Path: utzoo!censor!geac!torsqnt!news-server.csri.toronto.edu!cs.utexas.edu!uunet!hsi!stpstn!cox From: cox@stpstn.UUCP (Brad Cox) Newsgroups: comp.software-eng Subject: Re: assert() (was Re: "Program Proving") Message-ID: <4468@stpstn.UUCP> Date: 9 Apr 90 16:34:56 GMT References: <1990Mar17.063012.24979@agate.berkeley.edu> <4389@stpstn.UUCP> <4559@pegasus.ATT.COM> <47859@lanl.gov> Reply-To: cox@stpstn.UUCP (Brad Cox) Organization: Stepstone Lines: 34 In article <47859@lanl.gov> u096000@lanl.gov (Roger A. Cole) writes: >Various articles have discussed the value of assert() in producing quality >software. As a long-time programmer with a relatively recent conversion >to C, I am intrigued. I am also, in keeping with observations in various >articles, ignorant about assert(). (So are other programmers at my site.) Although this paper doesn't mention assert() by name, you might start with my paper, now being reviewed, for the Novembmer 1990 issue of IEEE Software Magazine, "Planning the Software Industrial Revolution; The Impact of OO Technologies". One section of this paper, "Technologies: Programming Languages are not sufficient", derives from Stepstone's experiences in building and supporting commercial libraries of reusable object-oriented code libraries. Since a commercial operation is continually faced with extending code that already has large numbers of clients, porting code to new platforms, and repairing defects, we were continually plagued by the problem of verifying that old client interfaces were not being changed while independently verifying that the new changes in fact complied to the new specification. The system that we presently use to do this is entirely based on programmer supplied assert() statements, of two distinct kinds: (1) structural (white box) testing, with assert()s embedded inside the product, and (2) functional (black box) testing, with assert()s contained in independent files that I call Gauges, by analogy with the gauges that played such an important part in Eli Whitney and his successors' vision of interchangeable parts. The article sketches a more ambitious system that deploys a knowledge reprersentation language as a specification/testing language. If you're interested, send me a mailing address and I'll mail a copy. I have no additional written information about how we use asserts() at this point. However I'll be teaching this approach to specification/testing as part of a Objective-C course at the UC Santa Clara Techmart Extension the last week of July.