# CSE 331 Software Design & Implementation

Save this PDF as:

Size: px
Start display at page:

## Transcription

1 CSE 331 Software Design & Implementation Kevin Zatloukal Fall 2017 Representation Invariants & Abstraction Functions (Based on slides by Mike Ernst, Dan Grossman, David Notkin, Hal Perkins, Zach Tatlock)

2 Reminders HW3 due tomorrow night 2

3 Implementing a Data Abstraction (ADT) Specify an ADT by defining operations on abstract states To implement an ADT: select the representation of instances implement operations in terms of that representation Choose a representation so that: it is possible to implement required operations the most frequently used operations are efficient / simple / abstraction allows the rep to change later almost always better to start simple Next, need to use reasoning to verify the operations are correct two intellectual tools are helpful for this... 3

4 Connecting implementations to specs For implementers / debuggers / maintainers of the implementation: Representation Invariant: maps Object boolean defines the set of valid concrete values must hold at all times (outside of mutators) no object should ever violate the rep invariant such an object has no useful meaning Abstraction Function: maps Object abstract state says what the data structure means in vocabulary of the ADT only defined on objects meeting the rep invariant connects the concrete representation back to the specification can check that the abstract value after each method meets the postcondition described in the specification 4

5 Example: Circle /** Represents a mutable circle in the plane. For example, * it can be a circle with center (0,0) and radius 1. */ public class Circle { // Rep invariant: center!= null and rad > 0 private Point center; private double rad; // Abstraction function: // AF(this) = a circle with center at this.center // and radius this.rad //... 5

6 Example: Circle 2 /** Represents a mutable circle in the plane. For example, * it can be a circle with center (0,0) and radius 1. */ public class Circle { // Rep invariant: center!= null and edge!= null // and!center.equals(edge) private Point center, edge; // Abstraction function: // AF(this) = a circle with center at this.center // and radius this.center.distanceto(this.edge) //... 6

7 Example: Polynomial /** An immutable polynomial with integer coefficients. * Examples include 0, 2x, and x + 3x^2 + 5x. */ public class IntPoly { // Rep invariant: coeffs!= null private final int[] coeffs; // Abstraction function: // AF(this) = sum of this.coeffs[i] * x^i // for i = 0.. this.coeffs.length /** Returns the highest exponent with nonzero coefficient * or zero if none exists. */ public int degree() {... //... 7

8 Example: Polynomial 2 /** An immutable polynomial with integer coefficients. * Examples include 0, 2x, and x + 3x^2 + 5x. */ public class IntPoly { // Rep invariant: terms!= null private final List<IntTerm> terms; // Abstraction function: // AF(this) = sum of monomials in this.terms /** Returns the highest exponent with nonzero coefficient * or zero if none exists. */ public int degree() {... //... 8

9 Another example class Account { private int balance; // history of all transactions private List<Transaction> transactions; Real-world constraints: Balance 0 Balance = Σ i transactions.get(i).amount Implementation-related constraints: Transactions null No nulls in transactions 9

10 Example: Text File Abstract state is a list of lines, each a sequence of (char, color) pairs. How would we actually represent this? Probably okay to store lines in an array: most files have < 10k lines, so copying is not too expensive most characters are inserted into existing lines not creating new (always better to start simple... can change this later) 10

11 Example: Text File Probably not okay to make each (char, color) pair an object object overhead is at least 10 bytes per object 16 bytes * 10k lines * 50 characters = 8 Mb 125 files = 1 Gb = unhappy users Instead store characters and colors in arrays problem: inefficient to insert in the middle of an array... except at the end of the array (assuming there is space) Old trick: have two arrays one is the beginning of the line one is the end of the line in reverse order easy to add new characters at the split between parts 11

12 Example: TextLine // Overview: Represents one line of the text file... public class TextLine { // Representation invariant: all arrays are non-null and // and prefixcharslen + suffixcharslen equals // prefixcolorslen + suffixcolorslen // and 0 <= prefixcharslen <= prefixchars.length and... private char[] prefixchars, suffixchars; private int[] prefixcolors, suffixcolors; private int prefixcharslen, suffixcharslen; private int prefixcolorslen, suffixcolorslen; // Abstraction function: AF(this) = zip sum of // prefixchars[0..prefixcharslen-1] + reverse(suffixchars[0..suffixcharslen-1]) and // prefixcolors[0..prefixcolorslen-1] + reverse(suffixcolors[0..suffixcolorslen-1]) // (I.e., the list of pairs (char, color), where the i-th // char is paired with the i-th color.) //... 12

13 The abstraction function Allows us to check correctness use reasoning to show that the method leaves the abstract state such that it satisfies the postcondition Can assume the abstract state initially satisfies precondition but it can be in any concrete representation corresponding to an abstract state that satisfies the precondition (many possible abstract states, potentially many concrete representations for each abstract state) 13

14 TextLine.java (note: just chars, no colors)

15 IntDeque.java

16 Example: CharSet ADT // Overview: A CharSet is a finite mutable set of Characters creates a fresh, empty CharSet public CharSet() { this this post = this pre + {c public void insert(character c) { this this post = this pre - {c public void delete(character c) { (c in this) public boolean member(character c) { cardinality of this public int size() { 16

17 An implementation: Is it right? class CharSet { private List<Character> elts = new ArrayList<Character>(); public void insert(character c) { elts.add(c); public void delete(character c) { elts.remove(c); public boolean member(character c) { return elts.contains(c); public int size() { return elts.size(); 17

18 CharSet s = new CharSet(); Character a = new Character('a'); An implementation: s.insert(a); Is it right? s.insert(a); s.delete(a); class CharSet { private List<Character> if (s.member(a)) elts = new ArrayList<Character>(); System.out.print("wrong"); public void insert(character else c) { elts.add(c); System.out.print("right"); public void delete(character c) { elts.remove(c); public boolean member(character c) { return elts.contains(c); public int size() { return elts.size(); 18

19 CharSet s = new CharSet(); Character a = new Character('a'); An implementation: s.insert(a); Is it right? s.insert(a); s.delete(a); class CharSet { if (s.member(a)) private List<Character> elts = new ArrayList<Character>(); System.out.print("wrong"); public void insert(character else c) { elts.add(c); System.out.print("right"); public void delete(character c) { elts.remove(c); public boolean member(character c) { return elts.contains(c); public int size() { return elts.size(); Where is the error? 19

20 Where Is the Error? Answer this and you know what to fix Perhaps delete is wrong should remove all occurrences? Perhaps insert is wrong should not insert a character that is already there? The representation invariant tells us which is correct this is how we document our choice for the right answer 20

21 The representation invariant Defines data structure well-formedness Must hold before and after every CharSet operation Operations (methods) may depend on it Write it like this: class CharSet { // Rep invariant: // elts has no nulls and no duplicates private List<Character> elts = Or, more formally (if you prefer): for all indices i of elts, we have elts.elementat(i) null for all indices i, j of elts with i!= j, we have! elts.elementat(i).equals(elts.elementat(j)) 21

22 Now we can locate the error // Rep invariant: // elts has no nulls and no duplicates public void insert(character c) { elts.add(c); public void delete(character c) { elts.remove(c); 22

23 Checking rep invariants Should you write code to check that the rep invariant holds? Yes, if it s inexpensive [depends on the invariant] Yes, for debugging [even when it s expensive] Often hard to justify turning the checking off better argument is removing clutter (improve understandability) Some private methods need not check (Why?) A great debugging technique: Design your code to catch bugs by implementing and using a function to check the rep-invariant 23

24 Checking the rep invariant Rule of thumb: check on entry and on exit (why?) public void delete(character c) { checkrep(); elts.remove(c); // Is this guaranteed to get called? // (could guarantee it with a finally block) checkrep(); /** Verify that elts contains no duplicates. */ private void checkrep() { for (int i = 0; i < elts.size(); i++) { assert elts.indexof(elts.elementat(i)) == i; 24

25 Practice defensive programming You will make mistakes if you haven t made many yet, you haven t written enough code No physician is really good before he s killed a few patients Hindu Proverb Question is not: will you make mistakes? You will. Question is: will you catch those mistakes before customers do? Write and incorporate code designed to catch the errors you make check rep invariant on entry and exit (of mutators) check preconditions (don t trust other programmers) check postconditions (don t trust yourself either) Checking the rep invariant helps discover errors while testing Reasoning about the rep invariant helps discover errors while coding 25

26 Practice defensive programming Checking pre- and post-conditions and rep invariants is one tip More of these in Effective Java Reading Quiz #2 focused on these In particular, focus on defensive programming against subtle bugs obvious bugs (e.g. crashing every time) will be caught in testing subtle bugs that only occasionally cause problems can sneak out be especially defensive against these tips in Reading Quiz #2 mainly combat these 26

27 Listing the elements of a CharSet Consider adding the following method to CharSet // returns: a List containing the members of this public List<Character> getelts(); Consider this implementation: // Rep invariant: elts has no nulls and no dups private List<Character> elts; public List<Character> getelts() { return elts; Does the implementation of getelts preserve the rep invariant? Can t say! 27

28 Representation exposure Consider this client code (outside the CharSet implementation): CharSet s = new CharSet(); Character a = new Character( a ); s.insert(a); s.getelts().add(a); s.delete(a); if (s.member(a)) Representation exposure is external access to the rep Representation exposure is almost always EVIL can cause bugs that will be very hard to detect Rule #1: Don t do it! Rule #2: If you do it, document it clearly and then feel guilty about it! 28

29 Avoiding representation exposure Understand what representation exposure is Design ADT implementations to make sure it doesn t happen Treat rep exposure as a bug: fix your bugs absolutely must avoid in libraries with many clients can allow (but feel guilty) for code with few clients Test for it with adversarial clients: pass values to methods and then mutate them mutate values returned from methods 29

30 private is not enough Making fields private does not suffice to prevent rep exposure see our example issue is aliasing of mutable data outside the abstraction So private is a hint to you: no aliases outside abstraction to references to mutable data reachable from private fields Three general ways to avoid representation exposure 30

31 Avoiding rep exposure (way #1) One way to avoid rep exposure is to make copies of all data that cross the abstraction barrier Copy in [parameters that become part of the implementation] Copy out [results that are part of the implementation] Examples of copying (assume Point is a mutable ADT): class Line { private Point s, e; public Line(Point s, Point e) { this.s = new Point(s.x,s.y); this.e = new Point(e.x,e.y); public Point getstart() { return new Point(this.s.x,this.s.y); 31

32 Need deep copying Shallow copying is not enough prevent any aliasing to mutable data inside/outside abstraction What s the bug (assuming Point is a mutable ADT)? class PointSet { private List<Point> points = public List<Point> getelts() { return new ArrayList<Point>(points); Not in example: Also need deep copying on copy in 32

33 Avoiding rep exposure (way #2) One way to avoid rep exposure is to exploit the immutability of (other) ADTs the implementation uses aliasing is no problem if nobody can change data have to mutate the rep to break the rep invariant Examples (assuming Point is an immutable ADT): class Line { private Point s, e; public Line(Point s, Point e) { this.s = s; this.e = e; public Point getstart() { return this.s; 33

34 Why [not] immutability? Several advantages of immutability aliasing does not matter no need to make copies with identical contents rep invariants cannot be broken see CSE341 for more! Does require different code (e.g., if Point immutable) void raiseline(double deltay) { this.s = new Point(s.x, s.y+deltay); this.e = new Point(e.x, e.y+deltay); Immutable classes in Java libraries include String, Character, Integer, 34

35 Deepness, redux An immutable ADT must be immutable all the way down No references reachable to data that may be mutated So combining our two ways to avoid rep exposure: Must copy-in, copy-out all the way down to immutable parts 35

36 Back to getelts Recall our initial rep-exposure example: class CharSet { // Rep invariant: elts has no nulls and no dups private List<Character> elts = ; // returns: elts currently in the set public List<Character> getelts() { return new ArrayList<Character>(elts); //copy out! 36

37 Alternative #3 // returns: elts currently in the set public List<Character> getelts() { // version 1 return new ArrayList<Character>(elts);//copy out! public List<Character> getelts() { // version 2 return Collections.unmodifiableList(elts); From the JavaDoc for Collections.unmodifiableList: Returns an unmodifiable view of the specified list. This method allows modules to provide users with "read-only" access to internal lists. Query operations on the returned list "read through" to the specified list, and attempts to modify the returned list result in an UnsupportedOperationException. 37

38 The good news public List<Character> getelts() { // version 2 return Collections.unmodifiableList(elts); Clients cannot modify (mutate) the rep cannot break the rep invariant (For long lists,) more efficient than copy out Uses standard libraries 38

39 The bad news public List<Character> getelts() { // version 1 return new ArrayList<Character>(elts);//copy out! public List<Character> getelts() { // version 2 return Collections.unmodifiableList(elts); The two implementations do not do the same thing! both avoid allowing clients to break the rep invariant both return a list containing the elements But consider: xs = s.getelts(); s.insert('a'); xs.contains('a'); Version 2 is observing an exposed rep, leading to different behavior 39

40 Different specifications Ambiguity of returns a list containing the current set elements returns a fresh mutable list containing the elements in the set at the time of the call versus returns read-only access to a list that the ADT continues to update to hold the current elements in the set A third spec weaker than both [but less simple and useful!] returns a list containing the current set elements. Behavior is unspecified (!) if client attempts to mutate the list or to access the list after the set s elements are changed Also note: Version 2 s spec also makes changing the rep later harder only simple to implement with rep as a List 40

41 Suggestions Best options for implementing getelts() if O(n) time is acceptable for relevant use cases, copy the list safest option best option for changeability if O(1) time is required, then return an unmodifiable list prevents breaking rep invariant clearly document that behavior is unspecified after mutation ideally, write a your own unmodifiable view of the list that throws an exception on all operations after mutation if O(1) time is required and there is no unmodifiable version and you don t have time to write one, expose rep and feel guilty 41

### Representation invariants and abstraction functions CSE 331 UW CSE

Representation invariants and abstraction functions CSE 331 UW CSE ADTs and specifications Specification: only in terms of the abstraction Never mentions the representation An ADT is more than just a data

### Representation Invariants and Abstraction Functions

Representation Invariants and Abstraction Functions Outline Reasoning about ADTs Representation invariants (rep invariants) Representation exposure Checking rep invariants Abstraction functions CSCI 2600

### CSE 331 Software Design & Implementation

CSE 331 Software Design & Implementation Kevin Zatloukal Summer 2017 Identity, equals, and hashcode (Based on slides by Mike Ernst, Dan Grossman, David Notkin, Hal Perkins, Zach Tatlock) Overview Notions

### So far. Specifications, conclusion. Abstract Data Types (ADTs) Comparison by Logical Formulas. Outline

So far Specifications, conclusion. Abstract Data Types (ADTs) Based on notes by Michael Ernst, University of Washington Specifications Benefits of specifications Specification conventions Javadoc JML/Dafny

### Lecture 12: Abstraction Functions

Lecture 12: Abstraction Functions 12.1 Context What you ll learn: How to read, write, and use abstraction functions to describe the relationship between the abstract values of a type and its representation.

### Representation Invariant, Abstraction Function

CS 247: Software Engineering Principles Representation Invariant, Abstraction Function Reading: Barbara Liskov and John Guttag, Program Development in Java: Abstraction, Specification, and Object Oriented

### 6.005 Elements of Software Construction Fall 2008

MIT OpenCourseWare http://ocw.mit.edu 6.005 Elements of Software Construction Fall 2008 For information about citing these materials or our Terms of Use, visit: http://ocw.mit.edu/terms. 6.005 elements

### Solutions to Quiz 1 (October 19, 2015)

MIT 6.005: Software Construction Prof. Rob Miller & Max Goldman revised Monday 19 th October, 2015, 13:57 Solutions to Quiz 1 (October 19, 2015) Problem 1 (Multiple Choice) (14 points). Circle all correct

### CSE 331 Summer 2017 Final Exam. The exam is closed book and closed electronics. One page of notes is allowed.

Name Solution The exam is closed book and closed electronics. One page of notes is allowed. The exam has 6 regular problems and 1 bonus problem. Only the regular problems will count toward your final exam

### 6.170 Lecture 7 Abstract Data Types MIT EECS

6.170 Lecture 7 Abstract Data Types MIT EECS Outline 1. What is an abstract data type (ADT)? 2. How to specify an ADT immutable mutable 3. The ADT methodology 2 What is an ADT? Procedural abstraction Abstracts

### CSE 331 Software Design & Implementation

CSE 331 Software Design & Implementation Kevin Zatloukal Summer 2017 Java Graphics and GUIs (Based on slides by Mike Ernst, Dan Grossman, David Notkin, Hal Perkins, Zach Tatlock) Review: how to create

### Lecture 4: Procedure Specifications

Lecture 4: Procedure Specifications 4.1. Introduction In this lecture, we ll look at the role played by specifications of methods. Specifications are the linchpin of team work. It s impossible to delegate

### + Today. Lecture 26: Concurrency 3/31/14. n Reading. n Objectives. n Announcements. n P&C Section 7. n Race conditions.

+ Lecture 26: Concurrency Slides adapted from Dan Grossman + Today n Reading n P&C Section 7 n Objectives n Race conditions n Announcements n Quiz on Friday 1 + This week s programming assignment n Answer

### Topics in Software Testing

Dependable Software Systems Topics in Software Testing Material drawn from [Beizer, Sommerville] Software Testing Software testing is a critical element of software quality assurance and represents the

### QUIZ. What is wrong with this code that uses default arguments?

QUIZ What is wrong with this code that uses default arguments? Solution The value of the default argument should be placed in either declaration or definition, not both! QUIZ What is wrong with this code

### CSE331 Autumn 2011 Midterm Examination October 28, 2011

CSE331 Autumn 2011 Midterm Examination October 28, 2011 50 minutes; 75 points total. Open note, open book, closed neighbor, closed anything electronic (computers, webenabled phones, etc.) An easier-to-read

### Quiz 1 (March 14, 2016)

MIT 6.005: Software Construction Max Goldman revised Sunday 13 th March, 2016, 15:30 Quiz 1 (March 14, 2016) Your name: Your Athena username: You have 50 minutes to complete this quiz. It contains 12 pages

### Software Engineering Testing and Debugging Testing

Software Engineering Testing and Debugging Testing Prof. Dr. Peter Thiemann Universitt Freiburg 08.06.2011 Recap Testing detect the presence of bugs by observing failures Debugging find the bug causing

### Modules and Representation Invariants

Modules and Representation Invariants COS 326 Andrew W. Appel Princeton University slides copyright 2013-2015 David Walker and Andrew W. Appel In previous classes: Reasoning about individual OCaml expressions.

### CS 315 Software Design Homework 3 Preconditions, Postconditions, Invariants Due: Sept. 29, 11:30 PM

CS 315 Software Design Homework 3 Preconditions, Postconditions, Invariants Due: Sept. 29, 11:30 PM Objectives Defining a wellformed method to check class invariants Using assert statements to check preconditions,

### Programming Languages. Function-Closure Idioms. Adapted from Dan Grossman's PL class, U. of Washington

Programming Languages Function-Closure Idioms Adapted from Dan Grossman's PL class, U. of Washington More idioms We know the rule for lexical scope and function closures Now what is it good for A partial

### CS 251 Intermediate Programming Java Basics

CS 251 Intermediate Programming Java Basics Brooke Chenoweth University of New Mexico Spring 2018 Prerequisites These are the topics that I assume that you have already seen: Variables Boolean expressions

### Lecture Notes on Memory Layout

Lecture Notes on Memory Layout 15-122: Principles of Imperative Computation Frank Pfenning André Platzer Lecture 11 1 Introduction In order to understand how programs work, we can consider the functions,

### Comp215: Thinking Generically

Comp215: Thinking Generically Dan S. Wallach (Rice University) Copyright 2015, Dan S. Wallach. All rights reserved. Functional APIs On Wednesday, we built a list of Objects. This works. But it sucks. class

### CSE 373: Data Structures and Algorithms

CSE 373: Data Structures and Algorithms Lecture 17: Finish Dijkstra s Algorithm, Preserving Abstractions (Software Design), Spanning Trees Instructor: Lilian de Greef Quarter: Summer 2017 Today Wrap up

### OCaml Language Choices CMSC 330: Organization of Programming Languages

OCaml Language Choices CMSC 330: Organization of Programming Languages! Implicit or explicit declarations?! Explicit variables must be introduced with let before use! But you don t need to specify types

### CS 161 Computer Security

Wagner Spring 2014 CS 161 Computer Security 1/27 Reasoning About Code Often functions make certain assumptions about their arguments, and it is the caller s responsibility to make sure those assumptions

### Another interface: Comparable

Another interface: Comparable Comparing things is certainly useful, e.g. for sorting Show me cats ordered by cuteness" Show shapes ordered by number of sides" An example interface: Comparable Since sorting

### CSE 331 Software Design & Implementation

CSE 331 Software Design & Implementation Hal Perkins Winter 2013 Subtypes and Subclasses (Slides bymike Ernst and David Notkin) 1 What is subtyping? Sometimes every B is an A A In a library database: every

### 15-122: Principles of Imperative Computation (Section G)

15-122: Principles of Imperative Computation (Section G) Document 2 Solutions 0. Contracts This lecture was mainly about contracts and ensuring correctness of code. Josh Zimmerman There are 4 types of

### Fortgeschrittene objektorientierte Programmierung (Advanced Object-Oriented Programming)

2014-03-07 Preface Fortgeschrittene objektorientierte Programmierung (Advanced Object-Oriented Programming) Coordinates: Lecturer: Web: Studies: Requirements: No. 185.211, VU, 3 ECTS Franz Puntigam http://www.complang.tuwien.ac.at/franz/foop.html

### CSE 331 Summer 2016 Final Exam. Please wait to turn the page until everyone is told to begin.

Name The exam is closed book, closed notes, and closed electronics. Please wait to turn the page until everyone is told to begin. Score / 54 1. / 12 2. / 12 3. / 10 4. / 10 5. / 10 Bonus: 1. / 6 2. / 4

### Introduction to Linked Lists. Introduction to Recursion Search Algorithms CS 311 Data Structures and Algorithms

Introduction to Linked Lists Introduction to Recursion Search Algorithms CS 311 Data Structures and Algorithms Lecture Slides Friday, September 25, 2009 Glenn G. Chappell Department of Computer Science

### Lecture 10 Notes Linked Lists

Lecture 10 Notes Linked Lists 15-122: Principles of Imperative Computation (Spring 2016) Frank Pfenning, Rob Simmons, André Platzer 1 Introduction In this lecture we discuss the use of linked lists to

### GDB Tutorial. A Walkthrough with Examples. CMSC Spring Last modified March 22, GDB Tutorial

A Walkthrough with Examples CMSC 212 - Spring 2009 Last modified March 22, 2009 What is gdb? GNU Debugger A debugger for several languages, including C and C++ It allows you to inspect what the program

### CS61C : Machine Structures

inst.eecs.berkeley.edu/~cs61c CS61C : Machine Structures Lecture 4 C Pointers 2004-09-08 Lecturer PSOE Dan Garcia www.cs.berkeley.edu/~ddgarcia Cal flies over Air Force We re ranked 13 th in the US and

### Racket. CSE341: Programming Languages Lecture 14 Introduction to Racket. Getting started. Racket vs. Scheme. Example.

Racket Next 2+ weeks will use the Racket language (not ML) and the DrRacket programming environment (not emacs) Installation / basic usage instructions on course website CSE34: Programming Languages Lecture

### INTERNATIONAL EDITION. Problem Solving with C++ Data Abstraction & SIXTH EDITION. Walls and Mirrors. Frank M. Carrano Timothy Henry

INTERNATIONAL EDITION Data Abstraction & Problem Solving with C++ Walls and Mirrors SIXTH EDITION Frank M. Carrano Timothy Henry Operator Meaning Associativity Usage * multiply left expr * expr / divide

### Thinking Functionally

Thinking Functionally Dan S. Wallach and Mack Joyner, Rice University Copyright 2016 Dan S. Wallach, All Rights Reserved Reminder: Fill out our web form! Fill this out ASAP if you haven t already. http://goo.gl/forms/arykwbc0zy

### Secure Programming I. Steven M. Bellovin September 28,

Secure Programming I Steven M. Bellovin September 28, 2014 1 If our software is buggy, what does that say about its security? Robert H. Morris Steven M. Bellovin September 28, 2014 2 The Heart of the Problem

### Outline. iterator review iterator implementation the Java foreach statement testing

Outline iterator review iterator implementation the Java foreach statement testing review: Iterator methods a Java iterator only provides two or three operations: E next(), which returns the next element,

### Lecture 10 Notes Linked Lists

Lecture 10 Notes Linked Lists 15-122: Principles of Imperative Computation (Summer 1 2015) Frank Pfenning, Rob Simmons, André Platzer 1 Introduction In this lecture we discuss the use of linked lists to

### CS 370 Statements D R. M I C H A E L J. R E A L E F A L L

CS 370 Statements D R. M I C H A E L J. R E A L E F A L L 2 0 1 5 Overview In these slides, we ll talk about good practices related to programming statements: Organizing straight-line code Using conditionals

### n HW5 out, due Tuesday October 30 th n Part 1: Questions on material we ll cover today n Part 2: BFS using your graph from HW4

Subtype, Subtyping vs. Subclassing, Liskov Substitution Principle Announcements n HW5 out, due Tuesday October 30 th n Part 1: Questions on material we ll cover today n Part 2: BFS using your graph from

### A Correctness Proof for a Practical Byzantine-Fault-Tolerant Replication Algorithm

Appears as Technical Memo MIT/LCS/TM-590, MIT Laboratory for Computer Science, June 1999 A Correctness Proof for a Practical Byzantine-Fault-Tolerant Replication Algorithm Miguel Castro and Barbara Liskov

### Tutorial 3: Unit tests and JUnit

Tutorial 3: Unit tests and JUnit Runtime logic errors, such as contract violations, are among the more frequent in a poorly debugged program. Logic error should be fixed. However, to fix an error we need

### Binghamton University. CS-140 Fall Problem Solving. Creating a class from scratch

Problem Solving Creating a class from scratch 1 Recipe for Writing a Class 1. Write the class boilerplate stuff 2. Declare Fields 3. Write Creator(s) 4. Write accessor methods 5. Write mutator methods

### Mutation. COS 326 David Walker Princeton University

Mutation COS 326 David Walker Princeton University Mutation? 2 Thus far We have considered the (almost) purely functional subset of Ocaml. We ve had a few side effects: printing & raising exceptions. Two

### L13: Synchronization

6.005 Software Construction Fall 2011 Prof. Rob Miller Today o Making a datatype threadsafe o Locks o Monitor pattern o Deadlock o Locking disciplines Required reading (from the Java Tutorial) Synchronization

### Abstraction Functions and Representation Invariants

Abstraction Functions and Representation Invariants Prof. Clarkson Fall 2017 Today s music: In C by Terry Riley A2 Implement a text adventure game engine, and write your own adventure Experience with lists,

### Chapter 6 Introduction to Defining Classes

Introduction to Defining Classes Fundamentals of Java: AP Computer Science Essentials, 4th Edition 1 Objectives Design and implement a simple class from user requirements. Organize a program in terms of

### Array Based Lists. Collections

Array Based Lists Reading: RS Chapter 15 1 Collections Data structures stores elements in a manner that makes it easy for a client to work with the elements Specific collections are specialized for particular

### QUIZ. What are 3 differences between C and C++ const variables?

QUIZ What are 3 differences between C and C++ const variables? Solution QUIZ Source: http://stackoverflow.com/questions/17349387/scope-of-macros-in-c Solution The C/C++ preprocessor substitutes mechanically,

### Software Engineering Concepts: Invariants Silently Written & Called Functions Simple Class Example

Software Engineering Concepts: Invariants Silently Written & Called Functions Simple Class Example CS 311 Data Structures and Algorithms Lecture Slides Friday, September 11, 2009 continued Glenn G. Chappell

### Java Collections Framework. 24 April 2013 OSU CSE 1

Java Collections Framework 24 April 2013 OSU CSE 1 Overview The Java Collections Framework (JCF) is a group of interfaces and classes similar to the OSU CSE components The similarities will become clearly

### Lecture Notes on Quicksort

Lecture Notes on Quicksort 15-122: Principles of Imperative Computation Frank Pfenning Lecture 8 February 5, 2015 1 Introduction In this lecture we consider two related algorithms for sorting that achieve

### Recitation 9. Prelim Review

Recitation 9 Prelim Review 1 Heaps 2 Review: Binary heap min heap 1 2 99 4 3 PriorityQueue Maintains max or min of collection (no duplicates) Follows heap order invariant at every level Always balanced!

### Testing! The material for this lecture is drawn, in part, from! The Practice of Programming (Kernighan & Pike) Chapter 6!

Testing The material for this lecture is drawn, in part, from The Practice of Programming (Kernighan & Pike) Chapter 6 1 Words from the Wise On two occasions I have been asked [by members of Parliament],

### Lecture 7 Quicksort : Principles of Imperative Computation (Spring 2018) Frank Pfenning

Lecture 7 Quicksort 15-122: Principles of Imperative Computation (Spring 2018) Frank Pfenning In this lecture we consider two related algorithms for sorting that achieve a much better running time than

### CS 251 Intermediate Programming Methods and More

CS 251 Intermediate Programming Methods and More Brooke Chenoweth University of New Mexico Spring 2018 Methods An operation that can be performed on an object Has return type and parameters Method with

### Lecture Programming in C++ PART 1. By Assistant Professor Dr. Ali Kattan

Lecture 08-1 Programming in C++ PART 1 By Assistant Professor Dr. Ali Kattan 1 The Conditional Operator The conditional operator is similar to the if..else statement but has a shorter format. This is useful

### Detecting and preventing null pointer errors with pluggable type-checking

print(@readonly Object x) { List lst; Detecting and preventing null pointer errors with pluggable type-checking CSE 331 University of Washington Motivation java.lang.nullpointerexception

### Unit Testing as Hypothesis Testing

Unit Testing as Hypothesis Testing Jonathan Clark September 19, 2012 You should test your code. Why? To find bugs. Even for seasoned programmers, bugs are an inevitable reality. Today, we ll take an unconventional

### CS61A Notes 02b Fake Plastic Trees. 2. (cons ((1 a) (2 o)) (3 g)) 3. (list ((1 a) (2 o)) (3 g)) 4. (append ((1 a) (2 o)) (3 g))

CS61A Notes 02b Fake Plastic Trees Box and Pointer Diagrams QUESTIONS: Evaluate the following, and draw a box-and-pointer diagram for each. (Hint: It may be easier to draw the box-and-pointer diagram first.)

### Intro. Scheme Basics. scm> 5 5. scm>

Intro Let s take some time to talk about LISP. It stands for LISt Processing a way of coding using only lists! It sounds pretty radical, and it is. There are lots of cool things to know about LISP; if

### Lecture 15 Binary Search Trees

Lecture 15 Binary Search Trees 15-122: Principles of Imperative Computation (Fall 2017) Frank Pfenning, André Platzer, Rob Simmons, Iliano Cervesato In this lecture, we will continue considering ways to

### CS152: Programming Languages. Lecture 7 Lambda Calculus. Dan Grossman Spring 2011

CS152: Programming Languages Lecture 7 Lambda Calculus Dan Grossman Spring 2011 Where we are Done: Syntax, semantics, and equivalence For a language with little more than loops and global variables Now:

### CS 3 Introduction to Software Engineering. 5: Iterators

CS 3 Introduction to Software Engineering 5: Iterators Questions? 2 PS1 Discussion Question You are to choose between two procedures, both of which compute the minimum value in an array of integers. One

### n Specifying what each method does q Specify it in a comment before method's header n Precondition q Caller obligation n Postcondition

Programming as a contract Assertions, pre/postconditions and invariants Assertions: Section 4.2 in Savitch (p. 239) Loop invariants: Section 4.5 in Rosen Specifying what each method does q Specify it in

### Preconditions and Postconditions

1 Preconditions and Postconditions An important topic: preconditions and postconditions. They are a method of specifying what a function accomplishes. Data Structures and Other Objects Using C++ This is

### Documenting, Using, and Testing Utility Classes

Documenting, Using, and Testing Utility Classes Readings: Chapter 2 of the Course Notes EECS2030: Advanced Object Oriented Programming Fall 2017 CHEN-WEI WANG Structure of Project: Packages and Classes

### Lecture 16 CSE July 1992

Lecture 16 CSE 110 28 July 1992 1 Dynamic Memory Allocation We are finally going to learn how to allocate memory on the fly, getting more when we need it, a subject not usually covered in introductory

### Ryerson University Department of Electrical & Computer Engineering COE618 Midterm Examination February 26, 2013

Ryerson University Department of Electrical & Computer Engineering COE618 Midterm Examination February 26, 2013 Name: Student # : Time: 90 minutes Instructions This exam contains 6 questions. Please check

### Quiz 1 (October 25, 2017)

MIT 6.031: Software Construction Prof. Rob Miller & Max Goldman revised Tuesday 24 th October, 2017, 15:03 Quiz 1 (October 25, 2017) Your name: Your Kerberos username: You have 50 minutes to complete this

### objects

/*@ immutable @*/ objects Erik Poll SoS group (aka the LOOP group) Radboud University Nijmegen KeY workshop June 2005 yet another JML keyword... Java provides final ie. immutable - fields What about immutable

### Random input testing with R

Random input testing with R Patrick Burns http://www.burns-stat.com stat.com 2011 August Given at user!2011 at the University of Warwick on 2011 August 17 in the Programming session, Uwe Ligges presiding.

### CS 520 Theory and Practice of Software Engineering Fall 2017

CS 520 Theory and Practice of Software Engineering Fall 2017 Best and worst programming practices September 12, 2017 Logistics Recap: software architecture vs. design Specification Architecture Development

### Procedural Abstraction

Procedural Abstraction Comp-303 : Programming Techniques Lecture 5 Alexandre Denault Computer Science McGill University Winter 2004 February 16, 2004 Lecture 5 Comp 303 : Programming Techniques Page 1

### Building Java Programs

Building Java Programs A Back to Basics Approach Stuart Reges I Marty Stepp University ofwashington Preface 3 Chapter 1 Introduction to Java Programming 25 1.1 Basic Computing Concepts 26 Why Programming?

### CMPSCI 187: Programming With Data Structures. Lecture 6: The StringLog ADT David Mix Barrington 17 September 2012

CMPSCI 187: Programming With Data Structures Lecture 6: The StringLog ADT David Mix Barrington 17 September 2012 The StringLog ADT Data Abstraction Three Views of Data Java Interfaces Defining the StringLog

### High Quality Java Code: Contracts & Assertions

High Quality Java Code: Contracts & Assertions by Pedro Agulló Soliveres Writing correct code is really hard. Maybe the main reason is that, as Bertrand Meyer said, software correctness is a relative notion.

### Static Analysis in Practice

in Practice 17-654/17-754: Analysis of Software Artifacts Jonathan Aldrich 1 Quick Poll Who is familiar and comfortable with design patterns? e.g. what is a Factory and why use it? 2 1 Outline: in Practice

### The issues. Programming in C++ Common storage modes. Static storage in C++ Session 8 Memory Management

Session 8 Memory Management The issues Dr Christos Kloukinas City, UoL http://staff.city.ac.uk/c.kloukinas/cpp (slides originally produced by Dr Ross Paterson) Programs manipulate data, which must be stored

### Answer Key. 1. General Understanding (10 points) think before you decide.

Answer Key 1. General Understanding (10 points) Answer the following questions with yes or no. think before you decide. Read the questions carefully and (a) (2 points) Does the interface java.util.sortedset

### Lecture 3: Recursion; Structural Induction

15-150 Lecture 3: Recursion; Structural Induction Lecture by Dan Licata January 24, 2012 Today, we are going to talk about one of the most important ideas in functional programming, structural recursion

### Object-Oriented Design Lecture 16 CS 3500 Fall 2010 (Pucella) Friday, Nov 12, 2010

Object-Oriented Design Lecture 16 CS 3500 Fall 2010 (Pucella) Friday, Nov 12, 2010 16 Mutation We have been avoiding mutations until now. But they exist in most languages, including Java and Scala. Some

### Algorithms 1 / 24. Algorithms Sequential Search

Algorithm: a well-ordered collection of unambiguous and effectively computable operations, that, when executed, produces a result in a finite amount of time. 1 / 24 Algorithm: a well-ordered collection

Object-Oriented Design Lecture 8 CS 3500 Fall 2009 (Pucella) Tuesday, Oct 6, 2009 Subclassing for ADTs Implementation An interesting use of subclassing is to implement some forms of ADTs more cleanly,

### 5.1. Examples: Going beyond Sequence

Chapter 5. Selection In Chapter 1 we saw that algorithms deploy sequence, selection and repetition statements in combination to specify computations. Since that time, however, the computations that we

### COMP 3705 Advanced Software Engineering: Software Testing

COMP 3705 Advanced Software Engineering: Software Testing Prof. Matt Rutherford For Next Week Readings For Midterm: Chapter 1 and Sections 2.1-2.6, 3.1 3.5 New material: Chapter 4 Homework #5 http://mjrutherford.org/teaching/2009/winter/comp3705/homeworks

### Lab 4: Imperative & Debugging 12:00 PM, Feb 14, 2018

CS18 Integrated Introduction to Computer Science Fisler, Nelson Lab 4: Imperative & Debugging 12:00 PM, Feb 14, 2018 Contents 1 Imperative Programming 1 1.1 Sky High Grades......................................

### CSE 2123 Recursion. Jeremy Morris

CSE 2123 Recursion Jeremy Morris 1 Past Few Weeks For the past few weeks we have been focusing on data structures Classes & Object-oriented programming Collections Lists, Sets, Maps, etc. Now we turn our

### More C Pointer Dangers

CS61C L04 Introduction to C (pt 2) (1) inst.eecs.berkeley.edu/~cs61c CS61C : Machine Structures Must-see talk Thu 4-5pm @ Sibley by Turing Award winner Fran Allen: The Challenge of Multi-Cores: Think Sequential,

### CS61B Lecture #9: Interfaces and Abstract Classes. Recreation. Abstract Methods and Classes. Methods on Drawables

Recreation Show that for any polynomial with a leading coefficient of 1 and integral coefficients, all rational roots are integers. CS61B Lecture #9: Interfaces and Abstract Classes Announcements Berkeley

### Data Structures. Lecture 1: Introduction CSC212. Instructor: George Wolberg Department of Computer Science City College of New York

CSC212 Data Structures Lecture 1: Introduction Instructor: George Wolberg Department of Computer Science City College of New York George Wolberg, 2016 1 Outline of this lecture Course Objectives and Schedule

### CS140 Operating Systems Final December 12, 2007 OPEN BOOK, OPEN NOTES

CS140 Operating Systems Final December 12, 2007 OPEN BOOK, OPEN NOTES Your name: SUNet ID: In accordance with both the letter and the spirit of the Stanford Honor Code, I did not cheat on this exam. Furthermore,

### Lecture Notes on Queues

Lecture Notes on Queues 15-122: Principles of Imperative Computation Frank Pfenning Lecture 9 September 25, 2012 1 Introduction In this lecture we introduce queues as a data structure and linked lists

### 2.4 Choose method names carefully

2.4 Choose method names carefully We ve already discussed how to name a class in Section 1.1. Now it s time to name methods properly. I m suggesting this simple rule of thumb: builders are nouns, manipulators