SlideShare a Scribd company logo

9-Coding.ppt

Download as PPT, PDF
K
KomalSinghGill

The document discusses various aspects of coding, including: 1) The goal of coding should be to make the code easy to test and maintain by writing clear, readable code rather than focusing only on reducing coding costs. 2) Programmers spend more time reading code than writing it, so code readability is important. Coding standards can improve readability. 3) Structured programming aims to simplify program structure by using only a few control constructs like sequencing, if-then-else, and while to make the code easier to understand and verify.

Education
1 of 78
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
Coding 1 Coding
Coding 2 Coding  Goal is to implement the design in best possible manner  Coding affects testing and maintenance  As testing and maintenance costs are high, aim of coding activity should be to write code that reduces them  Hence, goal should not be to reduce coding cost, but testing and maint cost, i.e. make the job of tester and maintainer easier
Coding 3 Coding…  Code is read a lot more  Coders themselves read the code many times for debugging, extending etc  Maintainers spend a lot of effort reading and understanding code  Other developers read code when they add to existing code  Hence, code should be written so it is easy to understand and read, not easy to write!
Coding 4 Coding…  Having clear goal for coding will help achieve them  Weinberg experiment showed that coders achieve the goal they set  Diff coders were given the same problem  But different objectives were given to diff programmers – minimize effort, min size, min memory, maximize clarity, max output clarity  Final programs for diff programmers generally satisfied the criteria given to them
Coding 5 Weinberg experiment.. Resulting Rank (1=best) O1 o2 o3 o4 o5 Minimize Effort (o1) Minimize prog size (o2) Minimize memory (o3) Maximize code clarity (o4) Maximize output clarity (o5) 1 4 4 5 3 2-3 1 2 3 5 5 2 1 4 4 4 3 3 2 2 2-3 5 5 1 1
Coding 6 Programming Principles  The main goal of the programmer is write simple and easy to read programs with few bugs in it  Of course, the programmer has to develop it quickly to keep productivity high  There are various programming principles that can help write code that is easier to understand (and test…)
Coding 7 Structured Programming  Structured programming started in the 70s, primarily against indiscriminate use of control constructs like gotos  Goal was to simplify program structure so it is easier to argue about programs  Is now well established and followed
Coding 8 Structured Programming…  A program has a static structure which is the ordering of stmts in the code – and this is a linear ordering  A program also has dynamic structure –order in which stmts are executed  Both dynamic and static structures are ordering of statements  Correctness of a program must talk about the dynamic structure
Coding 9 Structured Programming…  To show a program as correct, we must show that its dynamic behavior is as expected  But we must argue about this from the code of the program, i.e. the static structure  I.e program behavior arguments are made on the static code  This will become easier if the dynamic and static structures are similar  Closer correspondence will make it easier to understand dynamic behavior from static structure  This is the idea behind structured programming
Coding 10 Structured Programming…  Goal of structured programming is to write programs whose dynamic structure is same as static  I.e. stmts are executed in the same order in which they are present in code  As stmts organized linearly, the objective is to develop programs whose control flow is linear
Coding 11 Structured Programming…  Meaningful programs cannot be written as seq of simple stmts  To achieve the objectives, structured constructs are to be used  These are single-entry-single-exit constructs  With these, execution of the stmts can be in the order they appear in code  The dynamic and static order becomes same
Coding 12 Structured Programming…  Each structured construct should also have a clear behavior  Then we can compose behavior of stmts to understand behavior of programs  Hence, arbitrary single-entry-single-exit constructs will not help  It can be shown that a few constructs like while, if, and sequencing suffice for writing any type of program
Coding 13 Structured Programming…  SP was promulgated to help formal verification of programs  Without linear flow, composition is hard and verification difficult  But, SP also helps simplify the control flow of programs, making them easier to understand and argue about  SP is an accepted and standard practice today – modern languages support it well
Coding 14 Information Hiding  Software solutions always contain data structures that hold information  Programs work on these DS to perform the functions they want  In general only some operations are performed on the information, i.e. the data is manipulated in a few ways only  E.g. on a bank’s ledger, only debit, credit, check cur balance etc are done
Coding 15 Information Hiding…  Information hiding – the information should be hidden; only operations on it should be exposed  I.e. data structures are hidden behind the access functions, which can be used by programs  Info hiding reduces coupling  This practice is a key foundation of OO and components, and is also widely used today
Coding 16 Some Programming Practices  Control constructs: Use only a few structured constructs (rather than using a large no of constructs)  Goto: Use them sparingly, and only when the alternatives are worse  Info hiding: Use info hiding  Use-defined types: use these to make the programs easier to read
Coding 17 Some Programming Practices..  Nesting: Avoid heavy nesting of if-then- else; if disjoint nesting can be avoided  Module size: Should not be too large – generally means low cohesion  Module interface: make it simple  Robustness: Handle exceptional situations  Side effects: Avoid them, document
Coding 18 Some Programming Practices..  Empty catch block: always have some default action rather than empty  Empty if, while: bad practice  Read return: should be checked for robustness  Return from finally: should not return from finally  Correlated parameters: Should check for compatibility
Coding 19 Coding Standards  Programmers spend more time reading code than writing code  They read their own code as well as other programmers code  Readability is enhanced if some coding conventions are followed by all  Coding standards provide these guidelines for programmers  Generally are regarding naming, file organization, statements/declarations, …  Some Java conventions discussed here
Coding 20 Coding Standards…  Naming conventions  Package name should be in lower case (mypackage, edu.iitk.maths)  Type names should be nouns and start with uppercase (Day, DateOfBirth,…)  Var names should be nouns in lowercase; vars with large scope should have long names; loop iterators should be i, j, k…  Const names should be all caps  Method names should be verbs starting with lower case (eg getValue())  Prefix is should be used for boolean methods
Coding 21 Coding Standards…  Files  Source files should have .java extension  Each file should contain one outer class and the name should be same as file  Line length should be less than 80; if longer continue on another line…
Coding 22 Coding Standards…  Statements  Vars should be initialized where declared in the smallest possible scope  Declare related vars together; unrelated vars should be declared separately  Class vars should never be declared public  Loop vars should be initialized just before the loop  Avoid using break and continue in loops  Avoid executable stmts in conditionals  Avoid using the do… while construct
Coding 23 Coding Standards…  Commenting and layout  Single line comments for a block should be aligned with the code block  There should be comments for all major vars explaining what they represent  A comment block should start with a line with just /* and end with a line with */  Trailing comments after stmts should be short and on the same line
Coding 24 Coding Process  Coding starts when specs for modules from design is available  Usually modules are assigned to programmers for coding  In top-down development, top level modules are developed first; in bottom-up lower levels modules  For coding, developers use different processes; we discuss some here
Coding 25 An Incremental Coding Process  Basic process: Write code for the module, unit test it, fix the bugs  It is better to do this incrementally – write code for part of functionality, then test it and fix it, then proceed  I.e. code is built code for a module incrementally
Coding 26
Coding 27 Test Driven Development  This coding process changes the order of activities in coding  In TDD, programmer first writes the test scripts and then writes the code to pass the test cases in the script  This is done incrementally  Is a relatively new approach, and is a part of the extreme programming (XP)
Coding 28 TDD…  In TDD, you write just enough code to pass the test  I.e. code is always in sync with the tests and gets tested by the test cases  Not true in code first approach, as test cases may only test part of functionality  Responsibility to ensure that all functionality is there is on test case design, not coding  Help ensure that all code is testable
Coding 29 TDD…  Focus shifts to how code will be used as test cases are written first  Helps validate user interfaces specified in the design  Focuses on usage of code  Functionality prioritization happens naturally  Has possibility that special cases for which test cases are not possible get left out  Code improvement through refactoring will be needed to avoid getting a messy code
Coding 30
Coding 31 Pair Programming  Also a coding process that has been proposed as key practice in XP  Code is written by pair of programmers rather than individuals  The pair together design algorithms, data structures, strategies, etc.  One person types the code, the other actively reviews what is being typed  Errors are pointed out and together solutions are formulated  Roles are reversed periodically
Coding 32 Pair Programming…  PP has continuous code review, and reviews are known to be effective  Better designs of algos/DS/logic/…  Special conditions are likely to be dealt with better and not forgotten  It may, however, result in loss of productivity  Ownership and accountability issues are also there  Effectiveness is not yet fully known
Coding 33 Source Code Control and Built  Source code control is an essential step programmers have to do  Generally tools like CVS, VSS are used  A tool consists of repository, which is a controlled directory structure  The repository is the official source for all the code files  System build is done from the files in the repository only  Tool typically provides many commands to programmers
Coding 34 Source code control…  Checkout a file: by this a programmer gets a local copy that can be modified  Check in a file: changed files are uploaded in the repository and change is then available to all  Tools maintain complete change history and all older versions can be recovered  Source code control is an essential tool for developing large projects and for coordination
Coding 35 Verification  Code has to be verified before it can be used by others  Here we discuss only verification of code written by a programmer (system verification is discussed in testing)  There are many different techniques; key ones – unit testing, inspection, and program checking  Program checking can also be used at the system level
Coding 36 Code Inspections  The inspection process can be applied to code with great effectiveness  Inspections held when code has compiled and a few tests passed  Usually static tools are also applied before inspections  Inspection team focuses on finding defects and bugs in code  Checklists are generally used to focus the attention on defects
Coding 37 Code Inspections…  Some items in a checklist  Do all pointers point to something  Are all vars and pointers initialized  Are all array indexes within bounds  Will all loops always terminate  Any security flaws  Is input data being checked  Obvious inefficiencies
Coding 38 Code inspections…  Are very effective and are widely used in industry (many require all critical code segments to be inspected)  Is also expensive; for non critical code one person inspection may be used  Code reading is self inspection  A structured approach where code is read inside- out  Is also very effective
Coding 39 Unit Testing  Is testing, except the focus is the module a programmer has written  Most often UT is done by the programmer himself  UT will require test cases for the module – will discuss in testing  UT also requires drivers to be written to actually execute the module with test cases  Besides the driver and test cases, tester needs to know the correct outcome as well
Coding 40 Unit Testing…  If incremental coding is being done, then complete UT needs to be automated  Otherwise, repeatedly doing UT will not be possible  There are tools available to help  They provide the drivers  Test cases are programmed, with outcomes being checked in them  I.e. UT is a script that returns pass/fail
Coding 41 Unit Testing…  There are frameworks like Junit that can be used for testing Java classes  Each test case is a method which ends with some assertions  If assertions hold, the test case pass, otherwise it fails  Complete execution and evaluation of the test cases is automated  For enhancing the test script, additional test cases can be added easily
Coding 42 Static Analysis  These are tools to analyze program sources and check for problems  Static analyzer cannot find all bugs and often cannot be sure of the bugs it finds as it is not executing the code  So there is noise in their output  Many different tools available that use different techniques  They are effective in finding bugs like memory leak, dead code, dangling pointers,..
Coding 43 Formal Verification  These approaches aim to prove the correctness of the program  I.e. the program implements its specifications  Require formal specifications for the program, as well as rules to interpret the program  Was an active area of research; scalability issues became the bottleneck  Used mostly in very critical situations, as an additional approach
Coding 44 Metrics for Size  LOC or KLOC  non-commented, non blank lines is a standard definition  Generally only new or modified lines are counted  Used heavily, though has shortcomings
Coding 45 Metrics for Size…  Halstead’s Volume  n1: no of distinct operators  n2: no of distinct operands  N1: total occurrences of operators  N2: Total occurrences of operands  Vocabulary, n = n1 + n2  Length, N = N1 + N2  Volume, V = N log2(n)
Coding 46 Metrics for Complexity  Cyclomatic Complexity is perhaps the most widely used measure  Represents the program by its control flow graph with e edges, n nodes, and p parts  Cyclomatic complexity is defined as V(G) = e- n+p  This is same as the number of linearly independent cycles in the graph  And is same as the number of decisions (conditionals) in the program plus one
Coding 47 Cyclomatic complexity example… 1. { 2. i=1; 3. while (i<=n) { 4. J=1; 5. while(j <= i) { 6. If (A[i]<A[j]) 7. Swap(A[i], A[j]); 8. J=j+1;} 9. i = i+1;} 10. }
Coding 48 Example…
Coding 49 Example…  V(G) = 10-7+1 = 4  Independent circuits 1. b c e b 2. b c d e b 3. a b f a 4. a g a  No of decisions is 3 (while, while, if); complexity is 3+1 = 4
Coding 50 Complexity metrics…  Halsteads  N2/n2 is avg times an operand is used  If vars are changed frequently, this is larger  Ease of reading or writing is defined as D = (n1*N2)/(2*n2)  There are others, e.g. live variables, knot count..
Coding 51 Complexity metrics…  The basic use of these is to reduce the complexity of modules  One suggestion is that cyclomatic complexity should be less than 10  Another use is to identify high complexity modules and then see if their logic can be simplified
Coding 52 Summary  Goal of coding is to convert a design into easy to read code with few bugs  Good programming practices like structured programming, information hiding, etc can help  There are many methods to verify the code of a module – unit testing and inspections are most commonly used  Size and complexity measures are defined and often used; common ones are LOC and cyclomatic complexity
Coding 53 Some Other Topics Related to Coding
Coding 54 Common Coding Errors
Coding 55 Common Coding Errors  Goal of programmer is to write quality code with few bugs in it  Much of effort in developing software goes in identifying and removing bugs  Common bugs which occur during coding directly or indirectly manifest themselves to a larger damage to the running program  List of common coding errors can help a programmer avoid them
Coding 56 Memory Leaks  A memory leak is a situation, where the memory is allocated to the program which is not freed subsequently  Occurs frequently in the languages which do not have automatic garbage collection  Can cause increasing usage of memory which at some point of time can lead to exceptional halt of the program  E.g char* foo(int s) { Char *output; If(s>0) Output=(char*) malloc (size) If(s==1) Return NULL /* if s==1 then mem leaked */ Return (output); }
Coding 57 Freeing an Already Freed Resource  Programmer tries to free the already freed resource  May be serious, if some malloc between the two free stmts as the freed location may get allocated to a new variable, and subsequent free will deallocate the new variable. E.g main() { char *str; Str=(char *)malloc(10); If(global==0) free(str); Free(str); /* str is already freed */ }
Coding 58 NULL Dereferencing  Occurs when we access a location that points to NULL  Improper initialization and missing the initialization in different paths leads to the NULL reference error  Can also be caused by aliases- for e.g two variables refer to same object , and one is freed and an attempt is made to dereference the second  E.g char *ch=NULL; if (x>0) { ch=‘c’; } printf(“%c”. *ch); /* ch may be NULL */ *ch=malloc(size) ch=‘c’; /* ch will be NULL if malloc returns NULL */
Coding 59 NULL Dereferencing (accessing uninitialized memory)  NULL dereference is the error of accessing initialized memory  Often occurs if data is initialized in most cases, but most cases do not get covered E.g switch(i) { case 0: s=OBJECT_1; break; case 1: s=OBJECT_2; break; } return (s); /* s not initialized for values other than 0 or 1 */
Coding 60 Lack of Unique Addresses  Aliasing creates many problems among them is violation of unique addresses when we expect different addresses.  For e.g in the string concatenation function, we expect source and destination addresses to be different.  strcat (src , destn ); /* In above function , if src is aliased to destn , then we may get a runtime error */
Coding 61 Synchronization Errors  Possible when there are multiple threads which are accessing some common resources, in a parallel program  three categories of synchronization errors: deadlocks, race condition, live lock  Deadlock example: Thread 1: synchronized (A){ synchronized (B){ } } Thread 2: synchronized (B){ synchronized (C){ } } Thread 3: synchronized (C){ synchronized (A){ } }
Coding 62 Synchronization Errors…  Race condition occurs when two threads access same resource and result depends on the order of the execution E.g class reservation { int seats_remaining ; public int reserve (int x) { if (x <= seats_remaining ) { seats_remaining -=x; return 1; } return 0; } }  Inconsistent synchronization represents the situation where there is a mix of locked and unlocked accesses to some shared variables, pariticularly if the access involves updates
Coding 63 Buffer overflow  It is a security vulnerability, can be exploited by executing arbitrary code by a malicious user E.g char s1 [1024]; void mygets ( char *str ){ int ch; while (ch= getchar () != ‘n’ && ch != ‘0 ’) *( str ++)= ch; *str = ‘0 ’; } main (){ char s2 [4]; mygets (s2 ); }  If we have malicious code in s1 and if return address of mygets() is replaced by this address by overflowing the buffer s2, then we can have the code in s1 executed
Coding 64 Other common type of errors  Array index out of bounds, care needs to be taken to see that the array index values are not negative and do not exceed their bounds  Enumerated data types can lead to overflow and underflow errors, care should be taken while assuming the values of such types typedef enum {A, B,C, D} grade ; void foo( grade x){ int l,m; l= GLOBAL_ARRAY [x -1]; /* Underflow when A */ m= GLOBAL_ARRAY [x +1]; /* Overflow when D and size of array is 4 */ }
Coding 65 Other common type of errors..  Arithmetic exceptions, include errors like divide by zero and floating point exceptions  Off by one errors like starting variable at 1 instead of starting at 0 or vice versa, writing <= N instead of < N or vice versa etc.  String handling errors like failure of string handling functions e.g strcpy, sprintf, gets etc.  Illegal use of & instead of &&, arises if non short circuit logic (like & or |) is used instead of short circuit logic (&& or ||) E.g if(object!null &object.getTitle()!=null) /* Here second operation can cause a null dereference */
Coding 66 Proving Correctness
Coding 67 Background  Ultimate goal of verification techniques is to make programs correct by removing errors  Proving a program as correct while developing it may result in more reliable program that can be proved more easily  Any proof technique must begin with a formal specification of the program  Stating the goal of the program is not sufficient  Input conditions in which the program is to be invoked (pre conditions) and expected valid results (post conditions) should also be mentioned.
Coding 68 Axiomatic Approach  Axiomatic method (Floyd-Hoare proof method) is one method for proving correctness  Goal is to take the program and construct a sequence of assertions, and the rules and axioms about statements and operations in the program  Basic assertion about a program in Hoare’s notation P{S}Q P – precondition, Q – post condition, S- program segment  These assertions are about the values taken by the variables in the program before and after its execution
Coding 69 Axiomatic approach…  Some rules and axioms are necessary in order to prove the theorem of the form P{S}Q  Let us consider a simple programming language which deals with integers and has types of statements 1) assignment 2) conditional 3)iterative statement
Coding 70 Axiom of Assignment  Consider an assignment statement of the form x:=f where x is an identifier, f is an expression without any side affects  Any assertion that is true about x after the assignment must be true of the expression f before the assignment  The axiom is stated as P is the post condition of the program segment containing only the assignment statement is an assertion obtained by substituting f for all occurrences of x in the assertion P. P f x Px f } : {  x f P
Coding 71 Rule of composition  Rule for sequential composition where two statements S1 and S2 are executed in sequence P {S1 }Q,Q {S2 }R P{S1;S2}R  Using this rule if we can prove P{S1}Q and Q{S2}R, we can claim that if before execution the pre- condition P holds, then after execution of the program segment S1;S2 the post condition R will hold  In other words, from the proofs of simple statements, proofs of programs (sequence of statements) will be constructed
Coding 72 Rule for Alternate Statement  Rule for an If statement, entire If statement is treated as one construct  Two types of If statement, one with an else and one without. The rules for both are P ∩ B{S}Q, P ∩ ~ B  Q ______________________ P { if B then S} Q P ∩ B{S}Q, P ∩ B{S2} Q ______________________ P { if B then S1 else S2} Q
Coding 73 Rule for Alternate Statement  If we can show that starting in the state where P∩B is true and executing S1or starting in a state where P∩~B is true and executing the statement S2,both lead to the post condition Q  Hence, the statement: if-then-else statement is executed with pre-condition P, the post condition Q will be hold after the execution of the statement, can be inferred.  Similarly the if-then statement
Coding 74 Rules of Consequence  Used to prove new theorems from the ones we have already proved P {S} R, RQ _____________ P {S} Q P R, R{S}Q _____________ P {S} Q  If the execution of a program ensures that an assertion Q is true after execution of a program, then it also ensures that every assertion logically implied by Q is also true after execution  If a pre-condition ensures that a post condition is true after the execution of a program, then every condition that logically implies the pre-condition will also ensure that the post-condition holds after execution of the program.
Coding 75 Rule of Iteration  Let us consider while loop of the form while B do S  Let P be an assertion that will be true when the loop terminates  P will hold true after every execution of statement S, and will be true before every execution of S, because the condition that holds true after an execution of S will be the condition for the next execution of S P ∩ B{S}P ______________________ P {while B do S}P∩ ~B  Furthermore, we know that the condition B is false when the loop terminates and is true whenever S is executed
Coding 76 An Example (* Remainder of x/y ) Begin q:=0; r:=x; While r≥y do Begin r:=r - y; q:=q+1; end end Pre-condition: P={x ≥ 0 ∩ y>0} Post-condition: Q={x=qy+r ∩ 0≤r<y}
Coding 77 Example…  First statement before the end of the program is the loop  Removing ~B from Q, factor Q into a form like I ∩~B, Choose I as an Invariant  ~B={r<y}, Q={x=qy+r ∩ 0≤r<y}, Invariant I is {x=qy+r ∩ 0≤r}  Using the assignment axiom and the precondition for statement 7 x=(q+1)y+r ∩ 0 ≤r{q:=q+1}I  Using the assignment axiom for statement 6, we get pre-condition for statement 6 as x=(q+1)y+(r - y) ∩ 0 ≤(r-y) which is the same as x=qy+r ∩y ≤r  Using the rule of composition (for statements 6 and 7) x=qy+r ∩ y ≤r{r:=r-y;q:q+1}I  Because x=qy+r ∩ y ≤r  I ∩ B, by rule of consequence and the rule for the while loop, we have I{while loop in program}I ∩ ~(r≥y)
Coding 78 Example…  For the statements before the loop (i.e., statement 2 and 3) Post condition for these statements is I  Using the axiom of assignment, we first replace r with x and then replace q with 0 to get (x=x ∩0 ≤x) (0 ≤x)  Composing these statements with the while statement, we get 0 ≤x{the entire program} I ∩~B  Because (I ∩~B) is the post condition Q of the program and 0 ≤x is the pre-condition, the program is proved to be correct

More Related Content

What's hot (20)

PPTX
Types Of Coding Languages: A Complete Guide To Master Programming
calltutors
 
PPTX
Programming process and flowchart
hermiraguilar
 
PPTX
Basic programming concepts
salmankhan570
 
PPT
Input devices_(Mouse and Keyboard)
Hossain Md Shakhawat
 
PPT
Ppt on different types of computer viruses
jnnj
 
PPTX
instruction cycle ppt
sheetal singh
 
PDF
Language processors
eShikshak
 
PPTX
Algorithm and flowchart
Rabin BK
 
PPTX
Compiler vs interpreter
Paras Patel
 
PDF
pdf c programming language.pdf
VineethReddy560178
 
PPTX
Interpreter
ShahDhruv21
 
PPTX
Assembly and Machine Code
Project Student
 
PPTX
Qbasic Tutorial
Joy Hilary Yambao
 
PPT
Pipelining
Amin Omi
 
PPTX
Operating Systems
Harshith Meela
 
PPTX
The Phases of a Compiler
Radhika Talaviya
 
PPTX
Exception Handling in VB.Net
rishisingh190
 
PPT
Keyboard
Sulekha Vij
 
PPT
Jumps in Assembly Language.
NA000000
 
PPTX
Threads .ppt
meet darji
 
Types Of Coding Languages: A Complete Guide To Master Programming
calltutors
 
Programming process and flowchart
hermiraguilar
 
Basic programming concepts
salmankhan570
 
Input devices_(Mouse and Keyboard)
Hossain Md Shakhawat
 
Ppt on different types of computer viruses
jnnj
 
instruction cycle ppt
sheetal singh
 
Language processors
eShikshak
 
Algorithm and flowchart
Rabin BK
 
Compiler vs interpreter
Paras Patel
 
pdf c programming language.pdf
VineethReddy560178
 
Interpreter
ShahDhruv21
 
Assembly and Machine Code
Project Student
 
Qbasic Tutorial
Joy Hilary Yambao
 
Pipelining
Amin Omi
 
Operating Systems
Harshith Meela
 
The Phases of a Compiler
Radhika Talaviya
 
Exception Handling in VB.Net
rishisingh190
 
Keyboard
Sulekha Vij
 
Jumps in Assembly Language.
NA000000
 
Threads .ppt
meet darji
 

Similar to 9-Coding.ppt (20)

PPT
7-CodingAndUT.ppt
DuraisamySubramaniam1
 
PPT
Coding
Anand Mutyala
 
PPT
Coding
Vishal Singh
 
PPTX
Coding standard and coding guideline
Dhananjaysinh Jhala
 
PPT
Jeremiah Yancy - Objectives for Software design and testing
Jeremiah Yancy
 
PPT
11. Lecture 19 Code standards and review.ppt
MaddalaSeshu
 
PPT
Programming Fundamentals - Lecture 1.ppt
FarhanGhafoor7
 
PDF
Source Code Quality
Alberto Simões
 
PPTX
Programming style guildelines
Rich Nguyen
 
PPT
Software coding &amp; testing, software engineering
Rupesh Vaishnav
 
PDF
Software Craftmanship - Cours Polytech
yannick grenzinger
 
PPTX
Software engineering topics,coding phase in sdlc
dhandesumit71
 
PPTX
Principles of programming
Rob Paok
 
PPT
MPP-UPNVJ
M. Misdianto, MSc.
 
PPT
Software development slides
iarthur
 
PPTX
introduction to computing & programming
Kalai Selvi
 
PPTX
Clean code
Simon Sönnby
 
PPTX
COM1407: Structured Program Development
Hemantha Kulathilake
 
PPTX
Unit iv
Sangeetha Rangarajan
 
PPTX
7a Good Programming Practice.pptx
DylanTilbury1
 
7-CodingAndUT.ppt
DuraisamySubramaniam1
 
Coding
Anand Mutyala
 
Coding
Vishal Singh
 
Coding standard and coding guideline
Dhananjaysinh Jhala
 
Jeremiah Yancy - Objectives for Software design and testing
Jeremiah Yancy
 
11. Lecture 19 Code standards and review.ppt
MaddalaSeshu
 
Programming Fundamentals - Lecture 1.ppt
FarhanGhafoor7
 
Source Code Quality
Alberto Simões
 
Programming style guildelines
Rich Nguyen
 
Software coding &amp; testing, software engineering
Rupesh Vaishnav
 
Software Craftmanship - Cours Polytech
yannick grenzinger
 
Software engineering topics,coding phase in sdlc
dhandesumit71
 
Principles of programming
Rob Paok
 
MPP-UPNVJ
M. Misdianto, MSc.
 
Software development slides
iarthur
 
introduction to computing & programming
Kalai Selvi
 
Clean code
Simon Sönnby
 
COM1407: Structured Program Development
Hemantha Kulathilake
 
Unit iv
Sangeetha Rangarajan
 
7a Good Programming Practice.pptx
DylanTilbury1
 
Ad

More from KomalSinghGill (11)

PDF
Software requirement specifications document.pdf
KomalSinghGill
 
PDF
junit-160729073220 eclipse software testing.pdf
KomalSinghGill
 
PDF
testplan software testing planing tests.pdf
KomalSinghGill
 
PPTX
Introduction_to_Maven eclipse sw testing.pptx
KomalSinghGill
 
PPT
2. Lect 27 to 28 White box s/w testing.ppt
KomalSinghGill
 
PPTX
Introduction_to_Maven software testing.pptx
KomalSinghGill
 
PPTX
Software Testing life cycle presentation.pptx
KomalSinghGill
 
PPTX
basic software testing principles and obectives.pptx
KomalSinghGill
 
PPT
Ackerman-p99.ppt
KomalSinghGill
 
PPT
6&8-Design.ppt
KomalSinghGill
 
PDF
Process Modelling and DFD.pdf
KomalSinghGill
 
Software requirement specifications document.pdf
KomalSinghGill
 
junit-160729073220 eclipse software testing.pdf
KomalSinghGill
 
testplan software testing planing tests.pdf
KomalSinghGill
 
Introduction_to_Maven eclipse sw testing.pptx
KomalSinghGill
 
2. Lect 27 to 28 White box s/w testing.ppt
KomalSinghGill
 
Introduction_to_Maven software testing.pptx
KomalSinghGill
 
Software Testing life cycle presentation.pptx
KomalSinghGill
 
basic software testing principles and obectives.pptx
KomalSinghGill
 
Ackerman-p99.ppt
KomalSinghGill
 
6&8-Design.ppt
KomalSinghGill
 
Process Modelling and DFD.pdf
KomalSinghGill
 
Ad

Recently uploaded (20)

PDF
'' IMPORTANCE OF EXCLUSIVE BREAST FEEDING ''
SHAHEEN SHAIKH
 
PDF
LAW OF CONTRACT (5 YEAR LLB & UNITARY LLB )- MODULE - 1.& 2 - LEARN THROUGH P...
APARNA T SHAIL KUMAR
 
PDF
CEREBRAL PALSY: NURSING MANAGEMENT .pdf
PRADEEP ABOTHU
 
PPTX
How to Set Maximum Difference Odoo 18 POS
Celine George
 
PPTX
ASRB NET 2023 PREVIOUS YEAR QUESTION PAPER GENETICS AND PLANT BREEDING BY SAT...
Krashi Coaching
 
PDF
DIGESTION OF CARBOHYDRATES,PROTEINS,LIPIDS
raviralanaresh2
 
PDF
Zoology (Animal Physiology) practical Manual
raviralanaresh2
 
PDF
People & Earth's Ecosystem -Lesson 2: People & Population
marvinnbustamante1
 
PPTX
How to Configure Lost Reasons in Odoo 18 CRM
Celine George
 
PPTX
2025 Winter SWAYAM NPTEL & A Student.pptx
Utsav Yagnik
 
PPT
Talk on Critical Theory, Part II, Philosophy of Social Sciences
Soraj Hongladarom
 
PDF
BÀI TẬP BỔ TRỢ THEO LESSON TIẾNG ANH - I-LEARN SMART WORLD 7 - CẢ NĂM - CÓ ĐÁ...
Nguyen Thanh Tu Collection
 
PPTX
Gall bladder, Small intestine and Large intestine.pptx
rekhapositivity
 
PDF
ARAL_Orientation_Day-2-Sessions_ARAL-Readung ARAL-Mathematics ARAL-Sciencev2.pdf
JoelVilloso1
 
PDF
CONCURSO DE POESIA “POETUFAS – PASSOS SUAVES PELO VERSO.pdf
Colégio Santa Teresinha
 
PPTX
STAFF DEVELOPMENT AND WELFARE: MANAGEMENT
PRADEEP ABOTHU
 
PPTX
How to Manage Promotions in Odoo 18 Sales
Celine George
 
PPTX
How to Configure Prepayments in Odoo 18 Sales
Celine George
 
PDF
ARAL-Orientation_Morning-Session_Day-11.pdf
JoelVilloso1
 
PPTX
Soil and agriculture microbiology .pptx
Keerthana Ramesh
 
'' IMPORTANCE OF EXCLUSIVE BREAST FEEDING ''
SHAHEEN SHAIKH
 
LAW OF CONTRACT (5 YEAR LLB & UNITARY LLB )- MODULE - 1.& 2 - LEARN THROUGH P...
APARNA T SHAIL KUMAR
 
CEREBRAL PALSY: NURSING MANAGEMENT .pdf
PRADEEP ABOTHU
 
How to Set Maximum Difference Odoo 18 POS
Celine George
 
ASRB NET 2023 PREVIOUS YEAR QUESTION PAPER GENETICS AND PLANT BREEDING BY SAT...
Krashi Coaching
 
DIGESTION OF CARBOHYDRATES,PROTEINS,LIPIDS
raviralanaresh2
 
Zoology (Animal Physiology) practical Manual
raviralanaresh2
 
People & Earth's Ecosystem -Lesson 2: People & Population
marvinnbustamante1
 
How to Configure Lost Reasons in Odoo 18 CRM
Celine George
 
2025 Winter SWAYAM NPTEL & A Student.pptx
Utsav Yagnik
 
Talk on Critical Theory, Part II, Philosophy of Social Sciences
Soraj Hongladarom
 
BÀI TẬP BỔ TRỢ THEO LESSON TIẾNG ANH - I-LEARN SMART WORLD 7 - CẢ NĂM - CÓ ĐÁ...
Nguyen Thanh Tu Collection
 
Gall bladder, Small intestine and Large intestine.pptx
rekhapositivity
 
ARAL_Orientation_Day-2-Sessions_ARAL-Readung ARAL-Mathematics ARAL-Sciencev2.pdf
JoelVilloso1
 
CONCURSO DE POESIA “POETUFAS – PASSOS SUAVES PELO VERSO.pdf
Colégio Santa Teresinha
 
STAFF DEVELOPMENT AND WELFARE: MANAGEMENT
PRADEEP ABOTHU
 
How to Manage Promotions in Odoo 18 Sales
Celine George
 
How to Configure Prepayments in Odoo 18 Sales
Celine George
 
ARAL-Orientation_Morning-Session_Day-11.pdf
JoelVilloso1
 
Soil and agriculture microbiology .pptx
Keerthana Ramesh
 

9-Coding.ppt

  • 2. Coding 2 Coding  Goal is to implement the design in best possible manner  Coding affects testing and maintenance  As testing and maintenance costs are high, aim of coding activity should be to write code that reduces them  Hence, goal should not be to reduce coding cost, but testing and maint cost, i.e. make the job of tester and maintainer easier
  • 3. Coding 3 Coding…  Code is read a lot more  Coders themselves read the code many times for debugging, extending etc  Maintainers spend a lot of effort reading and understanding code  Other developers read code when they add to existing code  Hence, code should be written so it is easy to understand and read, not easy to write!
  • 4. Coding 4 Coding…  Having clear goal for coding will help achieve them  Weinberg experiment showed that coders achieve the goal they set  Diff coders were given the same problem  But different objectives were given to diff programmers – minimize effort, min size, min memory, maximize clarity, max output clarity  Final programs for diff programmers generally satisfied the criteria given to them
  • 5. Coding 5 Weinberg experiment.. Resulting Rank (1=best) O1 o2 o3 o4 o5 Minimize Effort (o1) Minimize prog size (o2) Minimize memory (o3) Maximize code clarity (o4) Maximize output clarity (o5) 1 4 4 5 3 2-3 1 2 3 5 5 2 1 4 4 4 3 3 2 2 2-3 5 5 1 1
  • 6. Coding 6 Programming Principles  The main goal of the programmer is write simple and easy to read programs with few bugs in it  Of course, the programmer has to develop it quickly to keep productivity high  There are various programming principles that can help write code that is easier to understand (and test…)
  • 7. Coding 7 Structured Programming  Structured programming started in the 70s, primarily against indiscriminate use of control constructs like gotos  Goal was to simplify program structure so it is easier to argue about programs  Is now well established and followed
  • 8. Coding 8 Structured Programming…  A program has a static structure which is the ordering of stmts in the code – and this is a linear ordering  A program also has dynamic structure –order in which stmts are executed  Both dynamic and static structures are ordering of statements  Correctness of a program must talk about the dynamic structure
  • 9. Coding 9 Structured Programming…  To show a program as correct, we must show that its dynamic behavior is as expected  But we must argue about this from the code of the program, i.e. the static structure  I.e program behavior arguments are made on the static code  This will become easier if the dynamic and static structures are similar  Closer correspondence will make it easier to understand dynamic behavior from static structure  This is the idea behind structured programming
  • 10. Coding 10 Structured Programming…  Goal of structured programming is to write programs whose dynamic structure is same as static  I.e. stmts are executed in the same order in which they are present in code  As stmts organized linearly, the objective is to develop programs whose control flow is linear
  • 11. Coding 11 Structured Programming…  Meaningful programs cannot be written as seq of simple stmts  To achieve the objectives, structured constructs are to be used  These are single-entry-single-exit constructs  With these, execution of the stmts can be in the order they appear in code  The dynamic and static order becomes same
  • 12. Coding 12 Structured Programming…  Each structured construct should also have a clear behavior  Then we can compose behavior of stmts to understand behavior of programs  Hence, arbitrary single-entry-single-exit constructs will not help  It can be shown that a few constructs like while, if, and sequencing suffice for writing any type of program
  • 13. Coding 13 Structured Programming…  SP was promulgated to help formal verification of programs  Without linear flow, composition is hard and verification difficult  But, SP also helps simplify the control flow of programs, making them easier to understand and argue about  SP is an accepted and standard practice today – modern languages support it well
  • 14. Coding 14 Information Hiding  Software solutions always contain data structures that hold information  Programs work on these DS to perform the functions they want  In general only some operations are performed on the information, i.e. the data is manipulated in a few ways only  E.g. on a bank’s ledger, only debit, credit, check cur balance etc are done
  • 15. Coding 15 Information Hiding…  Information hiding – the information should be hidden; only operations on it should be exposed  I.e. data structures are hidden behind the access functions, which can be used by programs  Info hiding reduces coupling  This practice is a key foundation of OO and components, and is also widely used today
  • 16. Coding 16 Some Programming Practices  Control constructs: Use only a few structured constructs (rather than using a large no of constructs)  Goto: Use them sparingly, and only when the alternatives are worse  Info hiding: Use info hiding  Use-defined types: use these to make the programs easier to read
  • 17. Coding 17 Some Programming Practices..  Nesting: Avoid heavy nesting of if-then- else; if disjoint nesting can be avoided  Module size: Should not be too large – generally means low cohesion  Module interface: make it simple  Robustness: Handle exceptional situations  Side effects: Avoid them, document
  • 18. Coding 18 Some Programming Practices..  Empty catch block: always have some default action rather than empty  Empty if, while: bad practice  Read return: should be checked for robustness  Return from finally: should not return from finally  Correlated parameters: Should check for compatibility
  • 19. Coding 19 Coding Standards  Programmers spend more time reading code than writing code  They read their own code as well as other programmers code  Readability is enhanced if some coding conventions are followed by all  Coding standards provide these guidelines for programmers  Generally are regarding naming, file organization, statements/declarations, …  Some Java conventions discussed here
  • 20. Coding 20 Coding Standards…  Naming conventions  Package name should be in lower case (mypackage, edu.iitk.maths)  Type names should be nouns and start with uppercase (Day, DateOfBirth,…)  Var names should be nouns in lowercase; vars with large scope should have long names; loop iterators should be i, j, k…  Const names should be all caps  Method names should be verbs starting with lower case (eg getValue())  Prefix is should be used for boolean methods
  • 21. Coding 21 Coding Standards…  Files  Source files should have .java extension  Each file should contain one outer class and the name should be same as file  Line length should be less than 80; if longer continue on another line…
  • 22. Coding 22 Coding Standards…  Statements  Vars should be initialized where declared in the smallest possible scope  Declare related vars together; unrelated vars should be declared separately  Class vars should never be declared public  Loop vars should be initialized just before the loop  Avoid using break and continue in loops  Avoid executable stmts in conditionals  Avoid using the do… while construct
  • 23. Coding 23 Coding Standards…  Commenting and layout  Single line comments for a block should be aligned with the code block  There should be comments for all major vars explaining what they represent  A comment block should start with a line with just /* and end with a line with */  Trailing comments after stmts should be short and on the same line
  • 24. Coding 24 Coding Process  Coding starts when specs for modules from design is available  Usually modules are assigned to programmers for coding  In top-down development, top level modules are developed first; in bottom-up lower levels modules  For coding, developers use different processes; we discuss some here
  • 25. Coding 25 An Incremental Coding Process  Basic process: Write code for the module, unit test it, fix the bugs  It is better to do this incrementally – write code for part of functionality, then test it and fix it, then proceed  I.e. code is built code for a module incrementally
  • 27. Coding 27 Test Driven Development  This coding process changes the order of activities in coding  In TDD, programmer first writes the test scripts and then writes the code to pass the test cases in the script  This is done incrementally  Is a relatively new approach, and is a part of the extreme programming (XP)
  • 28. Coding 28 TDD…  In TDD, you write just enough code to pass the test  I.e. code is always in sync with the tests and gets tested by the test cases  Not true in code first approach, as test cases may only test part of functionality  Responsibility to ensure that all functionality is there is on test case design, not coding  Help ensure that all code is testable
  • 29. Coding 29 TDD…  Focus shifts to how code will be used as test cases are written first  Helps validate user interfaces specified in the design  Focuses on usage of code  Functionality prioritization happens naturally  Has possibility that special cases for which test cases are not possible get left out  Code improvement through refactoring will be needed to avoid getting a messy code
  • 31. Coding 31 Pair Programming  Also a coding process that has been proposed as key practice in XP  Code is written by pair of programmers rather than individuals  The pair together design algorithms, data structures, strategies, etc.  One person types the code, the other actively reviews what is being typed  Errors are pointed out and together solutions are formulated  Roles are reversed periodically
  • 32. Coding 32 Pair Programming…  PP has continuous code review, and reviews are known to be effective  Better designs of algos/DS/logic/…  Special conditions are likely to be dealt with better and not forgotten  It may, however, result in loss of productivity  Ownership and accountability issues are also there  Effectiveness is not yet fully known
  • 33. Coding 33 Source Code Control and Built  Source code control is an essential step programmers have to do  Generally tools like CVS, VSS are used  A tool consists of repository, which is a controlled directory structure  The repository is the official source for all the code files  System build is done from the files in the repository only  Tool typically provides many commands to programmers
  • 34. Coding 34 Source code control…  Checkout a file: by this a programmer gets a local copy that can be modified  Check in a file: changed files are uploaded in the repository and change is then available to all  Tools maintain complete change history and all older versions can be recovered  Source code control is an essential tool for developing large projects and for coordination
  • 35. Coding 35 Verification  Code has to be verified before it can be used by others  Here we discuss only verification of code written by a programmer (system verification is discussed in testing)  There are many different techniques; key ones – unit testing, inspection, and program checking  Program checking can also be used at the system level
  • 36. Coding 36 Code Inspections  The inspection process can be applied to code with great effectiveness  Inspections held when code has compiled and a few tests passed  Usually static tools are also applied before inspections  Inspection team focuses on finding defects and bugs in code  Checklists are generally used to focus the attention on defects
  • 37. Coding 37 Code Inspections…  Some items in a checklist  Do all pointers point to something  Are all vars and pointers initialized  Are all array indexes within bounds  Will all loops always terminate  Any security flaws  Is input data being checked  Obvious inefficiencies
  • 38. Coding 38 Code inspections…  Are very effective and are widely used in industry (many require all critical code segments to be inspected)  Is also expensive; for non critical code one person inspection may be used  Code reading is self inspection  A structured approach where code is read inside- out  Is also very effective
  • 39. Coding 39 Unit Testing  Is testing, except the focus is the module a programmer has written  Most often UT is done by the programmer himself  UT will require test cases for the module – will discuss in testing  UT also requires drivers to be written to actually execute the module with test cases  Besides the driver and test cases, tester needs to know the correct outcome as well
  • 40. Coding 40 Unit Testing…  If incremental coding is being done, then complete UT needs to be automated  Otherwise, repeatedly doing UT will not be possible  There are tools available to help  They provide the drivers  Test cases are programmed, with outcomes being checked in them  I.e. UT is a script that returns pass/fail
  • 41. Coding 41 Unit Testing…  There are frameworks like Junit that can be used for testing Java classes  Each test case is a method which ends with some assertions  If assertions hold, the test case pass, otherwise it fails  Complete execution and evaluation of the test cases is automated  For enhancing the test script, additional test cases can be added easily
  • 42. Coding 42 Static Analysis  These are tools to analyze program sources and check for problems  Static analyzer cannot find all bugs and often cannot be sure of the bugs it finds as it is not executing the code  So there is noise in their output  Many different tools available that use different techniques  They are effective in finding bugs like memory leak, dead code, dangling pointers,..
  • 43. Coding 43 Formal Verification  These approaches aim to prove the correctness of the program  I.e. the program implements its specifications  Require formal specifications for the program, as well as rules to interpret the program  Was an active area of research; scalability issues became the bottleneck  Used mostly in very critical situations, as an additional approach
  • 44. Coding 44 Metrics for Size  LOC or KLOC  non-commented, non blank lines is a standard definition  Generally only new or modified lines are counted  Used heavily, though has shortcomings
  • 45. Coding 45 Metrics for Size…  Halstead’s Volume  n1: no of distinct operators  n2: no of distinct operands  N1: total occurrences of operators  N2: Total occurrences of operands  Vocabulary, n = n1 + n2  Length, N = N1 + N2  Volume, V = N log2(n)
  • 46. Coding 46 Metrics for Complexity  Cyclomatic Complexity is perhaps the most widely used measure  Represents the program by its control flow graph with e edges, n nodes, and p parts  Cyclomatic complexity is defined as V(G) = e- n+p  This is same as the number of linearly independent cycles in the graph  And is same as the number of decisions (conditionals) in the program plus one
  • 47. Coding 47 Cyclomatic complexity example… 1. { 2. i=1; 3. while (i<=n) { 4. J=1; 5. while(j <= i) { 6. If (A[i]<A[j]) 7. Swap(A[i], A[j]); 8. J=j+1;} 9. i = i+1;} 10. }
  • 49. Coding 49 Example…  V(G) = 10-7+1 = 4  Independent circuits 1. b c e b 2. b c d e b 3. a b f a 4. a g a  No of decisions is 3 (while, while, if); complexity is 3+1 = 4
  • 50. Coding 50 Complexity metrics…  Halsteads  N2/n2 is avg times an operand is used  If vars are changed frequently, this is larger  Ease of reading or writing is defined as D = (n1*N2)/(2*n2)  There are others, e.g. live variables, knot count..
  • 51. Coding 51 Complexity metrics…  The basic use of these is to reduce the complexity of modules  One suggestion is that cyclomatic complexity should be less than 10  Another use is to identify high complexity modules and then see if their logic can be simplified
  • 52. Coding 52 Summary  Goal of coding is to convert a design into easy to read code with few bugs  Good programming practices like structured programming, information hiding, etc can help  There are many methods to verify the code of a module – unit testing and inspections are most commonly used  Size and complexity measures are defined and often used; common ones are LOC and cyclomatic complexity
  • 53. Coding 53 Some Other Topics Related to Coding
  • 55. Coding 55 Common Coding Errors  Goal of programmer is to write quality code with few bugs in it  Much of effort in developing software goes in identifying and removing bugs  Common bugs which occur during coding directly or indirectly manifest themselves to a larger damage to the running program  List of common coding errors can help a programmer avoid them
  • 56. Coding 56 Memory Leaks  A memory leak is a situation, where the memory is allocated to the program which is not freed subsequently  Occurs frequently in the languages which do not have automatic garbage collection  Can cause increasing usage of memory which at some point of time can lead to exceptional halt of the program  E.g char* foo(int s) { Char *output; If(s>0) Output=(char*) malloc (size) If(s==1) Return NULL /* if s==1 then mem leaked */ Return (output); }
  • 57. Coding 57 Freeing an Already Freed Resource  Programmer tries to free the already freed resource  May be serious, if some malloc between the two free stmts as the freed location may get allocated to a new variable, and subsequent free will deallocate the new variable. E.g main() { char *str; Str=(char *)malloc(10); If(global==0) free(str); Free(str); /* str is already freed */ }
  • 58. Coding 58 NULL Dereferencing  Occurs when we access a location that points to NULL  Improper initialization and missing the initialization in different paths leads to the NULL reference error  Can also be caused by aliases- for e.g two variables refer to same object , and one is freed and an attempt is made to dereference the second  E.g char *ch=NULL; if (x>0) { ch=‘c’; } printf(“%c”. *ch); /* ch may be NULL */ *ch=malloc(size) ch=‘c’; /* ch will be NULL if malloc returns NULL */
  • 59. Coding 59 NULL Dereferencing (accessing uninitialized memory)  NULL dereference is the error of accessing initialized memory  Often occurs if data is initialized in most cases, but most cases do not get covered E.g switch(i) { case 0: s=OBJECT_1; break; case 1: s=OBJECT_2; break; } return (s); /* s not initialized for values other than 0 or 1 */
  • 60. Coding 60 Lack of Unique Addresses  Aliasing creates many problems among them is violation of unique addresses when we expect different addresses.  For e.g in the string concatenation function, we expect source and destination addresses to be different.  strcat (src , destn ); /* In above function , if src is aliased to destn , then we may get a runtime error */
  • 61. Coding 61 Synchronization Errors  Possible when there are multiple threads which are accessing some common resources, in a parallel program  three categories of synchronization errors: deadlocks, race condition, live lock  Deadlock example: Thread 1: synchronized (A){ synchronized (B){ } } Thread 2: synchronized (B){ synchronized (C){ } } Thread 3: synchronized (C){ synchronized (A){ } }
  • 62. Coding 62 Synchronization Errors…  Race condition occurs when two threads access same resource and result depends on the order of the execution E.g class reservation { int seats_remaining ; public int reserve (int x) { if (x <= seats_remaining ) { seats_remaining -=x; return 1; } return 0; } }  Inconsistent synchronization represents the situation where there is a mix of locked and unlocked accesses to some shared variables, pariticularly if the access involves updates
  • 63. Coding 63 Buffer overflow  It is a security vulnerability, can be exploited by executing arbitrary code by a malicious user E.g char s1 [1024]; void mygets ( char *str ){ int ch; while (ch= getchar () != ‘n’ && ch != ‘0 ’) *( str ++)= ch; *str = ‘0 ’; } main (){ char s2 [4]; mygets (s2 ); }  If we have malicious code in s1 and if return address of mygets() is replaced by this address by overflowing the buffer s2, then we can have the code in s1 executed
  • 64. Coding 64 Other common type of errors  Array index out of bounds, care needs to be taken to see that the array index values are not negative and do not exceed their bounds  Enumerated data types can lead to overflow and underflow errors, care should be taken while assuming the values of such types typedef enum {A, B,C, D} grade ; void foo( grade x){ int l,m; l= GLOBAL_ARRAY [x -1]; /* Underflow when A */ m= GLOBAL_ARRAY [x +1]; /* Overflow when D and size of array is 4 */ }
  • 65. Coding 65 Other common type of errors..  Arithmetic exceptions, include errors like divide by zero and floating point exceptions  Off by one errors like starting variable at 1 instead of starting at 0 or vice versa, writing <= N instead of < N or vice versa etc.  String handling errors like failure of string handling functions e.g strcpy, sprintf, gets etc.  Illegal use of & instead of &&, arises if non short circuit logic (like & or |) is used instead of short circuit logic (&& or ||) E.g if(object!null &object.getTitle()!=null) /* Here second operation can cause a null dereference */
  • 67. Coding 67 Background  Ultimate goal of verification techniques is to make programs correct by removing errors  Proving a program as correct while developing it may result in more reliable program that can be proved more easily  Any proof technique must begin with a formal specification of the program  Stating the goal of the program is not sufficient  Input conditions in which the program is to be invoked (pre conditions) and expected valid results (post conditions) should also be mentioned.
  • 68. Coding 68 Axiomatic Approach  Axiomatic method (Floyd-Hoare proof method) is one method for proving correctness  Goal is to take the program and construct a sequence of assertions, and the rules and axioms about statements and operations in the program  Basic assertion about a program in Hoare’s notation P{S}Q P – precondition, Q – post condition, S- program segment  These assertions are about the values taken by the variables in the program before and after its execution
  • 69. Coding 69 Axiomatic approach…  Some rules and axioms are necessary in order to prove the theorem of the form P{S}Q  Let us consider a simple programming language which deals with integers and has types of statements 1) assignment 2) conditional 3)iterative statement
  • 70. Coding 70 Axiom of Assignment  Consider an assignment statement of the form x:=f where x is an identifier, f is an expression without any side affects  Any assertion that is true about x after the assignment must be true of the expression f before the assignment  The axiom is stated as P is the post condition of the program segment containing only the assignment statement is an assertion obtained by substituting f for all occurrences of x in the assertion P. P f x Px f } : {  x f P
  • 71. Coding 71 Rule of composition  Rule for sequential composition where two statements S1 and S2 are executed in sequence P {S1 }Q,Q {S2 }R P{S1;S2}R  Using this rule if we can prove P{S1}Q and Q{S2}R, we can claim that if before execution the pre- condition P holds, then after execution of the program segment S1;S2 the post condition R will hold  In other words, from the proofs of simple statements, proofs of programs (sequence of statements) will be constructed
  • 72. Coding 72 Rule for Alternate Statement  Rule for an If statement, entire If statement is treated as one construct  Two types of If statement, one with an else and one without. The rules for both are P ∩ B{S}Q, P ∩ ~ B  Q ______________________ P { if B then S} Q P ∩ B{S}Q, P ∩ B{S2} Q ______________________ P { if B then S1 else S2} Q
  • 73. Coding 73 Rule for Alternate Statement  If we can show that starting in the state where P∩B is true and executing S1or starting in a state where P∩~B is true and executing the statement S2,both lead to the post condition Q  Hence, the statement: if-then-else statement is executed with pre-condition P, the post condition Q will be hold after the execution of the statement, can be inferred.  Similarly the if-then statement
  • 74. Coding 74 Rules of Consequence  Used to prove new theorems from the ones we have already proved P {S} R, RQ _____________ P {S} Q P R, R{S}Q _____________ P {S} Q  If the execution of a program ensures that an assertion Q is true after execution of a program, then it also ensures that every assertion logically implied by Q is also true after execution  If a pre-condition ensures that a post condition is true after the execution of a program, then every condition that logically implies the pre-condition will also ensure that the post-condition holds after execution of the program.
  • 75. Coding 75 Rule of Iteration  Let us consider while loop of the form while B do S  Let P be an assertion that will be true when the loop terminates  P will hold true after every execution of statement S, and will be true before every execution of S, because the condition that holds true after an execution of S will be the condition for the next execution of S P ∩ B{S}P ______________________ P {while B do S}P∩ ~B  Furthermore, we know that the condition B is false when the loop terminates and is true whenever S is executed
  • 76. Coding 76 An Example (* Remainder of x/y ) Begin q:=0; r:=x; While r≥y do Begin r:=r - y; q:=q+1; end end Pre-condition: P={x ≥ 0 ∩ y>0} Post-condition: Q={x=qy+r ∩ 0≤r<y}
  • 77. Coding 77 Example…  First statement before the end of the program is the loop  Removing ~B from Q, factor Q into a form like I ∩~B, Choose I as an Invariant  ~B={r<y}, Q={x=qy+r ∩ 0≤r<y}, Invariant I is {x=qy+r ∩ 0≤r}  Using the assignment axiom and the precondition for statement 7 x=(q+1)y+r ∩ 0 ≤r{q:=q+1}I  Using the assignment axiom for statement 6, we get pre-condition for statement 6 as x=(q+1)y+(r - y) ∩ 0 ≤(r-y) which is the same as x=qy+r ∩y ≤r  Using the rule of composition (for statements 6 and 7) x=qy+r ∩ y ≤r{r:=r-y;q:q+1}I  Because x=qy+r ∩ y ≤r  I ∩ B, by rule of consequence and the rule for the while loop, we have I{while loop in program}I ∩ ~(r≥y)
  • 78. Coding 78 Example…  For the statements before the loop (i.e., statement 2 and 3) Post condition for these statements is I  Using the axiom of assignment, we first replace r with x and then replace q with 0 to get (x=x ∩0 ≤x) (0 ≤x)  Composing these statements with the while statement, we get 0 ≤x{the entire program} I ∩~B  Because (I ∩~B) is the post condition Q of the program and 0 ≤x is the pre-condition, the program is proved to be correct