Static modeling (& lifetime)
description
Transcript of Static modeling (& lifetime)
![Page 1: Static modeling (& lifetime)](https://reader035.fdocuments.us/reader035/viewer/2022081503/5681641f550346895dd5dd35/html5/thumbnails/1.jpg)
Static modeling (& lifetime)Using types to test, document and reduce system complexity
![Page 2: Static modeling (& lifetime)](https://reader035.fdocuments.us/reader035/viewer/2022081503/5681641f550346895dd5dd35/html5/thumbnails/2.jpg)
Welcome
![Page 3: Static modeling (& lifetime)](https://reader035.fdocuments.us/reader035/viewer/2022081503/5681641f550346895dd5dd35/html5/thumbnails/3.jpg)
This talk/debate• Static modeling • Lifetime given time• Interrupt at any time!
![Page 4: Static modeling (& lifetime)](https://reader035.fdocuments.us/reader035/viewer/2022081503/5681641f550346895dd5dd35/html5/thumbnails/4.jpg)
Safety nets• Design/code reviews, pair programming• Compiler • Static modeling• Unit tests/module tests• Pipeline tests• Developer testing• Continuos integration• Static analysis tools (PCLint etc)• Dynamic analysis tools (Boundschecker, valgrind, etc)• QA testing• Design by contract• Assertions
Bold = expressed in code
![Page 5: Static modeling (& lifetime)](https://reader035.fdocuments.us/reader035/viewer/2022081503/5681641f550346895dd5dd35/html5/thumbnails/5.jpg)
Fail fast• Minimize turn around time – minimize waste• Bug found => ”Possible to catch earlier?”• Review => ”Possible to catch earlier?”
![Page 6: Static modeling (& lifetime)](https://reader035.fdocuments.us/reader035/viewer/2022081503/5681641f550346895dd5dd35/html5/thumbnails/6.jpg)
Failing fast in C++Build timeCode generationMacro expansionTemplate instantiationTranslation unit compilationLinking Installation/configuration
Run timeLoad timeStatic initializationBootstrapping/Initialization codeLevel load ... Specific/rare situations
![Page 7: Static modeling (& lifetime)](https://reader035.fdocuments.us/reader035/viewer/2022081503/5681641f550346895dd5dd35/html5/thumbnails/7.jpg)
Static modeling• Model invariants and tests with (static) types• Either compile time or instantiation time
int x=-10;bounded<int, -1, 99999> i(x);
quantity<speed> v = 1*meter/second;quantity<time> t = 2.0*minute;quantity<length> l = v/t;
![Page 8: Static modeling (& lifetime)](https://reader035.fdocuments.us/reader035/viewer/2022081503/5681641f550346895dd5dd35/html5/thumbnails/8.jpg)
Value of static modeling
1. Type up ASAP - fail fast2. Documentation3. Reduces complexity / state space
![Page 9: Static modeling (& lifetime)](https://reader035.fdocuments.us/reader035/viewer/2022081503/5681641f550346895dd5dd35/html5/thumbnails/9.jpg)
Code based tests
Static modeling, assertions, design by contract, automated test hooks, unit tests etc.
- Add ”weight” when prototyping+ ”Easy” to add to existing/legacy code
![Page 10: Static modeling (& lifetime)](https://reader035.fdocuments.us/reader035/viewer/2022081503/5681641f550346895dd5dd35/html5/thumbnails/10.jpg)
How to reduce the state space• Init/set/modify -> constructor/factory• Split objects into smaller pieces• Lock down dynamics ASAP
![Page 11: Static modeling (& lifetime)](https://reader035.fdocuments.us/reader035/viewer/2022081503/5681641f550346895dd5dd35/html5/thumbnails/11.jpg)
Demarshalling• Type up immediately
![Page 12: Static modeling (& lifetime)](https://reader035.fdocuments.us/reader035/viewer/2022081503/5681641f550346895dd5dd35/html5/thumbnails/12.jpg)
Indices• Indices only needed when de-/serializing• Look up immediately, pass around instance
![Page 13: Static modeling (& lifetime)](https://reader035.fdocuments.us/reader035/viewer/2022081503/5681641f550346895dd5dd35/html5/thumbnails/13.jpg)
Use typed ids
struct foo_id { int id; };bool operator==(...);
![Page 14: Static modeling (& lifetime)](https://reader035.fdocuments.us/reader035/viewer/2022081503/5681641f550346895dd5dd35/html5/thumbnails/14.jpg)
Distuinguish invalid ids by typeenum error {err1, err2};
class result { bool has_id(); const
/// @pre valid() foo_id get_id() const;
/// @pre !valid() error get_error() const;private: int data;};
result get_id(...);
// Using boostboost::variant<error, foo_id> get_id();
![Page 15: Static modeling (& lifetime)](https://reader035.fdocuments.us/reader035/viewer/2022081503/5681641f550346895dd5dd35/html5/thumbnails/15.jpg)
Optional
optional<X> find_closest_x();void do_stuff(const X& x);
• Isolate inited/not inited state• Clear semantics, all-or-nothing
bool find_closest_x(X& x);
![Page 16: Static modeling (& lifetime)](https://reader035.fdocuments.us/reader035/viewer/2022081503/5681641f550346895dd5dd35/html5/thumbnails/16.jpg)
Right/left hand system
Either compile time, runtime or combinedBetter granularity than math asserts on/off
![Page 17: Static modeling (& lifetime)](https://reader035.fdocuments.us/reader035/viewer/2022081503/5681641f550346895dd5dd35/html5/thumbnails/17.jpg)
RAII• new/delete • aquire/unaquire• connect/disconnect• lock/unlock• subscribe/unsubscribe• register/unregister• open/close
Need to match call pairs AND know if an objectis initialized or not
![Page 18: Static modeling (& lifetime)](https://reader035.fdocuments.us/reader035/viewer/2022081503/5681641f550346895dd5dd35/html5/thumbnails/18.jpg)
RAII example
void foo(int x, int y);
signal<void(int x, int y)> sig;signal_connection con(sig, foo);
![Page 19: Static modeling (& lifetime)](https://reader035.fdocuments.us/reader035/viewer/2022081503/5681641f550346895dd5dd35/html5/thumbnails/19.jpg)
Side note: RAII pillars• Exceptions• Deterministic destruction
![Page 20: Static modeling (& lifetime)](https://reader035.fdocuments.us/reader035/viewer/2022081503/5681641f550346895dd5dd35/html5/thumbnails/20.jpg)
Static modeling and lifetime• More work in constructor/destructor• Object lifetime becomes very important
![Page 21: Static modeling (& lifetime)](https://reader035.fdocuments.us/reader035/viewer/2022081503/5681641f550346895dd5dd35/html5/thumbnails/21.jpg)
Lifetime primitives• scoped_ptr (not copyable)• shared_ptr• weak_ptr• move_ptr (not copyable)• reference (not assignable)
![Page 22: Static modeling (& lifetime)](https://reader035.fdocuments.us/reader035/viewer/2022081503/5681641f550346895dd5dd35/html5/thumbnails/22.jpg)
Interfaceless objects/// @param foo is guaranteed to outlive/// return valuemove_ptr<void> create_stuff(const function<void()>& onBar,
shared_ptr<GuiFactories> gui,
const SomeFacade& foo, move_ptr<const ResourceX> x);
![Page 23: Static modeling (& lifetime)](https://reader035.fdocuments.us/reader035/viewer/2022081503/5681641f550346895dd5dd35/html5/thumbnails/23.jpg)
Summary• Static modeling pros: Fails fast, documentation, minimizes
total logic • Static modeling increasingly important in longer and larger
projects• Static modeling increases need of clear lifetime semantics
![Page 24: Static modeling (& lifetime)](https://reader035.fdocuments.us/reader035/viewer/2022081503/5681641f550346895dd5dd35/html5/thumbnails/24.jpg)
Static modeling vs. DbC
Catch errors that must be checked at runtime bytyping up or DbC/assertions?
• Is the invariant local?• Duplicate preconditions => time to type up!• S.M. only applicable to single variables
![Page 25: Static modeling (& lifetime)](https://reader035.fdocuments.us/reader035/viewer/2022081503/5681641f550346895dd5dd35/html5/thumbnails/25.jpg)
Opposite of static modeling
class message_channel{ void send(const string& key, const string& value); void listen(const string& key, listener& l) const;};
Dynamic modeling good for prototyping/iteratingOptimal: Lock down invariants in code by typing up
incrementally. No major language supports this well.
![Page 26: Static modeling (& lifetime)](https://reader035.fdocuments.us/reader035/viewer/2022081503/5681641f550346895dd5dd35/html5/thumbnails/26.jpg)
Don’t get lured by ”power”• Dynamic components are very powerful but can also be
abused• Specialized, less powerful = easy to understand and test,
smaller state space• Think reflection, introspection, tuple spaces