SlideShare a Scribd company logo

Modular Reasoning about Aspect-Oriented Programs: A Rely-Guarantee Approach

Download as KEY, PDF
Raffi Khatchadourian
Raffi Khatchadourian

This document discusses using the rely-guarantee approach to reason about aspect-oriented programs. It introduces the rely-guarantee specification for a method M under advice as M sat (pre, rely, guar, post). The rely clause specifies the state transitions allowed by advice. An example shows how rely specifies that advice cannot change the coordinates of a Point object, allowing advice to change its scale. The approach makes base code specifications more robust to aspect changes by separating assumptions about advice from method specifications.

Technology
1 of 86
Rely-Guarantee Approach to Reasoning about Aspect-Oriented Programs Raffi Khatchadourian and Neelam Soundarajan The Ohio State University
Introduction • AOP enables modular implementation of cross- cutting concerns. • Removes scattering. • Prevents tangling. • Reasoning about AOP presents some key challenges.
The Problem
The Problem • Addition of an aspect can change the behavior of the base code.
The Problem Desirable! • Addition of an aspect can change the behavior of the base code.
The Problem Desirable! • Addition of an aspect can change the behavior of the base code. • Prior reasoning about the base code may no longer be valid.
The Problem Desirable! • Addition of an aspect can change the behavior of the base code. • Prior reasoning about the base code may no longer be valid. • May be forced to reason about the entire system again accounting for the interleaving.
The Problem Desirable! • Addition of an aspect can change the behavior of the base code. • Prior reasoning about the base code may no longer be valid. • May be forced to reason about the entire system again accounting for the interleaving. • Can we make base-code specifications more robust to aspectual changes?
Motivation • [Sullivan FSE’05]: 1. Separate base and crosscutting concerns. 2. Implement base concerns in an OO style ignoring crosscutting concerns. 3. Implement the crosscutting concerns as aspects that advise the base code directly. 4
Insight
Insight • Aspect-oriented weaving and concurrent execution present similar challenges for program analysis.
Insight • Aspect-oriented weaving and concurrent execution present similar challenges for program analysis. • AOP case much simpler (restricted interleaving).
Insight • Aspect-oriented weaving and concurrent execution present similar challenges for program analysis. • AOP case much simpler (restricted interleaving). • Well-defined join points, sequential programs, only aspect can intercept the base-code.
Insight • Aspect-oriented weaving and concurrent execution present similar challenges for program analysis. • AOP case much simpler (restricted interleaving). • Well-defined join points, sequential programs, only aspect can intercept the base-code. • Concurrent program reasoning generally requires knowledge of all processes.
Insight • Aspect-oriented weaving and concurrent execution present similar challenges for program analysis. • AOP case much simpler (restricted interleaving). • Well-defined join points, sequential programs, only aspect can intercept the base-code. • Concurrent program reasoning generally requires knowledge of all processes. • Not the case in AOP.
Insight • Aspect-oriented weaving and concurrent execution present similar challenges for program analysis. • AOP case much simpler (restricted interleaving). • Well-defined join points, sequential programs, only aspect can intercept the base-code. • Concurrent program reasoning generally requires knowledge of all processes. • Not the case in AOP. • An approach known from concurrent programming, rely-guarantee [Xu97], can be adapted and then used to make AO programs more analyzable.
Notation the set of all variables of σ the program states in which each σi , σj , ... variable has a particular value
!1 !2 !3
!1 Aspect !2' !3
The Rely() Clause
The Rely() Clause • Identify a relation rely() that is a predicate over two states, σa and σb.
The Rely() Clause • Identify a relation rely() that is a predicate over two states, σa and σb. • rely() will not correspond to the actual behavior of advice.
The Rely() Clause • Identify a relation rely() that is a predicate over two states, σa and σb. • rely() will not correspond to the actual behavior of advice. • specify the kinds of behavior acceptable to m().
!a Aspect !b
The state at a point in the execution of a class is σa. !a Aspect !b
The state at a point in the execution of a class is σa. !a Aspect !b The state when the class gets control back from an aspect is σb.
The state at a point in the execution of a class is σa. !a Aspect rely(σa, σb) !b The state when the class gets control back from an aspect is σb.
Rely-Guarantee Approach for AOP
Rely-Guarantee Approach for AOP A method M under the influence of advice satisfies an R/G specification denoted by
Rely-Guarantee Approach for AOP A method M under the influence of advice satisfies an R/G specification denoted by M sat (pre, rely, guar, post)
Rely-Guarantee Approach for AOP A method M under the influence of advice satisfies an R/G specification denoted by M sat (pre, rely, guar, post) if
Rely-Guarantee Approach for AOP A method M under the influence of advice satisfies an R/G specification denoted by M sat (pre, rely, guar, post) if 1) M is invoked in a state which satisfies pre, and
Rely-Guarantee Approach for AOP A method M under the influence of advice satisfies an R/G specification denoted by M sat (pre, rely, guar, post) if 1) M is invoked in a state which satisfies pre, and 2) all advice transitions satisfy rely,
Rely-Guarantee Approach for AOP A method M under the influence of advice satisfies an R/G specification denoted by M sat (pre, rely, guar, post) if 1) M is invoked in a state which satisfies pre, and 2) all advice transitions satisfy rely, then
Rely-Guarantee Approach for AOP A method M under the influence of advice satisfies an R/G specification denoted by M sat (pre, rely, guar, post) if 1) M is invoked in a state which satisfies pre, and 2) all advice transitions satisfy rely, then 3) all states prior to M being intercepted by advice will satisfy guar, and
Rely-Guarantee Approach for AOP A method M under the influence of advice satisfies an R/G specification denoted by M sat (pre, rely, guar, post) if 1) M is invoked in a state which satisfies pre, and 2) all advice transitions satisfy rely, then 3) all states prior to M being intercepted by advice will satisfy guar, and 4) if the computation terminates, the final state will satisfy post.
Rely-Guarantee Approach for AOP A method M under the influence of advice satisfies an R/G specification denoted by M sat (pre, rely, guar, post) if 1) M is invoked in a state which satisfies pre, and 2) all advice transitions satisfy rely, Pointcut then 3) all states prior to M being intercepted by advice will satisfy guar, and 4) if the computation terminates, the final state will satisfy post.
Rely-Guarantee Approach for AOP A method M under the influence of advice satisfies an R/G specification denoted by M sat (pre, rely, guar, post) if 1) M is invoked in a state which satisfies pre, and 2) all advice transitions satisfy rely, Pointcut then 3) all states prior to M being intercepted by advice will satisfy guar, and for advice pre 4) if the computation terminates, the final state will satisfy post.
Rely() Example rely(σ, σ ) ≡ (σ = σ )
Rely() Example The entire state of C rely(σ, σ ) ≡ (σ = σ )
Rely() Example rely(σ, σ ) ≡ (σ = σ ) ble ny ica g a pl in ! y ap ak te an m m sta ds fro the bi e or ic s in F v ad ange ch
Rely() Example This is “Harmless”[D&W POPL’06] rely(σ, σ ) ≡ (σ = σ )
1 class Point { 2 int x, y; co 3 int s; pa 4 qu 5 public Point(int xi, int yi) mi 6 { x=xi; y=yi; s=1; } hav 7 public int getX() { return (x*s); } on 8 public int getY() { return (y*s); } ma 9 dif 10 public void move(int nx, int ny) 11 { x=nx; y=ny; } of 12 } po 13 rel 14 aspect adjustScale { as 15 pointcut m(Point p): 16 execution(void Point.move(int,int)) cla 17 && target( p ); tha 18 ad 19 after(Point p) : m(p) { in 20 if ((p.x < 5) && (p.y < 5)) { p.s=10; } 21 } we 22 } wi ap the Figure 1. Point Class and Aspect on po
1 class Point { 2 int x, y; co 3 int s; pa 4 qu 5 public Point(int xi, int yi) mi 6 { x=xi; y=yi; s=1; } hav 7 public int getX() { return (x*s); } on 8 public int getY() { return (y*s); } ma 9 dif 10 public void move(int nx, int ny) of Coordinates { x=nx; y=ny; } 11 po 12 } 13 rel 14 aspect adjustScale { as 15 pointcut m(Point p): 16 execution(void Point.move(int,int)) cla 17 && target( p ); tha 18 ad 19 after(Point p) : m(p) { in 20 if ((p.x < 5) && (p.y < 5)) { p.s=10; } 21 } we 22 } wi ap the Figure 1. Point Class and Aspect on po
1 class Point { 2 int x, y; co 3 int s; pa qu 4 5 public Point(int xi, int yi) Scaled mi 6 { x=xi; y=yi; s=1; } hav 7 public int getX() { return (x*s); } on 8 public int getY() { return (y*s); } ma 9 dif 10 public void move(int nx, int ny) 11 { x=nx; y=ny; } of 12 } po 13 rel 14 aspect adjustScale { as 15 pointcut m(Point p): 16 execution(void Point.move(int,int)) cla 17 && target( p ); tha 18 ad 19 after(Point p) : m(p) { in 20 if ((p.x < 5) && (p.y < 5)) { p.s=10; } 21 } we 22 } wi ap the Figure 1. Point Class and Aspect on po
1 class Point { 2 int x, y; co 3 int s; pa 4 qu 5 public Point(int xi, int yi) mi 6 { x=xi; y=yi; s=1; } hav 7 public int getX() { return (x*s); } on 8 public int getY() { return (y*s); } ma 9 dif 10 public void move(int nx, int ny) 11 { x=nx; y=ny; } of 12 } po 13 rel 14 aspect adjustScale { as 15 pointcut m(Point p): 16 execution(void Point.move(int,int)) cla 17 && target( p Too close! ); tha 18 ad 19 after(Point p) : m(p) { in 20 if ((p.x < 5) && (p.y < 5)) { p.s=10; } 21 } we 22 } wi ap the Figure 1. Point Class and Aspect on po
1 class Point { 2 int x, y; co 3 int s; pa 4 qu 5 public Point(int xi, int yi) mi 6 { x=xi; y=yi; s=1; } hav 7 public int getX() { return (x*s); } on 8 public int getY() { return (y*s); } ma 9 dif 10 public void move(int nx, int ny) 11 { x=nx; y=ny; } of 12 } po 13 rel 14 aspect adjustScale { as 15 pointcut m(Point p): 16 execution(void Point.move(int,int)) cla 17 && target( p ); tha 18 ad 19 after(Point p) : m(p) { in 20 if ((p.x < 5) && (p.y < 5)) { p.s=10; } 21 } we 22 } wi Adjust ap the Figure 1. Point Class and Aspect on po
1 class Point { 2 int x, y; co 3 int s; pa 4 qu 5 public Point(int xi, int yi) mi 6 { x=xi; y=yi; s=1; } hav 7 public int getX() { return (x*s); } on 8 public int getY() { return (y*s); } ma 9 dif 10 public void move(int nx, int ny) 11 { x=nx; y=ny; } of 12 } po 13 rel 14 aspect adjustScale { as 15 pointcut m(Point p): 16 execution(void Point.move(int,int)) cla 17 && target( p ); tha 18 ad 19 after(Point p) : m(p) { in 20 if ((p.x < 5) && (p.y < 5)) { p.s=10; } 21 } we 22 } wi ap the Figure 1. Point Class and Aspect on po
A rely() for class Point rely(σ, σ ) ≡ [(σ.x = σ .x) ∧ (σ.y = σ .y)]
A rely() for class Point rely(σ, σ ) ≡ [(σ.x = σ .x) ∧ (σ.y = σ .y)]
A rely() for class Point rely(σ, σ ) ≡ [(σ.x = σ .x) ∧ (σ.y = σ .y)] (σ.s = σ .s)
A rely() for class Point rely(σ, σ ) ≡ [(σ.x = σ .x) ∧ (σ.y = σ .y)] • Not a fault of the reasoning approach!
A rely() for class Point rely(σ, σ ) ≡ [(σ.x = σ .x) ∧ (σ.y = σ .y)] • Not a fault of the reasoning approach! • Must be sure not to impose stronger requirements than necessary on aspects that might be developed later.
A rely() for class Point rely(σ, σ ) ≡ [(σ.x = σ .x) ∧ (σ.y = σ .y)] • Not a fault of the reasoning approach! • Must be sure not to impose stronger requirements than necessary on aspects that might be developed later. • Otherwise, we may be forced to redo the task of reasoning about the class ...
A rely() for class Point rely(σ, σ ) ≡ [(σ.x = σ .x) ∧ (σ.y = σ .y)] • Not a fault of the reasoning approach! • Must be sure not to impose stronger requirements than necessary on aspects that might be developed later. • Otherwise, we may be forced to redo the task of reasoning about the class ... • BUT, it is only in these cases where we must redo our reasoning.
The guar() Clause
The guar() Clause • Concurrent programs: the two processes act symmetrically.
The guar() Clause • Concurrent programs: the two processes act symmetrically. • AOP: base-code can’t intercept advice.
The guar() Clause • Concurrent programs: the two processes act symmetrically. • AOP: base-code can’t intercept advice. • guar() for AOP
The guar() Clause • Concurrent programs: the two processes act symmetrically. • AOP: base-code can’t intercept advice. • guar() for AOP • The assertion is true in this case.
The guar() Clause • Concurrent programs: the two processes act symmetrically. • AOP: base-code can’t intercept advice. • guar() for AOP • The assertion is true in this case. • Aspect not available at time of construction.
The guar() Clause • Concurrent programs: the two processes act symmetrically. • AOP: base-code can’t intercept advice. • guar() for AOP • The assertion is true in this case. • Aspect not available at time of construction. • Need to consider many possible joinpoints.
The guar() Clause • Concurrent programs: the two processes act symmetrically. • AOP: base-code can’t intercept advice. • guar() for AOP • The assertion is true in this case. • Aspect not available at time of construction. • Need to consider many possible joinpoints. • guar() may not be strong enough for future.
9 d public void move(int nx, int ny) o 10 11 { x=nx; y=ny; } The Reasoning Processp class Point { • r 12 } 1 Do not have information 13 2 int x, y; about the value of a Point.s s; 14 aspect int 3 adjustScale { 15 pointcut m(Point p): 4 c 16 public Point(int xi, int yi) 5 execution(void Point.move(int,int)) 17 6 && target( p {); x=xi; y=yi; s=1; } t 18 7 public int getX() { return (x*s); } a 19 after(Point p) : getY() { return (y*s); } 8 public int m(p) { i 20 9 if ((p.x < 5) && (p.y < 5)) { p.s=10; } w 21 } 10 public void move(int nx, int ny) w 22 } 11 { x=nx; y=ny; } a 12 } t 13 Figure 1. Point Class and Aspect o aspect adjustScale { 14 p 15 pointcut m(Point p): f execution(void Point.move(int,int)) That is, indeed, precisely what the adjustScale aspect does. 16 ( && target( to an The pointcut m() corresponds p ); execution of the move() 17 o method. The after advice specified states that if the point p is 18 a sufficientlyafter(Point p) then the scale factor is set equal to 19 close to the origin, : m(p) { P ten4 . 20 if ((p.x < the class Point, we see that the Thus, if we consider just5) && (p.y < 5)) { p.s=10; } r
9 d public void move(int nx, int ny) o 10 11 { x=nx; y=ny; } The Reasoning Processp class Point { • r 12 } 1 Do not have information 13 2 int x, y; about the value of a Point.s s; 14 aspect int 3 adjustScale { 15 pointcut m(Point p): 4 c 16 public Point(int xi, int yi) 5 execution(void Point.move(int,int)) 17 6 && target( p {); x=xi; y=yi; s=1; } t 18 7 public int getX() { return (x*s); } a 19 after(Point p) : getY() { return (y*s); } 8 public int m(p) { i 20 9 if ((p.x < 5) && (p.y < 5)) { p.s=10; } w 21 } 10 public void move(int nx, int ny) w 22 } 11 { x=nx; y=ny; } a 12 } t 13 Figure 1. Point Class and Aspect o aspect adjustScale { 14 p 15 pointcut m(Point p): f execution(void Point.move(int,int)) That is, indeed, precisely what the adjustScale aspect does. 16 ( && target( to an The pointcut m() corresponds p ); execution of the move() 17 o method. The after advice specified states that if the point p is 18 a sufficientlyafter(Point p) then the scale factor is set equal to 19 close to the origin, : m(p) { P ten4 . 20 if ((p.x < the class Point, we see that the Thus, if we consider just5) && (p.y < 5)) { p.s=10; } r
9 d public void move(int nx, int ny) o 10 11 { x=nx; y=ny; } The Reasoning Processp class Point { • r 12 } 1 Do not have information 13 2 int x, y; about the value of a Point.s s; 14 aspect int 3 adjustScale { 15 pointcut m(Point p): 4 c 16 public Point(int xi, int yi) 5 execution(void Point.move(int,int)) 17 6 && target( p {); x=xi; y=yi; s=1; } t 18 7 public int getX() { return (x*s); } a 19 after(Point p) : getY() { return (y*s); } 8 public int m(p) { i 20 9 if ((p.x < 5) && (p.y < 5)) { p.s=10; } w 21 } 10 public void move(int nx, int ny) w 22 } 11 { x=nx; y=ny; } a 12 } t 13 Figure 1. Point Class and Aspect o aspect adjustScale { 14 p 15 pointcut m(Point p): f execution(void Point.move(int,int)) That is, indeed, precisely what the adjustScale aspect does. 16 ( && target( to an The pointcut m() corresponds p ); execution of the move() 17 o method. The after advice specified states that if the point p is 18 a sufficientlyafter(Point p) then the scale factor is set equal to 19 close to the origin, : m(p) { P ten4 . 20 if ((p.x < the class Point, we see that the Thus, if we consider just5) && (p.y < 5)) { p.s=10; } r
9 d public void move(int nx, int ny) o 10 11 { x=nx; y=ny; } The Reasoning Processp class Point { • r 12 } 1 Do not have information 13 2 int x, y; about the value of a Point.s s; 14 aspect int 3 adjustScale { 15 pointcut m(Point p): 4 c 16 public Point(int xi, int yi) 5 execution(void Point.move(int,int)) 17 6 && target( p {); x=xi; y=yi; s=1; } t 18 7 public int getX() { return (x*s); } a 19 after(Point p) : getY() { return (y*s); } 8 public int m(p) { i 20 9 if ((p.x < 5) && (p.y < 5)) { p.s=10; } w 21 } 10 public void move(int nx, int ny) w 22 } 11 { x=nx; y=ny; } a • History variable [Hoare78] 12 } Figure 1. Point Class and Aspect 13 t o • aspect adjustScale { Provides additional information required to 14 pointcut m(Point p): 15 p f establishexecution(voidof the combined system. the behavior Point.move(int,int)) That is, indeed, precisely what the adjustScale aspect does. 16 ( && target( to an The pointcut m() corresponds p ); execution of the move() 17 o method. The after advice specified states that if the point p is 18 a sufficientlyafter(Point p) then the scale factor is set equal to 19 close to the origin, : m(p) { P ten4 . 20 if ((p.x < the class Point, we see that the Thus, if we consider just5) && (p.y < 5)) { p.s=10; } r
4 5 public Point(int xi, int History Variable yi) 6 { x=xi; y=yi; s=1; } 7 Consider intbehavior of Point.move(): } public the getX() { return (x*s); 8 public int getY() { return (y*s); } 9 10 public void move(int nx, int ny) 11 { x=nx; y=ny; } 12 } 13 14 aspect What’s the value{of Point.s? adjustScale 15 pointcut m(Point p): 16 execution(void Point.move(int,int)) 17 && target( p ); 18 19 after(Point p) : m(p) { 20 if ((p.x < 5) && (p.y < 5)) { p.s=1 21 }
4 5 public Point(int xi, int History Variable yi) 6 { x=xi; y=yi; s=1; } 7 Consider intbehavior of Point.move(): } public the getX() { return (x*s); 8 public int getY() { return (y*s); } 9 10 public void move(int nx, int ny) 11 { x=nx; y=ny; } 12 } 13 14 aspect What’s the value{of Point.s? adjustScale 15 pointcut m(Point p): execution(void Point.move(int,int)) • 16 From the && target( p ); know that it does not 17 body of move(), we change the value of s. 18 • 19 20 after(Point p) : m(p) { must have been due to aspectual (i.e., if ((p.x < 5) && (p.y < 5)) { p.s=1 21 environmental) influence. }
Post-condition of Point.move()
Post-condition of Point.move() • Post-condition of move() will state: • Values of x and y are equal to the values for the corresponding arguments received. • Value of s will be equal to whatever it was when the final advice to execute during the execution of move() completes.
Post-condition of Point.move() • Post-condition of move() will state: • Values of x and y are equal to the values for the corresponding arguments received. • Value of s will be equal to whatever it was when the final advice to execute during the execution of move() completes. • Can conclude that s will be 10 or what it was at the start of the method.
1 class Point { But 2 int x, y; condit 3 int s; particu 4 questi 5 public Point(int xi, int yi) might 6 { x=xi; y=yi; s=1; } have t 7 public int getX() { return (x*s); } on an 8 public int getY() { return (y*s); } may h 9 differe 10 public void move(int nx, int ny) 11 { x=nx; y=ny; } of exp 12 } pointc 13 rely() 14 aspect adjustScale { as (1) 15 pointcut m(Point p): Ho 16 execution(void Point.move(int,int)) class a 17 && target( p ); that ap 18 advice 19 after(Point p) : m(p) { in whi 20 if ((p.x < 5) && (p.y < 5)) { p.s=10; } 21 } we wi 22 } will, t a pote the cla Figure 1. Point Class and Aspect one or possib
1 class Point { But 2 int x, y; condit 3 int s; particu 4 questi 5 public Point(int xi, int yi) might 6 { x=xi; y=yi; s=1; } have t 7 public int getX() { return (x*s); } on an 8 public int getY() { return (y*s); } may h 9 differe 10 public void move(int nx, int ny) 11 { x=nx; y=ny; } of exp 12 } pointc 13 rely() 14 aspect adjustScale { as (1) 15 pointcut m(Point p): Ho 16 execution(void Point.move(int,int)) class a 17 && target( p ); that ap 18 advice 19 after(Point p) : m(p) { in whi 20 if ((p.x < 5) && (p.y < 5)) { p.s=10; } 21 } we wi 22 } will, t a pote the cla Figure 1. Point Class and Aspect one or possib
Conclusion and Future Work
Conclusion and Future Work • AO programmers already think implicitly about rely(), our proposed approach makes this explicit.
Conclusion and Future Work • AO programmers already think implicitly about rely(), our proposed approach makes this explicit. • Formally capture properties we want AO programs to exhibit.
Conclusion and Future Work • AO programmers already think implicitly about rely(), our proposed approach makes this explicit. • Formally capture properties we want AO programs to exhibit. • rely() specifies the kinds of aspectual influence the base-code is willing to tolerate so that it would not be adversely affected by advice.
Conclusion and Future Work • AO programmers already think implicitly about rely(), our proposed approach makes this explicit. • Formally capture properties we want AO programs to exhibit. • rely() specifies the kinds of aspectual influence the base-code is willing to tolerate so that it would not be adversely affected by advice. • Specifying rely().
Conclusion and Future Work • AO programmers already think implicitly about rely(), our proposed approach makes this explicit. • Formally capture properties we want AO programs to exhibit. • rely() specifies the kinds of aspectual influence the base-code is willing to tolerate so that it would not be adversely affected by advice. • Specifying rely(). • Formal framework, obtaining richer behavior.
Conclusion and Future Work • AO programmers already think implicitly about rely(), our proposed approach makes this explicit. • Formally capture properties we want AO programs to exhibit. • rely() specifies the kinds of aspectual influence the base-code is willing to tolerate so that it would not be adversely affected by advice. • Specifying rely(). • Formal framework, obtaining richer behavior. • Multiple applicable advice.
Conclusion and Future Work • AO programmers already think implicitly about rely(), our proposed approach makes this explicit. • Formally capture properties we want AO programs to exhibit. • rely() specifies the kinds of aspectual influence the base-code is willing to tolerate so that it would not be adversely affected by advice. • Specifying rely(). • Formal framework, obtaining richer behavior. • Multiple applicable advice. • Tool-supported verification.

Recommended

Rely-Guarantee Approach to Reasoning about Aspect-Oriented Programs
Rely-Guarantee Approach to Reasoning about Aspect-Oriented Programs Rely-Guarantee Approach to Reasoning about Aspect-Oriented Programs
Rely-Guarantee Approach to Reasoning about Aspect-Oriented Programs
Raffi Khatchadourian
 
The Process of System Redesign
The Process of System RedesignThe Process of System Redesign
The Process of System Redesign
Citizen Network
 
Ideas and Funnies for Teachers
Ideas and Funnies for TeachersIdeas and Funnies for Teachers
Ideas and Funnies for Teachers
Shana Carter
 
Self-Directed Support - International Learning
Self-Directed Support - International LearningSelf-Directed Support - International Learning
Self-Directed Support - International Learning
Citizen Network
 
DW Health Transition Presentation for VCS Health and Social Care Forum - Nove...
DW Health Transition Presentation for VCS Health and Social Care Forum - Nove...DW Health Transition Presentation for VCS Health and Social Care Forum - Nove...
DW Health Transition Presentation for VCS Health and Social Care Forum - Nove...
Voluntary Action LeicesterShire
 
Non-Relational Databases at ACCU2011
Non-Relational Databases at ACCU2011Non-Relational Databases at ACCU2011
Non-Relational Databases at ACCU2011
Gavin Heavyside
 
Why Usability Matters: a Case Study of the Cumberland County Library System W...
Why Usability Matters: a Case Study of the Cumberland County Library System W...Why Usability Matters: a Case Study of the Cumberland County Library System W...
Why Usability Matters: a Case Study of the Cumberland County Library System W...
Kathy McShea
 
Enforcing Behavioral Constraints in Evolving Aspect-Oriented Programs
Enforcing Behavioral Constraints in Evolving Aspect-Oriented Programs Enforcing Behavioral Constraints in Evolving Aspect-Oriented Programs
Enforcing Behavioral Constraints in Evolving Aspect-Oriented Programs
Raffi Khatchadourian
 

Recommended

Rely-Guarantee Approach to Reasoning about Aspect-Oriented Programs
Rely-Guarantee Approach to Reasoning about Aspect-Oriented Programs Rely-Guarantee Approach to Reasoning about Aspect-Oriented Programs
Rely-Guarantee Approach to Reasoning about Aspect-Oriented Programs
Raffi Khatchadourian
 
The Process of System Redesign
The Process of System RedesignThe Process of System Redesign
The Process of System Redesign
Citizen Network
 
Ideas and Funnies for Teachers
Ideas and Funnies for TeachersIdeas and Funnies for Teachers
Ideas and Funnies for Teachers
Shana Carter
 
Self-Directed Support - International Learning
Self-Directed Support - International LearningSelf-Directed Support - International Learning
Self-Directed Support - International Learning
Citizen Network
 
DW Health Transition Presentation for VCS Health and Social Care Forum - Nove...
DW Health Transition Presentation for VCS Health and Social Care Forum - Nove...DW Health Transition Presentation for VCS Health and Social Care Forum - Nove...
DW Health Transition Presentation for VCS Health and Social Care Forum - Nove...
Voluntary Action LeicesterShire
 
Non-Relational Databases at ACCU2011
Non-Relational Databases at ACCU2011Non-Relational Databases at ACCU2011
Non-Relational Databases at ACCU2011
Gavin Heavyside
 
Why Usability Matters: a Case Study of the Cumberland County Library System W...
Why Usability Matters: a Case Study of the Cumberland County Library System W...Why Usability Matters: a Case Study of the Cumberland County Library System W...
Why Usability Matters: a Case Study of the Cumberland County Library System W...
Kathy McShea
 
Enforcing Behavioral Constraints in Evolving Aspect-Oriented Programs
Enforcing Behavioral Constraints in Evolving Aspect-Oriented Programs Enforcing Behavioral Constraints in Evolving Aspect-Oriented Programs
Enforcing Behavioral Constraints in Evolving Aspect-Oriented Programs
Raffi Khatchadourian
 
Paper Study - Incremental Data-Flow Analysis Algorithms by Ryder et al
Paper Study - Incremental Data-Flow Analysis Algorithms by Ryder et alPaper Study - Incremental Data-Flow Analysis Algorithms by Ryder et al
Paper Study - Incremental Data-Flow Analysis Algorithms by Ryder et al
Min-Yih Hsu
 
Design of Design of Technology Transfer Services
Design of Design of Technology Transfer ServicesDesign of Design of Technology Transfer Services
Design of Design of Technology Transfer Services
International Society of Service Innovation Professionals
 
AI Lesson 12
AI Lesson 12AI Lesson 12
AI Lesson 12
Assistant Professor
 
Concepts of predictive control
Concepts of predictive controlConcepts of predictive control
Concepts of predictive control
JARossiter
 
Innoslate's Ontology - LML, SysML, DoDAF, and more
Innoslate's Ontology - LML, SysML, DoDAF, and moreInnoslate's Ontology - LML, SysML, DoDAF, and more
Innoslate's Ontology - LML, SysML, DoDAF, and more
Elizabeth Steiner
 
Essentials for Reliability Practitioners
Essentials for Reliability PractitionersEssentials for Reliability Practitioners
Essentials for Reliability Practitioners
ASQ Reliability Division
 
Backdoors to Satisfiability
Backdoors to SatisfiabilityBackdoors to Satisfiability
Backdoors to Satisfiability
msramanujan
 
Evaluating long-term predictive power of standard reliability growth models o...
Evaluating long-term predictive power of standard reliability growth models o...Evaluating long-term predictive power of standard reliability growth models o...
Evaluating long-term predictive power of standard reliability growth models o...
RAKESH RANA
 
[ASE2014] An Empirical Study on Reducing Omission Errors in Practice
[ASE2014] An Empirical Study on Reducing Omission Errors in Practice[ASE2014] An Empirical Study on Reducing Omission Errors in Practice
[ASE2014] An Empirical Study on Reducing Omission Errors in Practice
Jihun Park
 
Rcm modelling uncertainties in rcm with dempster shaffer approach
Rcm modelling uncertainties in rcm with dempster shaffer approachRcm modelling uncertainties in rcm with dempster shaffer approach
Rcm modelling uncertainties in rcm with dempster shaffer approach
Mehdi Shayestehfar
 
Stevbros phần 10 hành trang thi pmp và capm
Stevbros phần 10 hành trang thi pmp và capmStevbros phần 10 hành trang thi pmp và capm
Stevbros phần 10 hành trang thi pmp và capm
Stevbros Training
 
FE3.ppt
FE3.pptFE3.ppt
FE3.ppt
asde13
 
The Search for a Better Risk Model - MPT Forum Tokyo March 1st 2012
The Search for a Better Risk Model - MPT Forum Tokyo March 1st 2012The Search for a Better Risk Model - MPT Forum Tokyo March 1st 2012
The Search for a Better Risk Model - MPT Forum Tokyo March 1st 2012
yamanote
 
SEM MODELING THROUGH PARTIAL least SQUARE
SEM MODELING THROUGH PARTIAL least SQUARESEM MODELING THROUGH PARTIAL least SQUARE
SEM MODELING THROUGH PARTIAL least SQUARE
MohitGupta986332
 
Aspect Extraction Performance With Common Pattern of Dependency Relation in ...
Aspect Extraction Performance With Common Pattern of Dependency Relation in ...Aspect Extraction Performance With Common Pattern of Dependency Relation in ...
Aspect Extraction Performance With Common Pattern of Dependency Relation in ...
Nurfadhlina Mohd Sharef
 
AN EMPIRICAL STUDY OF THE RELATION BETWEEN STRONG CHANGE COUPLING AND DEFECTS...
AN EMPIRICAL STUDY OF THE RELATION BETWEEN STRONG CHANGE COUPLING AND DEFECTS...AN EMPIRICAL STUDY OF THE RELATION BETWEEN STRONG CHANGE COUPLING AND DEFECTS...
AN EMPIRICAL STUDY OF THE RELATION BETWEEN STRONG CHANGE COUPLING AND DEFECTS...
Igor Wiese
 
System science documentation
System science documentationSystem science documentation
System science documentation
Ismail El Gayar
 
Textual & Sentiment Analysis of Movie Reviews
Textual & Sentiment Analysis of Movie ReviewsTextual & Sentiment Analysis of Movie Reviews
Textual & Sentiment Analysis of Movie Reviews
Yousef Fadila
 
2_CFD_SEicher.pdf
2_CFD_SEicher.pdf2_CFD_SEicher.pdf
2_CFD_SEicher.pdf
wawansetiawan617909
 
Structured equation model
Structured equation modelStructured equation model
Structured equation model
King Abidi
 
Towards Safe Automated Refactoring of Imperative Deep Learning Programs to Gr...
Towards Safe Automated Refactoring of Imperative Deep Learning Programs to Gr...Towards Safe Automated Refactoring of Imperative Deep Learning Programs to Gr...
Towards Safe Automated Refactoring of Imperative Deep Learning Programs to Gr...
Raffi Khatchadourian
 
Automated Evolution of Feature Logging Statement Levels Using Git Histories a...
Automated Evolution of Feature Logging Statement Levels Using Git Histories a...Automated Evolution of Feature Logging Statement Levels Using Git Histories a...
Automated Evolution of Feature Logging Statement Levels Using Git Histories a...
Raffi Khatchadourian
 

More Related Content

Similar to Modular Reasoning about Aspect-Oriented Programs: A Rely-Guarantee Approach

Innoslate's Ontology - LML, SysML, DoDAF, and more
Innoslate's Ontology - LML, SysML, DoDAF, and moreInnoslate's Ontology - LML, SysML, DoDAF, and more
Innoslate's Ontology - LML, SysML, DoDAF, and more
Elizabeth Steiner
 
Stevbros phần 10 hành trang thi pmp và capm
Stevbros phần 10 hành trang thi pmp và capmStevbros phần 10 hành trang thi pmp và capm
Stevbros phần 10 hành trang thi pmp và capm
Stevbros Training
 
System science documentation
System science documentationSystem science documentation
System science documentation
Ismail El Gayar
 

Similar to Modular Reasoning about Aspect-Oriented Programs: A Rely-Guarantee Approach (20)

Paper Study - Incremental Data-Flow Analysis Algorithms by Ryder et al
Paper Study - Incremental Data-Flow Analysis Algorithms by Ryder et alPaper Study - Incremental Data-Flow Analysis Algorithms by Ryder et al
Paper Study - Incremental Data-Flow Analysis Algorithms by Ryder et al
 
Design of Design of Technology Transfer Services
Design of Design of Technology Transfer ServicesDesign of Design of Technology Transfer Services
Design of Design of Technology Transfer Services
 
AI Lesson 12
AI Lesson 12AI Lesson 12
AI Lesson 12
 
Concepts of predictive control
Concepts of predictive controlConcepts of predictive control
Concepts of predictive control
 
Innoslate's Ontology - LML, SysML, DoDAF, and more
Innoslate's Ontology - LML, SysML, DoDAF, and moreInnoslate's Ontology - LML, SysML, DoDAF, and more
Innoslate's Ontology - LML, SysML, DoDAF, and more
 
Essentials for Reliability Practitioners
Essentials for Reliability PractitionersEssentials for Reliability Practitioners
Essentials for Reliability Practitioners
 
Backdoors to Satisfiability
Backdoors to SatisfiabilityBackdoors to Satisfiability
Backdoors to Satisfiability
 
Evaluating long-term predictive power of standard reliability growth models o...
Evaluating long-term predictive power of standard reliability growth models o...Evaluating long-term predictive power of standard reliability growth models o...
Evaluating long-term predictive power of standard reliability growth models o...
 
[ASE2014] An Empirical Study on Reducing Omission Errors in Practice
[ASE2014] An Empirical Study on Reducing Omission Errors in Practice[ASE2014] An Empirical Study on Reducing Omission Errors in Practice
[ASE2014] An Empirical Study on Reducing Omission Errors in Practice
 
Rcm modelling uncertainties in rcm with dempster shaffer approach
Rcm modelling uncertainties in rcm with dempster shaffer approachRcm modelling uncertainties in rcm with dempster shaffer approach
Rcm modelling uncertainties in rcm with dempster shaffer approach
 
Stevbros phần 10 hành trang thi pmp và capm
Stevbros phần 10 hành trang thi pmp và capmStevbros phần 10 hành trang thi pmp và capm
Stevbros phần 10 hành trang thi pmp và capm
 
FE3.ppt
FE3.pptFE3.ppt
FE3.ppt
 
The Search for a Better Risk Model - MPT Forum Tokyo March 1st 2012
The Search for a Better Risk Model - MPT Forum Tokyo March 1st 2012The Search for a Better Risk Model - MPT Forum Tokyo March 1st 2012
The Search for a Better Risk Model - MPT Forum Tokyo March 1st 2012
 
SEM MODELING THROUGH PARTIAL least SQUARE
SEM MODELING THROUGH PARTIAL least SQUARESEM MODELING THROUGH PARTIAL least SQUARE
SEM MODELING THROUGH PARTIAL least SQUARE
 
Aspect Extraction Performance With Common Pattern of Dependency Relation in ...
Aspect Extraction Performance With Common Pattern of Dependency Relation in ...Aspect Extraction Performance With Common Pattern of Dependency Relation in ...
Aspect Extraction Performance With Common Pattern of Dependency Relation in ...
 
AN EMPIRICAL STUDY OF THE RELATION BETWEEN STRONG CHANGE COUPLING AND DEFECTS...
AN EMPIRICAL STUDY OF THE RELATION BETWEEN STRONG CHANGE COUPLING AND DEFECTS...AN EMPIRICAL STUDY OF THE RELATION BETWEEN STRONG CHANGE COUPLING AND DEFECTS...
AN EMPIRICAL STUDY OF THE RELATION BETWEEN STRONG CHANGE COUPLING AND DEFECTS...
 
System science documentation
System science documentationSystem science documentation
System science documentation
 
Textual & Sentiment Analysis of Movie Reviews
Textual & Sentiment Analysis of Movie ReviewsTextual & Sentiment Analysis of Movie Reviews
Textual & Sentiment Analysis of Movie Reviews
 
2_CFD_SEicher.pdf
2_CFD_SEicher.pdf2_CFD_SEicher.pdf
2_CFD_SEicher.pdf
 
Structured equation model
Structured equation modelStructured equation model
Structured equation model
 

More from Raffi Khatchadourian

Towards Safe Automated Refactoring of Imperative Deep Learning Programs to Gr...
Towards Safe Automated Refactoring of Imperative Deep Learning Programs to Gr...Towards Safe Automated Refactoring of Imperative Deep Learning Programs to Gr...
Towards Safe Automated Refactoring of Imperative Deep Learning Programs to Gr...
Raffi Khatchadourian
 
Automated Evolution of Feature Logging Statement Levels Using Git Histories a...
Automated Evolution of Feature Logging Statement Levels Using Git Histories a...Automated Evolution of Feature Logging Statement Levels Using Git Histories a...
Automated Evolution of Feature Logging Statement Levels Using Git Histories a...
Raffi Khatchadourian
 
A Tool for Rejuvenating Feature Logging Levels via Git Histories and Degree o...
A Tool for Rejuvenating Feature Logging Levels via Git Histories and Degree o...A Tool for Rejuvenating Feature Logging Levels via Git Histories and Degree o...
A Tool for Rejuvenating Feature Logging Levels via Git Histories and Degree o...
Raffi Khatchadourian
 
Challenges in Migrating Imperative Deep Learning Programs to Graph Execution:...
Challenges in Migrating Imperative Deep Learning Programs to Graph Execution:...Challenges in Migrating Imperative Deep Learning Programs to Graph Execution:...
Challenges in Migrating Imperative Deep Learning Programs to Graph Execution:...
Raffi Khatchadourian
 
Actor Concurrency Bugs: A Comprehensive Study on Symptoms, Root Causes, API U...
Actor Concurrency Bugs: A Comprehensive Study on Symptoms, Root Causes, API U...Actor Concurrency Bugs: A Comprehensive Study on Symptoms, Root Causes, API U...
Actor Concurrency Bugs: A Comprehensive Study on Symptoms, Root Causes, API U...
Raffi Khatchadourian
 
An Empirical Study of Refactorings and Technical Debt in Machine Learning Sys...
An Empirical Study of Refactorings and Technical Debt in Machine Learning Sys...An Empirical Study of Refactorings and Technical Debt in Machine Learning Sys...
An Empirical Study of Refactorings and Technical Debt in Machine Learning Sys...
Raffi Khatchadourian
 
Automated Evolution of Feature Logging Statement Levels Using Git Histories a...
Automated Evolution of Feature Logging Statement Levels Using Git Histories a...Automated Evolution of Feature Logging Statement Levels Using Git Histories a...
Automated Evolution of Feature Logging Statement Levels Using Git Histories a...
Raffi Khatchadourian
 
An Empirical Study on the Use and Misuse of Java 8 Streams
An Empirical Study on the Use and Misuse of Java 8 StreamsAn Empirical Study on the Use and Misuse of Java 8 Streams
An Empirical Study on the Use and Misuse of Java 8 Streams
Raffi Khatchadourian
 
Safe Automated Refactoring for Intelligent Parallelization of Java 8 Streams
Safe Automated Refactoring for Intelligent Parallelization of Java 8 StreamsSafe Automated Refactoring for Intelligent Parallelization of Java 8 Streams
Safe Automated Refactoring for Intelligent Parallelization of Java 8 Streams
Raffi Khatchadourian
 
Safe Automated Refactoring for Intelligent Parallelization of Java 8 Streams
Safe Automated Refactoring for Intelligent Parallelization of Java 8 StreamsSafe Automated Refactoring for Intelligent Parallelization of Java 8 Streams
Safe Automated Refactoring for Intelligent Parallelization of Java 8 Streams
Raffi Khatchadourian
 
Safe Automated Refactoring for Intelligent Parallelization of Java 8 Streams ...
Safe Automated Refactoring for Intelligent Parallelization of Java 8 Streams ...Safe Automated Refactoring for Intelligent Parallelization of Java 8 Streams ...
Safe Automated Refactoring for Intelligent Parallelization of Java 8 Streams ...
Raffi Khatchadourian
 
A Tool for Optimizing Java 8 Stream Software via Automated Refactoring
A Tool for Optimizing Java 8 Stream Software via Automated RefactoringA Tool for Optimizing Java 8 Stream Software via Automated Refactoring
A Tool for Optimizing Java 8 Stream Software via Automated Refactoring
Raffi Khatchadourian
 
Proactive Empirical Assessment of New Language Feature Adoption via Automated...
Proactive Empirical Assessment of New Language Feature Adoption via Automated...Proactive Empirical Assessment of New Language Feature Adoption via Automated...
Proactive Empirical Assessment of New Language Feature Adoption via Automated...
Raffi Khatchadourian
 
Defaultification Refactoring: A Tool for Automatically Converting Java Method...
Defaultification Refactoring: A Tool for Automatically Converting Java Method...Defaultification Refactoring: A Tool for Automatically Converting Java Method...
Defaultification Refactoring: A Tool for Automatically Converting Java Method...
Raffi Khatchadourian
 
Defaultification Refactoring: A Tool for Automatically Converting Java Method...
Defaultification Refactoring: A Tool for Automatically Converting Java Method...Defaultification Refactoring: A Tool for Automatically Converting Java Method...
Defaultification Refactoring: A Tool for Automatically Converting Java Method...
Raffi Khatchadourian
 
Automated Refactoring of Legacy Java Software to Default Methods Talk at ICSE...
Automated Refactoring of Legacy Java Software to Default Methods Talk at ICSE...Automated Refactoring of Legacy Java Software to Default Methods Talk at ICSE...
Automated Refactoring of Legacy Java Software to Default Methods Talk at ICSE...
Raffi Khatchadourian
 

More from Raffi Khatchadourian (20)

Towards Safe Automated Refactoring of Imperative Deep Learning Programs to Gr...
Towards Safe Automated Refactoring of Imperative Deep Learning Programs to Gr...Towards Safe Automated Refactoring of Imperative Deep Learning Programs to Gr...
Towards Safe Automated Refactoring of Imperative Deep Learning Programs to Gr...
 
Automated Evolution of Feature Logging Statement Levels Using Git Histories a...
Automated Evolution of Feature Logging Statement Levels Using Git Histories a...Automated Evolution of Feature Logging Statement Levels Using Git Histories a...
Automated Evolution of Feature Logging Statement Levels Using Git Histories a...
 
A Tool for Rejuvenating Feature Logging Levels via Git Histories and Degree o...
A Tool for Rejuvenating Feature Logging Levels via Git Histories and Degree o...A Tool for Rejuvenating Feature Logging Levels via Git Histories and Degree o...
A Tool for Rejuvenating Feature Logging Levels via Git Histories and Degree o...
 
Challenges in Migrating Imperative Deep Learning Programs to Graph Execution:...
Challenges in Migrating Imperative Deep Learning Programs to Graph Execution:...Challenges in Migrating Imperative Deep Learning Programs to Graph Execution:...
Challenges in Migrating Imperative Deep Learning Programs to Graph Execution:...
 
Actor Concurrency Bugs: A Comprehensive Study on Symptoms, Root Causes, API U...
Actor Concurrency Bugs: A Comprehensive Study on Symptoms, Root Causes, API U...Actor Concurrency Bugs: A Comprehensive Study on Symptoms, Root Causes, API U...
Actor Concurrency Bugs: A Comprehensive Study on Symptoms, Root Causes, API U...
 
An Empirical Study of Refactorings and Technical Debt in Machine Learning Sys...
An Empirical Study of Refactorings and Technical Debt in Machine Learning Sys...An Empirical Study of Refactorings and Technical Debt in Machine Learning Sys...
An Empirical Study of Refactorings and Technical Debt in Machine Learning Sys...
 
Automated Evolution of Feature Logging Statement Levels Using Git Histories a...
Automated Evolution of Feature Logging Statement Levels Using Git Histories a...Automated Evolution of Feature Logging Statement Levels Using Git Histories a...
Automated Evolution of Feature Logging Statement Levels Using Git Histories a...
 
An Empirical Study on the Use and Misuse of Java 8 Streams
An Empirical Study on the Use and Misuse of Java 8 StreamsAn Empirical Study on the Use and Misuse of Java 8 Streams
An Empirical Study on the Use and Misuse of Java 8 Streams
 
Safe Automated Refactoring for Intelligent Parallelization of Java 8 Streams
Safe Automated Refactoring for Intelligent Parallelization of Java 8 StreamsSafe Automated Refactoring for Intelligent Parallelization of Java 8 Streams
Safe Automated Refactoring for Intelligent Parallelization of Java 8 Streams
 
Safe Automated Refactoring for Intelligent Parallelization of Java 8 Streams
Safe Automated Refactoring for Intelligent Parallelization of Java 8 StreamsSafe Automated Refactoring for Intelligent Parallelization of Java 8 Streams
Safe Automated Refactoring for Intelligent Parallelization of Java 8 Streams
 
A Brief Introduction to Type Constraints
A Brief Introduction to Type ConstraintsA Brief Introduction to Type Constraints
A Brief Introduction to Type Constraints
 
Safe Automated Refactoring for Intelligent Parallelization of Java 8 Streams ...
Safe Automated Refactoring for Intelligent Parallelization of Java 8 Streams ...Safe Automated Refactoring for Intelligent Parallelization of Java 8 Streams ...
Safe Automated Refactoring for Intelligent Parallelization of Java 8 Streams ...
 
A Tool for Optimizing Java 8 Stream Software via Automated Refactoring
A Tool for Optimizing Java 8 Stream Software via Automated RefactoringA Tool for Optimizing Java 8 Stream Software via Automated Refactoring
A Tool for Optimizing Java 8 Stream Software via Automated Refactoring
 
Porting the NetBeans Java 8 Enhanced For Loop Lambda Expression Refactoring t...
Porting the NetBeans Java 8 Enhanced For Loop Lambda Expression Refactoring t...Porting the NetBeans Java 8 Enhanced For Loop Lambda Expression Refactoring t...
Porting the NetBeans Java 8 Enhanced For Loop Lambda Expression Refactoring t...
 
Towards Safe Refactoring for Intelligent Parallelization of Java 8 Streams
Towards Safe Refactoring for Intelligent Parallelization of Java 8 StreamsTowards Safe Refactoring for Intelligent Parallelization of Java 8 Streams
Towards Safe Refactoring for Intelligent Parallelization of Java 8 Streams
 
Proactive Empirical Assessment of New Language Feature Adoption via Automated...
Proactive Empirical Assessment of New Language Feature Adoption via Automated...Proactive Empirical Assessment of New Language Feature Adoption via Automated...
Proactive Empirical Assessment of New Language Feature Adoption via Automated...
 
Defaultification Refactoring: A Tool for Automatically Converting Java Method...
Defaultification Refactoring: A Tool for Automatically Converting Java Method...Defaultification Refactoring: A Tool for Automatically Converting Java Method...
Defaultification Refactoring: A Tool for Automatically Converting Java Method...
 
Defaultification Refactoring: A Tool for Automatically Converting Java Method...
Defaultification Refactoring: A Tool for Automatically Converting Java Method...Defaultification Refactoring: A Tool for Automatically Converting Java Method...
Defaultification Refactoring: A Tool for Automatically Converting Java Method...
 
Automated Refactoring of Legacy Java Software to Default Methods Talk at ICSE...
Automated Refactoring of Legacy Java Software to Default Methods Talk at ICSE...Automated Refactoring of Legacy Java Software to Default Methods Talk at ICSE...
Automated Refactoring of Legacy Java Software to Default Methods Talk at ICSE...
 
Poster on Automated Refactoring of Legacy Java Software to Default Methods
Poster on Automated Refactoring of Legacy Java Software to Default MethodsPoster on Automated Refactoring of Legacy Java Software to Default Methods
Poster on Automated Refactoring of Legacy Java Software to Default Methods
 

Recently uploaded

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 

Recently uploaded (20)

How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 

Modular Reasoning about Aspect-Oriented Programs: A Rely-Guarantee Approach

  • 1. Rely-Guarantee Approach to Reasoning about Aspect-Oriented Programs Raffi Khatchadourian and Neelam Soundarajan The Ohio State University
  • 2. Introduction • AOP enables modular implementation of cross- cutting concerns. • Removes scattering. • Prevents tangling. • Reasoning about AOP presents some key challenges.
  • 4. The Problem • Addition of an aspect can change the behavior of the base code.
  • 5. The Problem Desirable! • Addition of an aspect can change the behavior of the base code.
  • 6. The Problem Desirable! • Addition of an aspect can change the behavior of the base code. • Prior reasoning about the base code may no longer be valid.
  • 7. The Problem Desirable! • Addition of an aspect can change the behavior of the base code. • Prior reasoning about the base code may no longer be valid. • May be forced to reason about the entire system again accounting for the interleaving.
  • 8. The Problem Desirable! • Addition of an aspect can change the behavior of the base code. • Prior reasoning about the base code may no longer be valid. • May be forced to reason about the entire system again accounting for the interleaving. • Can we make base-code specifications more robust to aspectual changes?
  • 9. Motivation • [Sullivan FSE’05]: 1. Separate base and crosscutting concerns. 2. Implement base concerns in an OO style ignoring crosscutting concerns. 3. Implement the crosscutting concerns as aspects that advise the base code directly. 4
  • 11. Insight • Aspect-oriented weaving and concurrent execution present similar challenges for program analysis.
  • 12. Insight • Aspect-oriented weaving and concurrent execution present similar challenges for program analysis. • AOP case much simpler (restricted interleaving).
  • 13. Insight • Aspect-oriented weaving and concurrent execution present similar challenges for program analysis. • AOP case much simpler (restricted interleaving). • Well-defined join points, sequential programs, only aspect can intercept the base-code.
  • 14. Insight • Aspect-oriented weaving and concurrent execution present similar challenges for program analysis. • AOP case much simpler (restricted interleaving). • Well-defined join points, sequential programs, only aspect can intercept the base-code. • Concurrent program reasoning generally requires knowledge of all processes.
  • 15. Insight • Aspect-oriented weaving and concurrent execution present similar challenges for program analysis. • AOP case much simpler (restricted interleaving). • Well-defined join points, sequential programs, only aspect can intercept the base-code. • Concurrent program reasoning generally requires knowledge of all processes. • Not the case in AOP.
  • 16. Insight • Aspect-oriented weaving and concurrent execution present similar challenges for program analysis. • AOP case much simpler (restricted interleaving). • Well-defined join points, sequential programs, only aspect can intercept the base-code. • Concurrent program reasoning generally requires knowledge of all processes. • Not the case in AOP. • An approach known from concurrent programming, rely-guarantee [Xu97], can be adapted and then used to make AO programs more analyzable.
  • 17. Notation the set of all variables of σ the program states in which each σi , σj , ... variable has a particular value
  • 18.
  • 20.
  • 21.
  • 22. !1 Aspect !2' !3
  • 24. The Rely() Clause • Identify a relation rely() that is a predicate over two states, σa and σb.
  • 25. The Rely() Clause • Identify a relation rely() that is a predicate over two states, σa and σb. • rely() will not correspond to the actual behavior of advice.
  • 26. The Rely() Clause • Identify a relation rely() that is a predicate over two states, σa and σb. • rely() will not correspond to the actual behavior of advice. • specify the kinds of behavior acceptable to m().
  • 27.
  • 28. !a Aspect !b
  • 29. The state at a point in the execution of a class is σa. !a Aspect !b
  • 30. The state at a point in the execution of a class is σa. !a Aspect !b The state when the class gets control back from an aspect is σb.
  • 31. The state at a point in the execution of a class is σa. !a Aspect rely(σa, σb) !b The state when the class gets control back from an aspect is σb.
  • 33. Rely-Guarantee Approach for AOP A method M under the influence of advice satisfies an R/G specification denoted by
  • 34. Rely-Guarantee Approach for AOP A method M under the influence of advice satisfies an R/G specification denoted by M sat (pre, rely, guar, post)
  • 35. Rely-Guarantee Approach for AOP A method M under the influence of advice satisfies an R/G specification denoted by M sat (pre, rely, guar, post) if
  • 36. Rely-Guarantee Approach for AOP A method M under the influence of advice satisfies an R/G specification denoted by M sat (pre, rely, guar, post) if 1) M is invoked in a state which satisfies pre, and
  • 37. Rely-Guarantee Approach for AOP A method M under the influence of advice satisfies an R/G specification denoted by M sat (pre, rely, guar, post) if 1) M is invoked in a state which satisfies pre, and 2) all advice transitions satisfy rely,
  • 38. Rely-Guarantee Approach for AOP A method M under the influence of advice satisfies an R/G specification denoted by M sat (pre, rely, guar, post) if 1) M is invoked in a state which satisfies pre, and 2) all advice transitions satisfy rely, then
  • 39. Rely-Guarantee Approach for AOP A method M under the influence of advice satisfies an R/G specification denoted by M sat (pre, rely, guar, post) if 1) M is invoked in a state which satisfies pre, and 2) all advice transitions satisfy rely, then 3) all states prior to M being intercepted by advice will satisfy guar, and
  • 40. Rely-Guarantee Approach for AOP A method M under the influence of advice satisfies an R/G specification denoted by M sat (pre, rely, guar, post) if 1) M is invoked in a state which satisfies pre, and 2) all advice transitions satisfy rely, then 3) all states prior to M being intercepted by advice will satisfy guar, and 4) if the computation terminates, the final state will satisfy post.
  • 41. Rely-Guarantee Approach for AOP A method M under the influence of advice satisfies an R/G specification denoted by M sat (pre, rely, guar, post) if 1) M is invoked in a state which satisfies pre, and 2) all advice transitions satisfy rely, Pointcut then 3) all states prior to M being intercepted by advice will satisfy guar, and 4) if the computation terminates, the final state will satisfy post.
  • 42. Rely-Guarantee Approach for AOP A method M under the influence of advice satisfies an R/G specification denoted by M sat (pre, rely, guar, post) if 1) M is invoked in a state which satisfies pre, and 2) all advice transitions satisfy rely, Pointcut then 3) all states prior to M being intercepted by advice will satisfy guar, and for advice pre 4) if the computation terminates, the final state will satisfy post.
  • 43. Rely() Example rely(σ, σ ) ≡ (σ = σ )
  • 44. Rely() Example The entire state of C rely(σ, σ ) ≡ (σ = σ )
  • 45. Rely() Example rely(σ, σ ) ≡ (σ = σ ) ble ny ica g a pl in ! y ap ak te an m m sta ds fro the bi e or ic s in F v ad ange ch
  • 46. Rely() Example This is “Harmless”[D&W POPL’06] rely(σ, σ ) ≡ (σ = σ )
  • 47. 1 class Point { 2 int x, y; co 3 int s; pa 4 qu 5 public Point(int xi, int yi) mi 6 { x=xi; y=yi; s=1; } hav 7 public int getX() { return (x*s); } on 8 public int getY() { return (y*s); } ma 9 dif 10 public void move(int nx, int ny) 11 { x=nx; y=ny; } of 12 } po 13 rel 14 aspect adjustScale { as 15 pointcut m(Point p): 16 execution(void Point.move(int,int)) cla 17 && target( p ); tha 18 ad 19 after(Point p) : m(p) { in 20 if ((p.x < 5) && (p.y < 5)) { p.s=10; } 21 } we 22 } wi ap the Figure 1. Point Class and Aspect on po
  • 48. 1 class Point { 2 int x, y; co 3 int s; pa 4 qu 5 public Point(int xi, int yi) mi 6 { x=xi; y=yi; s=1; } hav 7 public int getX() { return (x*s); } on 8 public int getY() { return (y*s); } ma 9 dif 10 public void move(int nx, int ny) of Coordinates { x=nx; y=ny; } 11 po 12 } 13 rel 14 aspect adjustScale { as 15 pointcut m(Point p): 16 execution(void Point.move(int,int)) cla 17 && target( p ); tha 18 ad 19 after(Point p) : m(p) { in 20 if ((p.x < 5) && (p.y < 5)) { p.s=10; } 21 } we 22 } wi ap the Figure 1. Point Class and Aspect on po
  • 49. 1 class Point { 2 int x, y; co 3 int s; pa qu 4 5 public Point(int xi, int yi) Scaled mi 6 { x=xi; y=yi; s=1; } hav 7 public int getX() { return (x*s); } on 8 public int getY() { return (y*s); } ma 9 dif 10 public void move(int nx, int ny) 11 { x=nx; y=ny; } of 12 } po 13 rel 14 aspect adjustScale { as 15 pointcut m(Point p): 16 execution(void Point.move(int,int)) cla 17 && target( p ); tha 18 ad 19 after(Point p) : m(p) { in 20 if ((p.x < 5) && (p.y < 5)) { p.s=10; } 21 } we 22 } wi ap the Figure 1. Point Class and Aspect on po
  • 50. 1 class Point { 2 int x, y; co 3 int s; pa 4 qu 5 public Point(int xi, int yi) mi 6 { x=xi; y=yi; s=1; } hav 7 public int getX() { return (x*s); } on 8 public int getY() { return (y*s); } ma 9 dif 10 public void move(int nx, int ny) 11 { x=nx; y=ny; } of 12 } po 13 rel 14 aspect adjustScale { as 15 pointcut m(Point p): 16 execution(void Point.move(int,int)) cla 17 && target( p Too close! ); tha 18 ad 19 after(Point p) : m(p) { in 20 if ((p.x < 5) && (p.y < 5)) { p.s=10; } 21 } we 22 } wi ap the Figure 1. Point Class and Aspect on po
  • 51. 1 class Point { 2 int x, y; co 3 int s; pa 4 qu 5 public Point(int xi, int yi) mi 6 { x=xi; y=yi; s=1; } hav 7 public int getX() { return (x*s); } on 8 public int getY() { return (y*s); } ma 9 dif 10 public void move(int nx, int ny) 11 { x=nx; y=ny; } of 12 } po 13 rel 14 aspect adjustScale { as 15 pointcut m(Point p): 16 execution(void Point.move(int,int)) cla 17 && target( p ); tha 18 ad 19 after(Point p) : m(p) { in 20 if ((p.x < 5) && (p.y < 5)) { p.s=10; } 21 } we 22 } wi Adjust ap the Figure 1. Point Class and Aspect on po
  • 52. 1 class Point { 2 int x, y; co 3 int s; pa 4 qu 5 public Point(int xi, int yi) mi 6 { x=xi; y=yi; s=1; } hav 7 public int getX() { return (x*s); } on 8 public int getY() { return (y*s); } ma 9 dif 10 public void move(int nx, int ny) 11 { x=nx; y=ny; } of 12 } po 13 rel 14 aspect adjustScale { as 15 pointcut m(Point p): 16 execution(void Point.move(int,int)) cla 17 && target( p ); tha 18 ad 19 after(Point p) : m(p) { in 20 if ((p.x < 5) && (p.y < 5)) { p.s=10; } 21 } we 22 } wi ap the Figure 1. Point Class and Aspect on po
  • 53. A rely() for class Point rely(σ, σ ) ≡ [(σ.x = σ .x) ∧ (σ.y = σ .y)]
  • 54. A rely() for class Point rely(σ, σ ) ≡ [(σ.x = σ .x) ∧ (σ.y = σ .y)]
  • 55. A rely() for class Point rely(σ, σ ) ≡ [(σ.x = σ .x) ∧ (σ.y = σ .y)] (σ.s = σ .s)
  • 56. A rely() for class Point rely(σ, σ ) ≡ [(σ.x = σ .x) ∧ (σ.y = σ .y)] • Not a fault of the reasoning approach!
  • 57. A rely() for class Point rely(σ, σ ) ≡ [(σ.x = σ .x) ∧ (σ.y = σ .y)] • Not a fault of the reasoning approach! • Must be sure not to impose stronger requirements than necessary on aspects that might be developed later.
  • 58. A rely() for class Point rely(σ, σ ) ≡ [(σ.x = σ .x) ∧ (σ.y = σ .y)] • Not a fault of the reasoning approach! • Must be sure not to impose stronger requirements than necessary on aspects that might be developed later. • Otherwise, we may be forced to redo the task of reasoning about the class ...
  • 59. A rely() for class Point rely(σ, σ ) ≡ [(σ.x = σ .x) ∧ (σ.y = σ .y)] • Not a fault of the reasoning approach! • Must be sure not to impose stronger requirements than necessary on aspects that might be developed later. • Otherwise, we may be forced to redo the task of reasoning about the class ... • BUT, it is only in these cases where we must redo our reasoning.
  • 61. The guar() Clause • Concurrent programs: the two processes act symmetrically.
  • 62. The guar() Clause • Concurrent programs: the two processes act symmetrically. • AOP: base-code can’t intercept advice.
  • 63. The guar() Clause • Concurrent programs: the two processes act symmetrically. • AOP: base-code can’t intercept advice. • guar() for AOP
  • 64. The guar() Clause • Concurrent programs: the two processes act symmetrically. • AOP: base-code can’t intercept advice. • guar() for AOP • The assertion is true in this case.
  • 65. The guar() Clause • Concurrent programs: the two processes act symmetrically. • AOP: base-code can’t intercept advice. • guar() for AOP • The assertion is true in this case. • Aspect not available at time of construction.
  • 66. The guar() Clause • Concurrent programs: the two processes act symmetrically. • AOP: base-code can’t intercept advice. • guar() for AOP • The assertion is true in this case. • Aspect not available at time of construction. • Need to consider many possible joinpoints.
  • 67. The guar() Clause • Concurrent programs: the two processes act symmetrically. • AOP: base-code can’t intercept advice. • guar() for AOP • The assertion is true in this case. • Aspect not available at time of construction. • Need to consider many possible joinpoints. • guar() may not be strong enough for future.
  • 68. 9 d public void move(int nx, int ny) o 10 11 { x=nx; y=ny; } The Reasoning Processp class Point { • r 12 } 1 Do not have information 13 2 int x, y; about the value of a Point.s s; 14 aspect int 3 adjustScale { 15 pointcut m(Point p): 4 c 16 public Point(int xi, int yi) 5 execution(void Point.move(int,int)) 17 6 && target( p {); x=xi; y=yi; s=1; } t 18 7 public int getX() { return (x*s); } a 19 after(Point p) : getY() { return (y*s); } 8 public int m(p) { i 20 9 if ((p.x < 5) && (p.y < 5)) { p.s=10; } w 21 } 10 public void move(int nx, int ny) w 22 } 11 { x=nx; y=ny; } a 12 } t 13 Figure 1. Point Class and Aspect o aspect adjustScale { 14 p 15 pointcut m(Point p): f execution(void Point.move(int,int)) That is, indeed, precisely what the adjustScale aspect does. 16 ( && target( to an The pointcut m() corresponds p ); execution of the move() 17 o method. The after advice specified states that if the point p is 18 a sufficientlyafter(Point p) then the scale factor is set equal to 19 close to the origin, : m(p) { P ten4 . 20 if ((p.x < the class Point, we see that the Thus, if we consider just5) && (p.y < 5)) { p.s=10; } r
  • 69. 9 d public void move(int nx, int ny) o 10 11 { x=nx; y=ny; } The Reasoning Processp class Point { • r 12 } 1 Do not have information 13 2 int x, y; about the value of a Point.s s; 14 aspect int 3 adjustScale { 15 pointcut m(Point p): 4 c 16 public Point(int xi, int yi) 5 execution(void Point.move(int,int)) 17 6 && target( p {); x=xi; y=yi; s=1; } t 18 7 public int getX() { return (x*s); } a 19 after(Point p) : getY() { return (y*s); } 8 public int m(p) { i 20 9 if ((p.x < 5) && (p.y < 5)) { p.s=10; } w 21 } 10 public void move(int nx, int ny) w 22 } 11 { x=nx; y=ny; } a 12 } t 13 Figure 1. Point Class and Aspect o aspect adjustScale { 14 p 15 pointcut m(Point p): f execution(void Point.move(int,int)) That is, indeed, precisely what the adjustScale aspect does. 16 ( && target( to an The pointcut m() corresponds p ); execution of the move() 17 o method. The after advice specified states that if the point p is 18 a sufficientlyafter(Point p) then the scale factor is set equal to 19 close to the origin, : m(p) { P ten4 . 20 if ((p.x < the class Point, we see that the Thus, if we consider just5) && (p.y < 5)) { p.s=10; } r
  • 70. 9 d public void move(int nx, int ny) o 10 11 { x=nx; y=ny; } The Reasoning Processp class Point { • r 12 } 1 Do not have information 13 2 int x, y; about the value of a Point.s s; 14 aspect int 3 adjustScale { 15 pointcut m(Point p): 4 c 16 public Point(int xi, int yi) 5 execution(void Point.move(int,int)) 17 6 && target( p {); x=xi; y=yi; s=1; } t 18 7 public int getX() { return (x*s); } a 19 after(Point p) : getY() { return (y*s); } 8 public int m(p) { i 20 9 if ((p.x < 5) && (p.y < 5)) { p.s=10; } w 21 } 10 public void move(int nx, int ny) w 22 } 11 { x=nx; y=ny; } a 12 } t 13 Figure 1. Point Class and Aspect o aspect adjustScale { 14 p 15 pointcut m(Point p): f execution(void Point.move(int,int)) That is, indeed, precisely what the adjustScale aspect does. 16 ( && target( to an The pointcut m() corresponds p ); execution of the move() 17 o method. The after advice specified states that if the point p is 18 a sufficientlyafter(Point p) then the scale factor is set equal to 19 close to the origin, : m(p) { P ten4 . 20 if ((p.x < the class Point, we see that the Thus, if we consider just5) && (p.y < 5)) { p.s=10; } r
  • 71. 9 d public void move(int nx, int ny) o 10 11 { x=nx; y=ny; } The Reasoning Processp class Point { • r 12 } 1 Do not have information 13 2 int x, y; about the value of a Point.s s; 14 aspect int 3 adjustScale { 15 pointcut m(Point p): 4 c 16 public Point(int xi, int yi) 5 execution(void Point.move(int,int)) 17 6 && target( p {); x=xi; y=yi; s=1; } t 18 7 public int getX() { return (x*s); } a 19 after(Point p) : getY() { return (y*s); } 8 public int m(p) { i 20 9 if ((p.x < 5) && (p.y < 5)) { p.s=10; } w 21 } 10 public void move(int nx, int ny) w 22 } 11 { x=nx; y=ny; } a • History variable [Hoare78] 12 } Figure 1. Point Class and Aspect 13 t o • aspect adjustScale { Provides additional information required to 14 pointcut m(Point p): 15 p f establishexecution(voidof the combined system. the behavior Point.move(int,int)) That is, indeed, precisely what the adjustScale aspect does. 16 ( && target( to an The pointcut m() corresponds p ); execution of the move() 17 o method. The after advice specified states that if the point p is 18 a sufficientlyafter(Point p) then the scale factor is set equal to 19 close to the origin, : m(p) { P ten4 . 20 if ((p.x < the class Point, we see that the Thus, if we consider just5) && (p.y < 5)) { p.s=10; } r
  • 72. 4 5 public Point(int xi, int History Variable yi) 6 { x=xi; y=yi; s=1; } 7 Consider intbehavior of Point.move(): } public the getX() { return (x*s); 8 public int getY() { return (y*s); } 9 10 public void move(int nx, int ny) 11 { x=nx; y=ny; } 12 } 13 14 aspect What’s the value{of Point.s? adjustScale 15 pointcut m(Point p): 16 execution(void Point.move(int,int)) 17 && target( p ); 18 19 after(Point p) : m(p) { 20 if ((p.x < 5) && (p.y < 5)) { p.s=1 21 }
  • 73. 4 5 public Point(int xi, int History Variable yi) 6 { x=xi; y=yi; s=1; } 7 Consider intbehavior of Point.move(): } public the getX() { return (x*s); 8 public int getY() { return (y*s); } 9 10 public void move(int nx, int ny) 11 { x=nx; y=ny; } 12 } 13 14 aspect What’s the value{of Point.s? adjustScale 15 pointcut m(Point p): execution(void Point.move(int,int)) • 16 From the && target( p ); know that it does not 17 body of move(), we change the value of s. 18 • 19 20 after(Point p) : m(p) { must have been due to aspectual (i.e., if ((p.x < 5) && (p.y < 5)) { p.s=1 21 environmental) influence. }
  • 75. Post-condition of Point.move() • Post-condition of move() will state: • Values of x and y are equal to the values for the corresponding arguments received. • Value of s will be equal to whatever it was when the final advice to execute during the execution of move() completes.
  • 76. Post-condition of Point.move() • Post-condition of move() will state: • Values of x and y are equal to the values for the corresponding arguments received. • Value of s will be equal to whatever it was when the final advice to execute during the execution of move() completes. • Can conclude that s will be 10 or what it was at the start of the method.
  • 77. 1 class Point { But 2 int x, y; condit 3 int s; particu 4 questi 5 public Point(int xi, int yi) might 6 { x=xi; y=yi; s=1; } have t 7 public int getX() { return (x*s); } on an 8 public int getY() { return (y*s); } may h 9 differe 10 public void move(int nx, int ny) 11 { x=nx; y=ny; } of exp 12 } pointc 13 rely() 14 aspect adjustScale { as (1) 15 pointcut m(Point p): Ho 16 execution(void Point.move(int,int)) class a 17 && target( p ); that ap 18 advice 19 after(Point p) : m(p) { in whi 20 if ((p.x < 5) && (p.y < 5)) { p.s=10; } 21 } we wi 22 } will, t a pote the cla Figure 1. Point Class and Aspect one or possib
  • 78. 1 class Point { But 2 int x, y; condit 3 int s; particu 4 questi 5 public Point(int xi, int yi) might 6 { x=xi; y=yi; s=1; } have t 7 public int getX() { return (x*s); } on an 8 public int getY() { return (y*s); } may h 9 differe 10 public void move(int nx, int ny) 11 { x=nx; y=ny; } of exp 12 } pointc 13 rely() 14 aspect adjustScale { as (1) 15 pointcut m(Point p): Ho 16 execution(void Point.move(int,int)) class a 17 && target( p ); that ap 18 advice 19 after(Point p) : m(p) { in whi 20 if ((p.x < 5) && (p.y < 5)) { p.s=10; } 21 } we wi 22 } will, t a pote the cla Figure 1. Point Class and Aspect one or possib
  • 80. Conclusion and Future Work • AO programmers already think implicitly about rely(), our proposed approach makes this explicit.
  • 81. Conclusion and Future Work • AO programmers already think implicitly about rely(), our proposed approach makes this explicit. • Formally capture properties we want AO programs to exhibit.
  • 82. Conclusion and Future Work • AO programmers already think implicitly about rely(), our proposed approach makes this explicit. • Formally capture properties we want AO programs to exhibit. • rely() specifies the kinds of aspectual influence the base-code is willing to tolerate so that it would not be adversely affected by advice.
  • 83. Conclusion and Future Work • AO programmers already think implicitly about rely(), our proposed approach makes this explicit. • Formally capture properties we want AO programs to exhibit. • rely() specifies the kinds of aspectual influence the base-code is willing to tolerate so that it would not be adversely affected by advice. • Specifying rely().
  • 84. Conclusion and Future Work • AO programmers already think implicitly about rely(), our proposed approach makes this explicit. • Formally capture properties we want AO programs to exhibit. • rely() specifies the kinds of aspectual influence the base-code is willing to tolerate so that it would not be adversely affected by advice. • Specifying rely(). • Formal framework, obtaining richer behavior.
  • 85. Conclusion and Future Work • AO programmers already think implicitly about rely(), our proposed approach makes this explicit. • Formally capture properties we want AO programs to exhibit. • rely() specifies the kinds of aspectual influence the base-code is willing to tolerate so that it would not be adversely affected by advice. • Specifying rely(). • Formal framework, obtaining richer behavior. • Multiple applicable advice.
  • 86. Conclusion and Future Work • AO programmers already think implicitly about rely(), our proposed approach makes this explicit. • Formally capture properties we want AO programs to exhibit. • rely() specifies the kinds of aspectual influence the base-code is willing to tolerate so that it would not be adversely affected by advice. • Specifying rely(). • Formal framework, obtaining richer behavior. • Multiple applicable advice. • Tool-supported verification.