next up previous
Next: Conclusions Up: The GNU C++ Library Previous: Performance

Specification and Testing

In part because most of them are based on ADTs, libg++ classes and utilities include some fairly effective specification and testing constructs.

Most classes themselves include an internal invariant check method OK(). Whenever invoked, this function checks a collection of run-time evaluatable constraints that must hold internally for the object to be in a consistent state (not necessarily the ``right'' state, just a legal one). For example, the OK() method in a binary search tree checks that the tree is actually ordered, and OK() in the multiple-precision integer class checks that the internal representation describes a legal integer. There are limits on these kinds of checks. For example, they cannot usually diagnose contamination or other errors surrounding dynamically allocated storage. However, they serve effectively as internal and external guides to correctness -- every public method must respect listed invariants.

The libg++ distribution also includes a number of trace tests that propel objects through states for which known properties should hold. This is where the wealth of knowledge about ADTs comes in handy. For a simple example, a stack should come back to its original state when a push; pop sequence is applied. The test suites place objects through a large number of such exercises. Of course, these measures cannot themselves guarantee total correctness. Implementation errors stemming from nonportable constructions, insufficient testing, and incompatibilities across different versions of classes do still occur.


next up previous
Next: Conclusions Up: The GNU C++ Library Previous: Performance


Doug Lea@Sun Apr 16 06:37:14 EDT 1995