Copyright (C) 1996, 1997, P.J.Maker
Permission is granted to make and distribute verbatim copies of this manual provided the copyright notice and this permission notice are preserved on all copies.
Nana is a library that provides support for assertion checking and logging in a space and time efficient manner. The aim is to put common good practise(1) into a library that can be reused rather than writing this stuff every time you begin a new project.
In addition assertion checking and logging code can be implemented using a debugger rather than as inline code with a large saving in code space.
Nana aims to solve the following problems:
bool isempty(){ /* true iff stack is empty */ DS($s = s); /* copy s into $s in the debugger */ ...; /* code to do the operation */ DI($s == s); /* verify that s hasn't been changed */ }These `$..' variables are called convenience variables and are implemented by gdb. They have a global scope and are dynamically typed and initialised automatically to 0. In addition a C only version of before and after state is provided. For example:
bool isempty() { /* true iff stack is empty */ ID(int olds); /* declare variable to hold old value */ IS(olds = s); /* copy s into $s in the debugger */ ...; /* code to do the operation */ I(olds == s); /* verify that s hasn't been changed */ }
I(A(char *p = v, *p != '\0', p++, islower(*p)));These macros can be nested and used as normal boolean values in control constructs as well as assertions. Unfortunately they depend on the GNU CC statement value extensions and so are not portable. The following macros are defined in `Q.h':
A
E
E1
C
S
P
void process_events() { for(;;){ DS($start = $cycles); switch(get_event()){ case TOO_HOT: ...; DI($start - $cycles <= 120); break; case TOO_COLD: ...; DI($start - $cycles <= 240); break; } } }
The intended audience for Nana includes:
The Nana project was inspired by some other projects, in particular:
Anna is available from:Anna is a language for formally specifying the intended behaviour of Ada programs. It extends Ada with various different kinds of specification constructs from ones as simple as assertions, to as complex as algebraic specifications. A tool set has been implemented at Stanford for Anna, including:
- standard DIANA extension packages, parsers, pretty-printers;
- a semantic checker;
- a specification analyser;
- an annotation transformer; and
- a special debugger that allows program debugging based on formal specifications
All tools have been developed in Ada and are therefore extremely portable. Anna has thus been ported to many platforms. For more information send e-mail to "[email protected]". Before down loading the huge Anna release, you may wish to copy and read some Anna LaTeX reports.
ftp://anna.stanford.edu/pub/anna
Eiffel is a pure object-oriented language featuring multiple inheritance, polymorphism, static typing and dynamic binding, genericity (constrained and unconstrained), a disciplined exception mechanism, systematic use of assertions to promote programming by contract, and deferred classes for high-level design and analysis.
Nana is essentially a poor mans implementation of some of these ideas which works for C and C++. Ideally in the best of all possible worlds you might want to look at Eiffel or in the military world Ada and Anna. If you use TCL/TK you might also be interested in Jon Cook's `AsserTCL' package.
Most C programmers become familiar with assertions from the the
assert.h
header. As such its a very good thing and has a nice
simple implementation. However it is also inefficient and leads some
people to the conclusion that assertion checking is an expensive luxury.
The implementation of assert.h
as distributed with gcc
looks like the following (after a bit of editing):
# ifndef NDEBUG # define _assert(ex) {if (!(ex)) \ {(void)fprintf(stderr, \ "Assertion failed: file \"%s\", line %d\n", \ __FILE__, __LINE__);exit(1);}} # define assert(ex) _assert(ex) # else # define _assert(ex) # define assert(ex) # endif
There are are two main problems with this:
assert.h
had library code support we could make the implementation
much more space efficient, e.g. by calling a single function on error
detection.
Of course everyone merely rewrites their own `assert' macro so these are not significant objections. The only problem is if the author uses the libraries without modification.
This document aims to both describe the library and provide a tutorial in its use. Further work is required, particularly on the tutorial sections. If anyone has any suggestions please send them to me.
Go to the first, previous, next, last section, table of contents.