Upcoming SlideShare
×

# Lyntale: MS Code Contracts

1,075 views

Published on

Lyntale fra Computasdagen 05.05.11

Published in: Technology
0 Likes
Statistics
Notes
• Full Name
Comment goes here.

Are you sure you want to Yes No
• Be the first to comment

• Be the first to like this

Views
Total views
1,075
On SlideShare
0
From Embeds
0
Number of Embeds
7
Actions
Shares
0
6
0
Likes
0
Embeds 0
No embeds

No notes for slide

### Lyntale: MS Code Contracts

1. 1. ms code contracts<br />eih<br />
2. 2. what is<br />a code contract?<br />
3. 3. caller<br />
4. 4. callee<br />
5. 5. contract<br />
6. 6. a weakcontract<br />bool Equals(object o)<br />
7. 7. what is<br />design by contract?<br />
8. 8. “Unless design by contract evokes images of curly hair and a French landmark in your head, you got it wrong.”<br />
9. 9. invented by <br />Bertrand Meyer<br />
10. 10. a better contract<br />what does it expect?<br />what does it guarantee?<br />what does it maintain?<br />
11. 11. dbc tenets<br />> prerequisites<br />> postconditions<br />> invariants<br />
12. 12. example<br />stack<br />
13. 13. stack<br />> Push(Tt)<br />> T Pop()<br />> T Top()<br />> int Count<br />> IsEmpty<br />
14. 14. dbc by hand<br />
15. 15. example<br />T Pop()<br />{<br /> return _list.RemoveLast();<br />}<br />
16. 16. precondition<br />T Pop()<br />{<br />Debug.Assert(!IsEmpty);<br /> return _list.RemoveLast();<br />}<br />
17. 17. example<br />voidPush(T t)<br />{<br /> _list.Add(t);<br />}<br />
18. 18. postcondition<br />voidPush(T t)<br />{<br /> try {<br /> _list.Add(t);<br />}<br /> finally {<br /> Debug.Assert(!IsEmpty); <br /> }<br />}<br />
19. 19. invariant<br />Count >= 0<br />
20. 20. limitations<br />tedious!<br />
21. 21. limitations<br />clutters the code!<br />
22. 22. what is<br />ms code contracts?<br />
23. 23. dbc.net<br />
24. 24. codecontracts<br />> rewriter<br />> verifier<br />
25. 25. rewriter<br />injects runtime checks<br />
26. 26. example<br />T Pop()<br />{<br /> return _list.RemoveLast();<br />}<br />
27. 27. precondition<br />T Pop()<br />{<br />Contract.Requires(!IsEmpty);<br /> return _list.RemoveLast();<br />}<br />
28. 28. rewritten to<br />T Pop()<br />{<br />if (__ContractsRuntime.insideContractEvaluation <= 4)<br /> {<br /> try<br /> {<br /> __ContractsRuntime.insideContractEvaluation++;<br /> __ContractsRuntime.Requires(!this.IsEmpty, null, "!IsEmpty");<br /> }<br /> finally<br /> {<br /> __ContractsRuntime.insideContractEvaluation--;<br /> }<br /> }<br /> return this._list.RemoveLast<T>();<br />}<br />
29. 29. example<br />void Push(T t)<br />{<br /> _list.Add(t);<br />}<br />
30. 30. postcondition<br />voidPush(T t)<br />{<br />Contract.Ensures(!IsEmpty);<br /> _list.Add(t);<br />}<br />
31. 31. rewritten to<br />void Push(T t)<br />{<br /> this._list.Add(t);<br />if (__ContractsRuntime.insideContractEvaluation <= 4)<br /> {<br /> try<br /> {<br />__ContractsRuntime.insideContractEvaluation++;<br /> __ContractsRuntime.Ensures(!this.IsEmpty, null, "!IsEmpty");<br /> }<br /> finally<br /> {<br /> __ContractsRuntime.insideContractEvaluation--;<br /> }<br /> }<br />}<br />
32. 32. invariant<br />[ContractInvariantMethod]<br />private void Invariant()<br />{<br /> Contract.Invariant(Count >= 0);<br />}<br />
33. 33. verifier<br />performs static checks<br />
34. 34. verifier<br />vs>= premium<br />
35. 35. verifier<br />
36. 36. so far<br />so good<br />
37. 37. a stricter contract<br />T Pop()<br />{<br />Contract.Requires(!IsEmpty);<br /> Contract.Ensures(Count < Contract.OldValue(Count));<br /> Contract.Ensures(Contract.Result<T>()<br /> .Equals(Contract.OldValue(Top())));<br /> return _list.RemoveLast();<br />}<br />
38. 38. critique<br />> ugly syntax<br />> in method body<br />> interface hack<br />
39. 39. yuck.<br />
40. 40. what is<br />spec#?<br />
41. 41. precondition<br />T Pop()<br /> requires !IsEmpty;<br />{<br /> return _list.RemoveLast();<br />}<br />
42. 42. postcondition<br />void Push(T t)<br /> ensures !IsEmpty;<br />{<br />_list.Add(t);<br />}<br />
43. 43. a stricter contract<br />T Pop()<br /> requires !IsEmpty;<br /> ensures Count > old(Count);<br /> ensures result == old(Top()); <br />{<br /> return _list.RemoveLast();<br />}<br />
44. 44. muchbetter!<br />
45. 45. lesson<br />syntax helps<br />
46. 46. conclusion<br />
47. 47. design by contract? <br />yay!<br />
48. 48. ms code contracts? <br />meh.<br />
49. 49. spec#?<br />yay!<br />