- Updated documentation to use CSS and <div> instead of blockquotes
git-svn-id: https://swig.svn.sourceforge.net/svnroot/swig/trunk/SWIG@7003 626c5289-ae23-0410-ae9c-e8d60b6d4f22
This commit is contained in:
John Lenz
parent
bc96925c9d
commit
13ad5fff85
35 changed files with 8013 additions and 4099 deletions
|
|
@ -2,27 +2,32 @@
|
|||
<html>
|
||||
<head>
|
||||
<title>Contract Checking</title>
|
||||
<link rel="stylesheet" type="text/css" href="style.css"/>
|
||||
</head>
|
||||
|
||||
<body bgcolor="#ffffff">
|
||||
<H1><a name="Contract"></a>12 Contracts</H1>
|
||||
<!-- INDEX -->
|
||||
<div class="sectiontoc">
|
||||
<ul>
|
||||
<li><a href="#Contract_nn2">The %contract directive</a>
|
||||
<li><a href="#Contract_nn3">%contract and classes</a>
|
||||
<li><a href="#Contract_nn4">Constant aggregation and %aggregate_check</a>
|
||||
<li><a href="#Contract_nn5">Notes</a>
|
||||
</ul>
|
||||
</div>
|
||||
<!-- INDEX -->
|
||||
|
||||
|
||||
|
||||
<p>
|
||||
A common problem that arises when wrapping C libraries is that of maintaining
|
||||
reliability and checking for errors. The fact of the matter is that many
|
||||
C programs are notorious for not providing error checks. Not only that,
|
||||
when you expose the internals of an application as a library, it
|
||||
often becomes possible to crash it simply by providing bad inputs or
|
||||
using it in a way that wasn't intended.
|
||||
</p>
|
||||
|
||||
<p>
|
||||
This chapter describes SWIG's support for software contracts. In the context
|
||||
|
|
@ -36,10 +41,12 @@ generated rather than having the program continue to execute.
|
|||
<H2><a name="Contract_nn2"></a>12.1 The %contract directive</H2>
|
||||
|
||||
|
||||
<p>
|
||||
Contracts are added to a declaration using the %contract directive. Here
|
||||
is a simple example:
|
||||
</p>
|
||||
|
||||
<blockquote>
|
||||
<div class="code">
|
||||
<pre>
|
||||
%contract sqrt(double x) {
|
||||
require:
|
||||
|
|
@ -51,8 +58,9 @@ ensure:
|
|||
...
|
||||
double sqrt(double);
|
||||
</pre>
|
||||
</blockquote>
|
||||
</div>
|
||||
|
||||
<p>
|
||||
In this case, a contract is being added to the <tt>sqrt()</tt> function.
|
||||
The <tt>%contract</tt> directive must always appear before the declaration
|
||||
in question. Within the contract there are two sections, both of which
|
||||
|
|
@ -62,6 +70,7 @@ Typically, this is used to check argument values. The <tt>ensure:</tt> section
|
|||
specifies conditions that must hold after the function is called. This is
|
||||
often used to check return values or the state of the program. In both
|
||||
cases, the conditions that must hold must be specified as boolean expressions.
|
||||
</p>
|
||||
|
||||
<p>
|
||||
In the above example, we're simply making sure that sqrt() returns a non-negative
|
||||
|
|
@ -73,7 +82,7 @@ Once a contract has been specified, it modifies the behavior of the
|
|||
resulting module. For example:
|
||||
</p>
|
||||
|
||||
<blockquote>
|
||||
<div class="code">
|
||||
<pre>
|
||||
>>> example.sqrt(2)
|
||||
1.4142135623730951
|
||||
|
|
@ -83,14 +92,16 @@ Traceback (most recent call last):
|
|||
RuntimeError: Contract violation: require: (arg1>=0)
|
||||
>>>
|
||||
</pre>
|
||||
</blockquote>
|
||||
</div>
|
||||
|
||||
<H2><a name="Contract_nn3"></a>12.2 %contract and classes</H2>
|
||||
|
||||
|
||||
<p>
|
||||
The <tt>%contract</tt> directive can also be applied to class methods and constructors. For example:
|
||||
</p>
|
||||
|
||||
<blockquote>
|
||||
<div class="code">
|
||||
<pre>
|
||||
%contract Foo::bar(int x, int y) {
|
||||
require:
|
||||
|
|
@ -110,23 +121,27 @@ public:
|
|||
int bar(int, int);
|
||||
};
|
||||
</pre>
|
||||
</blockquote>
|
||||
</div>
|
||||
|
||||
<p>
|
||||
The way in which <tt>%contract</tt> is applied is exactly the same as the <tt>%feature</tt> directive.
|
||||
Thus, any contract that you specified for a base class will also be attached to inherited methods. For example:
|
||||
</p>
|
||||
|
||||
<blockquote>
|
||||
<div class="code">
|
||||
<pre>
|
||||
class Spam : public Foo {
|
||||
public:
|
||||
int bar(int,int); // Gets contract defined for Foo::bar(int,int)
|
||||
};
|
||||
</pre>
|
||||
</blockquote>
|
||||
</div>
|
||||
|
||||
<p>
|
||||
In addition to this, separate contracts can be applied to both the base class and a derived class. For example:
|
||||
</p>
|
||||
|
||||
<blockquote>
|
||||
<div class="code">
|
||||
<pre>
|
||||
%contract Foo::bar(int x, int) {
|
||||
require:
|
||||
|
|
@ -148,20 +163,24 @@ public:
|
|||
int bar(int,int); // Gets Foo::bar and Spam::bar contract
|
||||
};
|
||||
</pre>
|
||||
</blockquote>
|
||||
</div>
|
||||
|
||||
<p>
|
||||
When more than one contract is applied, the conditions specified in a
|
||||
"require:" section are combined together using a logical-AND operation.
|
||||
In other words conditions specified for the base class and conditions
|
||||
specified for the derived class all must hold. In the above example,
|
||||
this means that both the arguments to <tt>Spam::bar</tt> must be positive.
|
||||
</p>
|
||||
|
||||
<H2><a name="Contract_nn4"></a>12.3 Constant aggregation and %aggregate_check</H2>
|
||||
|
||||
|
||||
<p>
|
||||
Consider an interface file that contains the following code:
|
||||
</p>
|
||||
|
||||
<blockquote>
|
||||
<div class="code">
|
||||
<pre>
|
||||
#define UP 1
|
||||
#define DOWN 2
|
||||
|
|
@ -170,30 +189,36 @@ Consider an interface file that contains the following code:
|
|||
|
||||
void move(SomeObject *, int direction, int distance);
|
||||
</pre>
|
||||
</blockquote>
|
||||
</div>
|
||||
|
||||
<p>
|
||||
One thing you might want to do is impose a constraint on the direction parameter to
|
||||
make sure it's one of a few accepted values. To do that, SWIG provides an easy to
|
||||
use macro %aggregate_check() that works like this:
|
||||
</p>
|
||||
|
||||
<blockquote>
|
||||
<div class="code">
|
||||
<pre>
|
||||
%aggregate_check(int, check_direction, UP, DOWN, LEFT, RIGHT);
|
||||
</pre>
|
||||
</blockquote>
|
||||
</div>
|
||||
|
||||
<p>
|
||||
This merely defines a utility function of the form
|
||||
</p>
|
||||
|
||||
<blockquote>
|
||||
<div class="code">
|
||||
<pre>
|
||||
int check_direction(int x);
|
||||
</pre>
|
||||
</blockquote>
|
||||
</div>
|
||||
|
||||
<p>
|
||||
That checks the argument x to see if it is one of the values listed. This utility
|
||||
function can be used in contracts. For example:
|
||||
</p>
|
||||
|
||||
<blockquote>
|
||||
<div class="code">
|
||||
<pre>
|
||||
%aggregate_check(int, check_direction, UP, DOWN, RIGHT, LEFT);
|
||||
|
||||
|
|
@ -209,10 +234,13 @@ require:
|
|||
|
||||
void move(SomeObject *, int direction, int distance);
|
||||
</pre>
|
||||
</blockquote>
|
||||
</div>
|
||||
|
||||
<p>
|
||||
Alternatively, it can be used in typemaps and other directives. For example:
|
||||
<blockquote>
|
||||
</p>
|
||||
|
||||
<div class="code">
|
||||
<pre>
|
||||
%aggregate_check(int, check_direction, UP, DOWN, RIGHT, LEFT);
|
||||
|
||||
|
|
@ -227,16 +255,20 @@ Alternatively, it can be used in typemaps and other directives. For example:
|
|||
|
||||
void move(SomeObject *, int direction, int distance);
|
||||
</pre>
|
||||
</blockquote>
|
||||
</div>
|
||||
|
||||
<p>
|
||||
Regrettably, there is no automatic way to perform similar checks with enums values. Maybe in a future
|
||||
release.
|
||||
</p>
|
||||
|
||||
<H2><a name="Contract_nn5"></a>12.4 Notes</H2>
|
||||
|
||||
|
||||
<p>
|
||||
Contract support was implemented by Songyan (Tiger) Feng and first appeared
|
||||
in SWIG-1.3.20.
|
||||
</p>
|
||||
|
||||
</body>
|
||||
</html>
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue