[Grace-core] Visibility of variables and constants in Objects
Michael Homer
mwh at ecs.vuw.ac.nz
Fri Jul 5 03:29:12 PDT 2013
On Fri, Jul 5, 2013 at 9:46 PM, Kim Bruce <kim at cs.pomona.edu> wrote:
> Marco & I had a brief discussion about "private" this morning. He reminded
> me that an important use of private is to ensure that invariants can't be
> broken by subclasses. Let aList be a class representing a list via a
> reference to the head (of a linked list) and a size field. An invariant we
> would like to preserve is that the size field corresponds to the actual size
> of the list. Normally these would be declared to be private, with a public
> method that adds an element to the list after position I, for example. That
> method would insert the element into the linked list and update size.
> Similar for deletions. Because size and the head to the list are private,
> they will not be directly accessible to subclasses. As a result the
> subclasses will not be able to override or add methods that will break the
> invariant.
>
> If we have only confidential or public for fields ,then we cannot protect
> the invariant as the instance variable (and the generated methods) are
> accessible. Thus we can override the add method to increase size
> incorrectly.
The ability to override the field is a feature, just as the ability to
override methods is.
Checking invariants is the job of a separate analysis, statically or
dynamically, and of one that's actually made for the purpose.
-Michael
More information about the Grace-core
mailing list