , specify the relationship

When are contracts complete? In post-condition , for each attribute , specify the relationship

When are contracts complete? In post-condition , for each attribute , specify the relationship between its pre-state value and its post-state value. Writing Complete Contracts Eiffel supports this purpose using the old keyword. This is

226 views • 7 slides
Writing Smart Contracts Dionysis Zindros Smart Contracts Day Athens, March 2017 We talked all

Writing Smart Contracts Dionysis Zindros Smart Contracts Day Athens, March 2017 We talked all

Writing Smart Contracts Dionysis Zindros Smart Contracts Day Athens, March 2017 We talked all about what smart contracts are... ...but what does a real smart contract look like? Lets talk about writing actual Smart Contracts with code

809 views • 50 slides
Motivating Problem: Complete Contracts Abstractions via Mathematical Models Recall what we

Motivating Problem: Complete Contracts Abstractions via Mathematical Models Recall what we

Motivating Problem: Complete Contracts Abstractions via Mathematical Models Recall what we learned in the Complete Contracts lecture: In post-condition , for each attribute , specify the relationship between its pre-state value and its

278 views • 5 slides
Inverted Commas Complete Complete whiteboard. Complete 2 3 1 Challenge 1 Lesson 3

Inverted Commas Complete Complete whiteboard. Complete 2 3 1 Challenge 1 Lesson 3

Lesson 3 Character's Feelings shortburst writing slides.notebook June 05, 2020 Gold Use a Bronze Silver Inverted Commas Complete Complete whiteboard. Complete 2 3 1 Challenge 1 Lesson 3 Character's Feelings shortburst writing

152 views • 12 slides
Board of Directors Operations Committee October 17, 2019 Complete 540 Project Update Rodger

Board of Directors Operations Committee October 17, 2019 Complete 540 Project Update Rodger

Board of Directors Operations Committee October 17, 2019 Complete 540 Project Update Rodger Rochelle, P.E. Chief Engineer 2 Complete 540 Project Update Complete 540 Three Contracts 3 Complete 540 Project Update Design-Build Contracts

810 views • 48 slides
COMPLETE INVENTORY CONTROL SOLUTIONS WHY INVENTORY SOLUTIONS? Secure long-term contracts

COMPLETE INVENTORY CONTROL SOLUTIONS WHY INVENTORY SOLUTIONS? Secure long-term contracts

COMPLETE INVENTORY CONTROL SOLUTIONS WHY INVENTORY SOLUTIONS? Secure long-term contracts Add Value to your Proposition Promote Partnership Grow business in existing accounts Better service your accounts Get your foot in the

706 views • 58 slides
11-823 Conlanging Writing Writing Systems Different Writing Systems What makes a writing

11-823 Conlanging Writing Writing Systems Different Writing Systems What makes a writing

11-823 Conlanging Writing Writing Systems Different Writing Systems What makes a writing system Standardization vs Historical artifacts Constructed Writing Systems Computing and its influence on writing Types of Writing

528 views • 24 slides
Types: Reference vs. Expanded Copies: Reference vs. Shallow vs. Deep Writing Complete

Types: Reference vs. Expanded Copies: Reference vs. Shallow vs. Deep Writing Complete

Types: Reference vs. Expanded Copies: Reference vs. Shallow vs. Deep Writing Complete Postconditions EECS3311 A: Software Design Fall 2018 C HEN -W EI W ANG Expanded Class: Modelling We may want to have objects which are: Integral parts

472 views • 43 slides
3. Contracts 3.1 Meaning of Contract Law Terms 3.2 Formation of Contracts 3.3 Legal

3. Contracts 3.1 Meaning of Contract Law Terms 3.2 Formation of Contracts 3.3 Legal

3. Contracts 3.1 Meaning of Contract Law Terms 3.2 Formation of Contracts 3.3 Legal Incapacity to Enter Contracts 3.4 Third-Party Beneficiary Contracts 3.5 Assignment and Delegation of Contract Rights and Duties 3.6 Statute of Frauds

1.16k views • 97 slides
7.2 Resume Writing Objective Create, format, and distribute a complete resume that accurately

7.2 Resume Writing Objective Create, format, and distribute a complete resume that accurately

7.2 Resume Writing Objective Create, format, and distribute a complete resume that accurately represents your skills, experience, and educational background 2 Introduction Q. What is a resume? A document that summarizes your skills ,

433 views • 24 slides
Writing Home 8: Formal and Informal Writing We We use formal language for: Writing to

Writing Home 8: Formal and Informal Writing We We use formal language for: Writing to

Writing Home 8: Formal and Informal Writing We We use formal language for: Writing to someone we dont know Writing for a large audience such as in a newspaper article Writing non-fiction such as instructions, explanations or

209 views • 6 slides
Custom Writing Service - Special Prices Literature review magazine presentation Marketing term

Custom Writing Service - Special Prices Literature review magazine presentation Marketing term

Custom Writing Service - Special Prices Literature review magazine presentation Marketing term paper juvenile delinquency thesis paper . assignment of contracts operation research images for creative writing articles critical thinking textbook

297 views • 3 slides
Looking and Writing: Teaching Writing in the Discipline Teaching Writing in the Discipline of

Looking and Writing: Teaching Writing in the Discipline Teaching Writing in the Discipline of

ProVisions Writing in the Disciplines October 11, 2011 Looking and Writing: Teaching Writing in the Discipline Teaching Writing in the Discipline of Art History Robert R. Shane, Ph.D. Art Department John C Bean Engaging Ideas: The John C.

436 views • 10 slides
Automated Fixing of Programs with Contracts Yi Wei, Yu Pei, Carlo A. Furia, Lucas S. Silva,

Automated Fixing of Programs with Contracts Yi Wei, Yu Pei, Carlo A. Furia, Lucas S. Silva,

Automated Fixing of Programs with Contracts Yi Wei, Yu Pei, Carlo A. Furia, Lucas S. Silva, Stefan Buchholz, Bertrand Meyer, Andreas Zeller Presented by Christine Zeller Motivation Programming is not just about writing code Find errors

207 views • 19 slides
Writing for Funding Part 1: General Writing and Writing for Specific Review Alicia J. Knoedler,

Writing for Funding Part 1: General Writing and Writing for Specific Review Alicia J. Knoedler,

Writing for Funding Part 1: General Writing and Writing for Specific Review Alicia J. Knoedler, Ph.D. Grant Writing for the Social Sciences Summer, 2003 Writing Discussions Part 1: Getting Started General writing comments and

809 views • 13 slides
words? Now complete activity 1 Use this to help complete activity 2 Now complete activity 2 To

words? Now complete activity 1 Use this to help complete activity 2 Now complete activity 2 To

What is meant by word class? Here are some examples: Noun adjective verb Can you think of any more types of words? Now complete activity 1 Use this to help complete activity 2 Now complete activity 2 To uplevel a sentence is to

1.41k views • 120 slides
Relation with Other Contractual ADR Construction Work Contracts Procurement of Materials

Relation with Other Contractual ADR Construction Work Contracts Procurement of Materials

Compulsory Adjudication Effects, Procedure & Inter- Relation with Other Contractual ADR Construction Work Contracts Procurement of Materials and Labour Contracts Construction Consultancy Contracts Contracts Carried Out

535 views • 34 slides
writing bat paper accounting service cv writing thesis nps graduate writing

writing bat paper accounting service cv writing thesis nps graduate writing

Why homework, assignment photoshop, price natural gas thesis, homework helper mymathlab. Austin writing tx resume service, paper research android, writing internships sydney creative, bristol creative groups writing. Help mayans facts homework,

287 views • 5 slides
Solidity Pt. 1 Solidity idity Javascript-like programming language for writing programs that

Solidity Pt. 1 Solidity idity Javascript-like programming language for writing programs that

Solidity Pt. 1 Solidity idity Javascript-like programming language for writing programs that run on the Ethereum Virtual Machine Domain-specific language that supports abstractions required for operation of smart contracts e.g.

763 views • 44 slides
Writing for Funding Part 3: Writing Catch-All Discussion Alicia J. Knoedler, Ph.D. Grant

Writing for Funding Part 3: Writing Catch-All Discussion Alicia J. Knoedler, Ph.D. Grant

Writing for Funding Part 3: Writing Catch-All Discussion Alicia J. Knoedler, Ph.D. Grant Writing for the Social Sciences Summer, 2003 Writing Discussions Part 1: Getting Started General writing comments and suggestions Knowing

552 views • 7 slides
BUSINESS WRITING NEAR EAST UNIVERSITY 1 2 Business Writing Business Writing Follow these

BUSINESS WRITING NEAR EAST UNIVERSITY 1 2 Business Writing Business Writing Follow these

BUSINESS WRITING NEAR EAST UNIVERSITY 1 2 Business Writing Business Writing Follow these rules Topics to cover Business letters State your purpose Envelopes Be straightforward, clear, concise, objective and courteous Job

449 views • 8 slides
>>>CLICK HERE<<< Report writing and presentation Buckinghamshire. vehicle

>>>CLICK HERE<<< Report writing and presentation Buckinghamshire. vehicle

Report Writing And Presentation Report writing and presentation Hartford help with homework westminster english essays sri lanka essay character building need of the day. Report writing and presentation Wisconsin writing assignment 8 the game's

83 views • 4 slides
Contracts 1 Contracts IC 6-1.1-4-17 Subject to the approval of the DLGF, a county

Contracts 1 Contracts IC 6-1.1-4-17 Subject to the approval of the DLGF, a county

Assessment and Software Contracts 1 Contracts IC 6-1.1-4-17 Subject to the approval of the DLGF, a county assessor may employ professional appraisers as technical advisors for assessments in all townships in the county. The DLGF may

266 views • 9 slides
Contracts Hot Topics - Compliant Contracts at the Speed of War Presented By: Ms. Marie Greening

Contracts Hot Topics - Compliant Contracts at the Speed of War Presented By: Ms. Marie Greening

One team, one voice delivering global acquisition insight that matters . Contracts Hot Topics - Compliant Contracts at the Speed of War Presented By: Ms. Marie Greening Chief Operations Officer 26 April 2017 Unclassified Agenda DCMA

240 views • 11 slides

More recommend