From c3b5ad3ad8ec114850c1851014e3a63169248c22 Mon Sep 17 00:00:00 2001 From: "Amy J. Ko" Date: Tue, 3 Nov 2020 15:01:10 -0800 Subject: [PATCH] Fixed typo. --- chapters/specifications.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chapters/specifications.md b/chapters/specifications.md index 940e6fa..b78ab0e 100644 --- a/chapters/specifications.md +++ b/chapters/specifications.md @@ -48,7 +48,7 @@ These two new lines of code are essentially functional specifications that decla Assertions are related to the broader category of *error handling* language features. Error handling includes assertions, but also programming language features like exceptions and exception handlers. Error handling is a form of specification in that _checking_ for errors usually entails explicitly specifying the conditions that determine an error. For example, in the code above, the condition `Number.isInteger(a)` specifies that the parameter `a` must be an integer. Other exception handling code such as the Java `throws` statement indicates the cases in which errors can occur and the corresponding `catch` statement indicates what is to done about errors. It is difficult to implement good exception handling that provides granular, clear ways of recovering from errors. Evidence shows that modern developers are still exceptionally bad at designing for errors; one study found that errors are not designed for, few errors are tested for, and exception handling is often overly general, providing little ability for users to understand errors or for developers to debug them. These difficulties appear to be because it is difficult to imagine the vast range of errors that can occur. -Researchers have invented many forms of specification that require more work and more thought to write, but can be used to make stronger guarantees about correctness. For example, many languages support the expression of formal *pre-conditions* and *post-conditions* that represent contracts that must be kept for the program to be corect. (*Formal* means mathematical, facilitating mathematical proofs that these conditions are met). Because these contracts are essentially mathematical promises, we can build tools that automatically read a function's code and verify that what it computes exhibits those mathematical properties using automated theorem proving systems. For example, suppose we wrote some formal specifications for our example above to replace our assertions (using a fictional notation for illustration purposes): +Researchers have invented many forms of specification that require more work and more thought to write, but can be used to make stronger guarantees about correctness. For example, many languages support the expression of formal *pre-conditions* and *post-conditions* that represent contracts that must be kept for the program to be correct. (*Formal* means mathematical, facilitating mathematical proofs that these conditions are met). Because these contracts are essentially mathematical promises, we can build tools that automatically read a function's code and verify that what it computes exhibits those mathematical properties using automated theorem proving systems. For example, suppose we wrote some formal specifications for our example above to replace our assertions (using a fictional notation for illustration purposes): `javascript // pre-conditions: a in Integers, b in Integers