Computer Science 340 Software Design Testing Inheritance Design

Computer Science 340 Software Design & Testing Inheritance & Design By Contract 1

Classes • A visual perspective of a class “G” G

A More Formal Definition of Classes • For any class “G” there is a predicate G(x) where x is a member of the Universe. • G(x) is true if x is a member of “G”, otherwise it is false. • The n properties of the class G are: PG 1 (x), P 2 G (x), …, n PG (x) • Every member of G must have these properties G(x) PG 1 (x) PG 2 (x) … PGn (x)

Cognitive Meaning of Generalization/Specialization • If a class “S” is a specialization of a class “G” then it is a subset of “G” – That is, S(x) G(x) • Visually : G S

Properties of S S(x) G(x) and G(x) PG 1 (x) PG 2(x) … PGn (x) Therefore, by transitivity of implication S(x) PG 1 (x) PG 2 (x) … PG n (x) • This is the Substitutability Law – Every member of a specialization must satisfy every property of a generalization – In other words, every member of a specialization cannot contradict the properties of the generalization

More Properties of S • S can have additional properties: PG 1 (x), PG 2(x), …, PGn (x), PS 1 (x), PS 2 (x), …, PSm (x) • Because of the substitution law none of S’s additional properties can contradict any of the generalization’s properties – Contradiction only occurs if the generalization’s properties are weakened – Thus, under specialization, they may only be strengthened

Inheritance & DBC • Our previous treatment of DBC ignored inheritance • DBC leads to a better understanding of inheritance, and helps us use it correctly 7

Inheritance & DBC Client A M INVA PREA. M POSTA. M A a = new A(); a. M(); 8

Inheritance & DBC A Client ? A a = new B(); a. M(); B M M INVA PREA. M POSTA. M INVB PREB. M POSTB. M 9

Specialization • Specialization means that all the properties guaranteed for the generalization (partially or totally defined through pre- and postconditions and class invariants) must be preserved in the specialization. 10

Specialization • Furthermore, substitutability must be guaranteed. • That is, instances of the specialization must be able to be used anywhere an instance of the generalization can be used. • For example, given that the class S is a specialization of the class G, and g is a variable of type G, then g = new S() is legal. • Known as the “Liskov Substitution Principle” 11

Inheritance & DBC • Conceptually, B’s implementation must honor A’s contract; otherwise, clients will break when using a B instead of an A • B can provide a “better” implementation than A, but not a “worse” one • What do “better” and “worse” mean? – Square root example 12

Subclasses can be less strict, but not more strict • B can be less strict on clients than A, but not more strict • B can weaken M’s pre-conditions – PREB. M can place fewer requirements on clients than PREA. M, but not more – PREA. M logically implies PREB. M 13

Subclasses can do more, but not less • B’s behavior must be consistent with A’s contract • B can do better than A, but not worse • B can strengthen M’s post-conditions, but not weaken – POSTB. M can promise more to clients than POSTA. M, but not less – POSTB. M logically implies POSTA. M • B can strengthen A’s class invariants, but not weaken – INVB can promise more to clients than INVA, but not less – INVB logically implies INVA 14

Another example • Stack example 15

Liskov Substitution Principle • Let q(x) be a property provable about objects x of type G. Then q(y) should be true for objects y of type S where S is a subtype (or specialization) of G. 16