next up previous
Next: LSL Traits Specify Mathematical Up: Larch/C++ An Interface Specification Previous: Satisfaction

Specification of Classes

C++ classes can be specified by specifying how the member functions affect various specification variables. Specification variables are data members declared with spec declarations. For example, consider the specification in Figure 3 (the notation is explained below).


  
Figure 3: The specification of the class Point (file Point.h).
\begin{figure}\vspace{-2ex} \begin{flushleft}\rule{\textwidth}{0.01in}\end{flush...
...in{flushleft}\rule{\textwidth}{0.01in}\end{flushleft} \vspace{-2ex}
\end{figure}

In Figure 3, again the lines that are not annotations are part of the C++ interface specification. In the first annotation comment, two specification variables, x and y, are declared. The abstract model of points thus includes two integer objects. These do not have to be part of a correct implementation, but are here just for the purpose of explaining the behavior of the functions.

The first function specified is the constructor. Its job in C++ is to initialize the data members of the class. In this case, it says that the initial values of the actual data members must be such that the object behaves as if its specification variables, x and y, have the values given.

In a function specification, the modifies clause tells what objects or variables can have their values changed by a call. In the constructor, both specification variables can be changed.

A variable, such as x, that can be changed by a call may have one value x^ just before the call, and another x' at the end of the call. See the postcondition of Move for an example that uses both these notations.

The destructor's specification says that it always returns; that is, it does not do anything necessarily, but always terminates. (Recall that C++ itself recovers the space in stack-allocated objects.)


next up previous
Next: LSL Traits Specify Mathematical Up: Larch/C++ An Interface Specification Previous: Satisfaction
Gary T. Leavens
1999-01-26