Yes, we normally do this by making the customer (or a proxy if thereAl said:Little comfort to the customer who manages to break it, but a good
reason for making the customer responsible for the specification.
Ian Collins said:That's where we differ, when you use TDD, your units test /are/ your
live runnable specification. So if they pass, the code meets its
specification.
I agree that tests can only prove correctness on the platform where theKeith said:I'm skeptical. I don't believe that tests of program behavior can
prove correctness.
In my shop, acceptance tests were always run on the target platform(s).For example, suppose the code works properly when plain char is
signed, but breaks when it's unsigned. No amount of testing can
detect such a bug *unless* (a) you test on a platform where plain char
is unsigned, or (b) you make the signedness of plain char one of the
acceptance criteria (which is possible only if you happen to think of
it).
No one can, that's why we use at least two levels of testing (developer,There are plenty of potential system dependencies that are far more
subtle than the signedness of plain char. I don't see how you can
think of all of them, let alone test for all of them.
I have too many bite marks to forget that one!Remember that undefined behavior can always result in your program
behaving exactly as it should -- until it fails at the most
embarrassing possible moment.
Keith Thompson said:I'm skeptical. I don't believe that tests of program behavior can
prove correctness.
In the same sense - it meets the specification. Unfortunately,Whereas I don't believe that correctness proofs can assert that the
program works correctly in practice.
At least when you are using your tests as a runnable specification, itAl said:In the same sense - it meets the specification. Unfortunately,
specifications are often incorrect, and almost always incomplete.
Ian said:Why use a tool at all? Just adopt some agile practices such as
collective code ownership and pair programming. Way more effective than
a tool.
Ian said:...
Sorry if techniques for developing reliable C applications are
considered off topic here.
I was simply trying to point out there are often (but not always)
process techniques that can replace tools.
I'm happy with the evidence provided by the continued success of myThe usual hit-and-run tactics of agile/extreme programming
zealots. Great claims, no evidence.
Ian said:I'm happy with the evidence provided by the continued success of my
teams and their products.
But as you said else thread, techniques for
developing reliable C applications are considered off topic here.
I don't, I care that my clients and customers are happy.If you care only about whether _you're_ happy with
your conclusions, then kindly keep your opinions
to yourself. Other people are more discriminating.
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.