SE450: Lecture 6 (DBC/Quiz I)

Type safe enum idiom

Assertions

Design by Contract

Quiz (Last hour)

An enumerated type is used to hold a fixed set of constants, and name them in a fashion to make your code more readable and maintainable.

Java doesn't have an enum type like C - thankfully! They were just integer constants, and were not typesafe.

Programmers usually get around this by creating a number of public final static int variables in an interface or class and using them to enumerate types. This can be problematic. For example, you could make a Card enum for a card game

        public class Card {
            public static final int CLUBS = 0;
            public static final int DIAMONDS = 1;
            public static final int HEARTS = 2;
            public static final int SPADES = 3;
        }
    

Problems:

• You want to print out the suits
• You want to enforce only 4 suits can exist
• You want to order the suits (rank them)

To do this, use a typesafe enum pattern (example from Bloch's Effective Java), go here for some from the book.

        public class Suit {
            private final String name;
            // can't be created elsewhere!
            private Suit(String name) { this.name = name; }
            public String toString() { return name; }
            
            public static final Suit CLUBS = new Suit("clubs");
            public static final Suit DIAMONDS = new Suit("diamonds");
            public static final Suit SPADES = new Suit("spades");
            public static final Suit HEARTS = new Suit("hearts");
        }
            
    

You can also provide ordering using an ordinal to assign ordering to the objects as they are created as well.

Since the enum is a full blown class, it can do anything a class can, and be much more effective than the old enumerated type - see the book and Bloch's Effective Java for more examples.

Definition: the interfaces of classes are viewed as contracts that specify benefits and obligations of both the client and the supplier (the class itself). (Bertrand Meyer)

Precondition - must be true to make the call. Indicates the bug is in the caller.

Postcondition - must be true after the call. Indicates the bug is in the provider (or in the precondition assertion!)

Invariant - must always be true (after a successful instantiation of the class, or even true for static methods if there is no object of the class created). It will be true before and after each method invocation. Indicates the bug could be in either the caller or the provider.

You can define these conditions as constraints in the UML. Just put the text describing the constraint in { }. There is also a more formal Object Constraint Language available to define constraints.

Definition of an assertion: A statement containing a boolean expression that the programmer believes to be true at the time the statement is executed.

What does assert do?

What do you use an assertion for?

Syntax
AssertStatement:
assert Expression1;
assert Expression1 : Expression2 ;
Expression2 is like passing a String expression to System.out.println();

Examples:

assert i == 0;

assert b.getName() != null;

assert false;  // will always throw an AssertionError if assertions are enabled

assert i == 0 : "i != 0, loop failed"; // will pass message out in error

To enable your source to contain assertions, compile your source as follows:

javac -source 1.4 MyClass.java

To enable assertions at runtime, you can do the following:

     java [ -enableassertions | -ea  ] [:<package name>"..." | :<class name> ]

The ... is used to enable assertions in the package. A single argument of ... enables assertions for the default package.

To disable asserations at runtime, you can do the following:

     java [ -disableassertions | -da ] [:<package name>"..." | :<class name> ]

Where the ... is used the same as above.

The -ea and -da flags can be used in combination to fine tune the classes that have assertions enabled.

To enable or disable assertions in the systems classes, use

java [ -enablesystemassertions | -esa ]

java [ -disablesystemassertions | -dsa ]

You can enable assertions in individual systems classes with the -ea and -da flags above, but with the no-arg form, system classes are not enabled by default.

For the following code

public class MyClass {

    public static void main(String args[]) {
	assert false;
    }
}

Here is how it can be run using JDK 1.4

C:\temp>javac MyClass.java
MyClass.java:4: warning: as of release 1.4, assert is a keyword, and may not be used as an identifier
        assert false;
        ^
MyClass.java:4: not a statement
        assert false;
        ^
MyClass.java:4: ';' expected
        assert false;
               ^
2 errors
1 warning

C:\temp>javac -source 1.4 MyClass.java

C:\temp>java -classpath . MyClass

C:\temp>java -ea -classpath . MyClass
Exception in thread "main" java.lang.AssertionError
        at MyClass.main(MyClass.java:4)

C:\temp>

So if you are stuck using JDK 1.3, what do you do?

You can use the Assert class provided by JUnit. This class has a number of static methods that you have already used. To use it, you just need to include junit.jar in your classpath and import the class in the file you want to use it in.

import junit.framework.Assert;

public class MyClass2 {


    public static void main(String args[]) {
	Assert.assertTrue( false );
    }
}

Here's what it will look like when you run it.

C:\temp>d:\jdk1.3.1_02\bin\javac -classpath .;d:\junit3.7\junit.jar MyClass2.java

C:\temp>d:\jdk1.3.1_02\bin\java -classpath .;d:\junit3.7\junit.jar MyClass2
Exception in thread "main" junit.framework.AssertionFailedError
        at junit.framework.Assert.fail(Assert.java:51)
        at junit.framework.Assert.assertTrue(Assert.java:38)
        at junit.framework.Assert.assertTrue(Assert.java:45)
        at MyClass2.main(MyClass2.java:7) 

With this option, there are no flags to turn assertions on or off. They are always enabled.

Internal Invariants
replace

if(i == 0) {
 ...
} else if(i == 1) {
 ...
} else { // i == 2
 ...
}

with

if(i == 0) {
 ...
} else if(i == 1) {
 ...
} else { 
 assert i == 2;
 ...
}

Control Flow Invariants
replace

switch(value) {
 case command2.A:
  ...
  break;
 case Foo.B:
  ...
  break;
}

switch(value) {
 case Foo.A:
  ...
  break;
 case Foo.B:
  ...
  break;
 default:
  assert false;
}

Place assert false; in code you think will not be reached. You'll find out if it is!

Never allow assertion code to have side affects, since assertions can be disabled. Example:

  assert i++ == 3;

Assertions can be used to implement a design by contract style of programming. In Eiffel, this is done as part of the programming language itself. How do we do this in Java? What do we have at our disposal?

Preconditions

Postconditions

Invariants

Java offers us the following:

• Strong typing
• An Exception mechanism
• Assertions (introduced in 1.4)

Preconditions - usually use exceptions, especially for public APIs. If your class is used by other classes (any arbitrary class), it should throw an exception if an argument is called that violates the contract).
However, if you are using exceptions (especially checked exceptions) in private code, this can be cumbersome. You may not want to have to put try-catch blocks in all of your private code (trusted). You may prefer to use assertions at this point, since the only code using your classes should be your own.

What can happen if you use assertions in a public API?

void command(Object o) {
    assert o != null;

    String s = o.toString();
}

Postconditions - use assert. You probably don't want to throw an exception after the completion of the code. You would prefer to do a check on some value, and assert that the assumption is true. If the contract is violated at this point, there is not much that can be done. By throwing exceptions, you are asking the client to attempt to recover from it.

Invariants - use assert. This is often part of the pre and post condition code, since it must be true at both times. Write an invariant method that can be called whenever a method is called and returns. This will ensure the class meets the invariant. The method should return a boolean.

Assertions a big part of iterative developement. They are similar to writing a unit test that will guarantee that if code changes to violate a contract, it will be caught. The difference is it is run every time the method is executed, allowing a more diverse set of test cases.

Some definitions:

query - basic and derived

command

Six Principles:

1. Separate queries from commands
2. Separate basic queries from derived queries
3. For each derived query, write a postcondition that specifies what result will be returned in terms of one or more basic queries
4. For each command, write a postcondition that specifies the value of every basic query
5. For every query and command, decide on a suitable precondition
6. Write invariants to define unchanging properties of objects

Some javadoc additions (supported by tools, but useful without them)

• @pre a.k.a @require
• @post a.k.a @ensure
• @result
• @nochange
• @invariant
• forall
• implies
• exists

What are some of the issues with a handmade DBC solution using assertions and Exceptions?

What do we get out of DBC with java?

If you want to do DBC for real, one of the best tools out there is iContract. I have supplied an iContract target to the build.xml file that is downloadable from the web. By using iContract, you can automatically add DBC to your code.

Some other implementations of DBC in Java are

• JASS
• JMSAssert
• AspectJ

In light of all the other tools and system problems so far, it isn't required that you use iContract. However, for those of you who have extra time, I recommend you take a look at it and try it out.

Some examples:

/**
 * @invariant y >= 0
 */
public class Test {
    
    private int y;

    public static void main(String args[]) {
	Test t = new Test();
	t.run();
    }

    /**
     * a simple non static test function
     */
    void run() {
	try {
	    for(int i = 2; i > -9; i-=3) {
		this.command2(i);
	    }
	} catch (Error e) {
	    // don't want to do a try/catch, just here so we
	    // can show it works!
	    e.printStackTrace();
	}

	try {
	    this.command("hey");
	    this.command(null); // throws an IllegalArumentException
	} catch(Exception e) {
	    // don't need to catch this, it's a RuntimeException!
	    e.printStackTrace();
	}
    }

    /**
     * a command
     * @pre arg != null
     * @param arg a String arument
     */
    public void command(String arg) {
	if(arg == null) {
	    throw new IllegalArgumentException("arg can't be null");
	}
	System.out.println("arg set to " + arg);
	// a little extra (y didn't change, but run it anyway)
	assert(invariant() == true);
    }

    /**
     * another command
     * @post arg = arg@pre + 1
     * @param arg an int to increment
     */
    public void command2(int i) {
	int i_old = i;
	i++;
	y += i; // so we can test invariant
	System.out.println("i is " + i + ", y is " + y);
	// post condition
	assert(i == i_old + 1);
	// invariant
	assert(invariant() == true);
    }

    /**
     * an example of an invariant method
     * @return whether the class invariant has been violated
     */
    boolean invariant() {
	if(y < 0) {
	    return false;
	}
	return true;
    }

}

When run from the command line, the above prints

D:\>java -ea -classpath . Test
i is 3, y is 3
i is 0, y is 3
i is -3, y is 0
i is -6, y is -6
java.lang.AssertionError
        at Test.command2(Test.java:61)
        at Test.run(Test.java:19)
        at Test.main(Test.java:10)
arg set to hey
Exception in thread "main" java.lang.AssertionError
        at Test.command(Test.java:47)
        at Test.run(Test.java:28)
        at Test.main(Test.java:10)

Note that the AssertionError won't show up unless assertions are enabled. (java -ea)

/**
 * @invariant size() >= 0
 */
public interface Queue {
    // commands
    /**
     * @post size() == size()@pre + 1
     * @post elements().get( size() -1) == o
     */
    public void add( Object o );

    /**
     * @pre size() >= 1
     * @post size() == size()@pre - 1
     * @post forall int i in 0 .. size() -1 |
     *    elements().get(i) == 
     *       elements()@pre.get(i + 1)
     * 
     */
    public Object remove();
 
    /**
     * @post return == elements().size()
     */
    public int size();

    /**
     * @pre size() >= 1
     * @post @result == elements().get(0)
     */
    public Object head();

    /**
     * Check if queue is empty - derived query
     * 
     * @post @result == (size() == 0)
     */     
    public boolean isEmpty();

    public Vector elements();
}

Goal: To apply the Object Oriented concepts and patterns that you have learned in this class in a moderately sized project.

Details

Requirements

• The project should be around 1200 - 1500 lines of code (LOC). Up to 300 LOC counted can be unit tests (but you are encouraged to write more than that). If you choose to not write any unit tests you still need to write 1200 lines. The lines of code will be measured using an automated tool, javancss that is free software distributed under the GNU GPL. You can use it throughout the project to track your progress towards the goal.
• You should use at least 3 different design patterns in your design, with at least 5 applications of those patterns. Two of the patterns have to be non-creational. What this means for most of you is 5 different patterns. Some of you may want to use the same pattern more than once, but you have to use at least 3. This is a minimum, but don't force a pattern in where it isn't needed. You won't get extra points for adding more patterns, but if they are used correctly it can help your grade.
• The design should consist of at least 20 classes or interfaces.
• The design should consist of at least 2 packages.
• GUIs (Swing/JFC or AWT) are allowed , but be very careful. There are way too many distractions for those who spend too much time on a GUI, and way too many ways to get behind. Remember, if your design is good, it will be easy to add a GUI later if you want.
• I encourage you to bring your project in to the lab and do a dry run before your final presentation.
• Use javadoc tags on every public method (@param, @return, @throws), and on every class (@author). Run the javadoc tool on your code early and often to make sure it looks good. You will be submitting an electronic copy of the javadoc of your project. (There is an ant task for this in the supplied build.xml file, or you can run the javadoc tool from the command line.)
• You will be required to submit documentation (hard copy) of your project at your project presentation. This will consist of UML diagrams, a user manual, and a report.
• You will be required to submit source code, javadoc, and scripts to run your project (or if scripts aren't needed, just instructions on how to run it from the command line in your user manual) using the COL system.

Documentation Deliverable Details

• Cover Page with Title, Author, Date
• Introduction describes the project, gives an overview of the design, names the patterns used.
• Features gives the list of the features that you put in your project. Include the features that made it in, the ones that didn't, and what future enhancements could be added if you were to continue the project.
• Optional: Use Cases can be supplied that detail the requirements of your application and provide scenarios for testing whether your code meets requirements.
• Package Diagram include the packages used in your project. Use the drawing/UML tool of your choice.
• Sequence Diagram include a sequence diagram for at least one of the more complex portions of your project. Choose an area where the Sequence Diagram will help me to understand how your project works. Use the drawing/UML tool of your choice.
• Class Diagrams include at least one for each package that you implement. Include all classes and interfaces. Include significant attributes and methods, not all of them. Make sure to include significant class relationships as well, including inheritance, realization, aggregation, composition, and association. Use the drawing/UML tool of your choice.
• User Manual write a user manual that explains how to run and test your project. This includes what startup scripts or commands to use, what the unit test output should be, and any data files that should be created and/or read on completion. This is mainly for me as I evaluate your project, so include enough detail since I won't have to remember everyone's project based on your presentation.
• Summary write a three to five paragraph (i.e. one to two pages) summary of your project experience. Include what parts of the design and implementation experience you enjoyed and learned from. Also highlight any mistakes that you might have made (and learned from!) or things you wish you had known earlier in the project lifecycle. Remember, I may not read every line of code, but I will read every line of your report. Take the time to direct me towards areas of your project where you spent the most time and did the best work.
• Design Diary write down the design work that you do as you proceed through the project. Keep this in a weekly format, including all the artifacts you used in your design. I'm interested in when and how you make decisions, and what tools and methodologies (especially from the class) that you found helpful. This is not a summary (see above) but a running dialogue where you describe your process. For each student, this diary will be slightly different, but I expect artifacts from all of you from each week. Do this regularly, don't try to add it on at the end.

Final presentation format:

You will register for a 15-20 minute session with me in the lab. You will demo your project and I will ask you a number of questions about it. Some of these questions will be given to you ahead of time. Some of them will not.

It is imperative that you understand your own code. I will be quizzing you on what it does and how you wrote it, so make sure you write it yourself! According to the academic dishonesty policy, you can be expelled or given an F for submitting work that is not your own.

That said, if your project will be based on or use existing code (either from work or another class), I will need a copy of the source code used before you start the project. I will assume that all other code submitted is completely written by you and that you understand it completely.

The grade will be assessed as follows:

Final Presentation (30%)

• Knowledge of application
• Knowledge of patterns used
• Knowledge of tools, methodologies, development process

Report (30%)

• Cover Page
• Intro
• Features
• Package Diagram
• Class Diagram
• Sequence Diagram
• Summary

Project (40%)

• Code Quality (javadoc/comments/readability/conformance to coding standard)
• Meets requirements (LOC, # of classes, pattern count/usage)
• Compiles/Runs/Matches documentation and user manual
• Concept, Implementation, Quality

Examples:

• Airline possibilities (since you already have some code)
• Simulators....
• Quicken clone
• Grade book
• Games (nothing trivial like tic-tac-toe, checkers, or card games)
• Command line utilities (editors, log file analyzers.. ). Be careful not to write anything OS specific.

Any n-player game. Players interact in turns (not at the same time).

Day one: tic-tac-toe or similar; computer-versus-computer (stupid); text-based user interface (TUI).

Week one: computer or human (abstract player class).

Week two: TUI or GUI (abstract UI class(es?)).

Week three: changeable rules (abstract referee class).

Week four: specialize game. polish.

Day one: Simulate a single airport with random flights.

Week one: Model flights, simple weather problems, late flights. Saving state to a file.

Week two: TUI or GUI (abstract UI class(es?)).

Week three: Changeable weather? User controlled flights? Air traffic controlling? Redirected flights?

Week four: polish.

Note: This is challenging one!

Day one: Implement the most basic part of the framework (the command pattern, for example) with a simple user of the framework.

Week one: Fill out the details of the framework

Week two: Implement all the framework features

Week three: Write a program (simple) using your framework that is a little more advanced than the unit tests.

Week four: polish.

The key is designing for variation.

Variation encourages you to use a nice modular design. Force yourself to allow other options, for example, other rules, other UI's, other players, other input systems, other data storage techniques ...

Do not fix anything you don't have to.

Split logically separate functions into packages.

Design clear interfaces for your packages.

Do not choose a project because you want to learn one of Java's many APIs. You will spend all your time with the API and none with your project. (This happened to me!)

Do not spend your time entering lots of data. If you do a record store, your grade will not vary by how many records there are. Lines of code that add data will of course count in the total number of lines of code, but that will only be a very small part of the grade.

Do not emphasize the GUI, or other cool things, like sound. Keep it basic. Make the code pretty. This includes things like good javadocs, good formatting, good variable names, good comments. Be very careful with Swing/AWT so that you don't embed all of your code in your interface.

Problematic:

• Simple database frontend. All interest in data, none in code. Solution: Do not use JDBC! This will help you to focus on your implementation and not on working out configuration issues, as well as keep you from worrying too much about data. (Don't worry, you will get JDBC in SE 452/560/491/554/591...)
• Cool database frontend. For example, guitar chords. All interest in data, none in code. Solution: Do not spend more than on third of time on data and GUI combined.
• Calculator. Too simple.
• Compute complex function of inputs. All interest in algorithm, none in structure. Hard to do a layered design.
• Web applications aren't allowed. Take SE452 to get your fill of those.
• Network applications aren't allowed. This includes RMI and Web based systems. These are difficult to setup and test and demonstrate, all of which have to be done in the process of grading your project.

Do not get too caught up on beautiful graphics/algorithms. Worry more about beautiful structure.

Read Jia chapter 7, 9, and 10.1-10.2

Goal: to become familiar with the Java assertion facility and the design by contract concepts.

Your job is to implement DBC on new code you will write using Java assertions.

Add a new class to your previous homework assignments. This time you will implement a class called Airport. An Airport will consist of Runways (basically queues), and Gates.

The Airport class should have methods to set/get the Name (the code), the number of runways, add and remove Flights. You should also be able to get the Flights as a List. An airport should never be allowed to add a Flight that is already going to that Airport, or remove a flight that isn't currently at that airport, or have more flights than gates. It also should not allow null parameters in any of its functions. Your job is to write good pre and post conditions, and an invariant to ensure that these conditions hold true. Assume a very simple airport, where each flight goes to one gate, no gates are shared, and all flights happen in the same day.

Follow the six steps of the DBC methodology.

Your job is to implement an invariant method, preconditions for each command, and postconditions for each derived query. Use the java assertion facility for assertions, use an IllegalArgumentException (or a similar RuntimeException) for exceptions. Put the javadoc extensions (@invariant, @pre, and @post) in the right places with the right java code to show the condition.

Write a JUnit test called AirportTest that shows that the contracts of the methods can't be violated. You can do this by putting each call around a try block that catches an Exception that you expect to be thrown. If it fails, then catch the exception for a successful test. If it doesn't fail, then fail the test. See last week's notes for an example.

Submit a ZIP file that contains all java files and grader.txt. The files should be in the same package as you have used for your previous homework assignments, except the package for this assignment will be hw5 (i.e. se450.student.hw5).

You can use the grader.txt file from the previous homework.

Due Monday, February 17th at 5:30 PM.

Write a one or two page description of your idea for a final project.

You should include:

• A description of the problem.
• A list of java packages you will need to use.
• A list of other software you will need to use. This will probably be the standard JDK 1.4 classes (java.lang.*, java.io.*, and java.util.*), some gui classes (awt or swing), and JUnit only. If you need other software, I will want to know what it is and why you need it. This includes non standard APIs (javax.* other than swing) and any source that you didn't write (libraries, etc).
• A brief outline of your six-week development plan. This includes a week by week summary of what you will accomplish for that week.

(Note any special expertise that would make the project simpler for you, on other words, how your past experience in the area you plan cover will make your project better)

Place the description in a file project.txt and submit it as Project Proposal by February 20th.

Please make sure your file is in plain text, not word, rtf or other formats. Use a text editor, or if you use word and save as text, open it in a text editor before you submit it so you know it is formatted correctly.

Don't wait to start coding/designing/experimenting until next week. Get moving. I will contact you via email if I see a problem with the proposal.

Revised: 2003/2/8