From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,INVALID_MSGID autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: fac41,b87849933931bc93 X-Google-Attributes: gidfac41,public X-Google-Thread: 109fba,b87849933931bc93 X-Google-Attributes: gid109fba,public X-Google-Thread: 103376,b87849933931bc93 X-Google-Attributes: gid103376,public X-Google-Thread: 1108a1,b87849933931bc93 X-Google-Attributes: gid1108a1,public X-Google-Thread: 114809,b87849933931bc93 X-Google-Attributes: gid114809,public From: dewar@merv.cs.nyu.edu (Robert Dewar) Subject: Re: OO, C++, and something much better! Date: 1997/01/29 Message-ID: #1/1 X-Deja-AN: 213013217 references: <5buodl$bci@boursy.news.erols.com> <32E2FEC7.2F7B@concentric.net> <5bvncj$gqg$1@A-abe.resnet.ucsb.edu> <32E47B4B.56D9@concentric.net> <6PI998tV3RB@herold.franken.de> <32E68D40.65EC@parcplace.com> <32E999AE.2F68@parcplace.com> <32edc09c.3000098@nntp.interaccess.com> organization: New York University newsgroups: comp.object,comp.lang.c++,comp.lang.ada,comp.lang.smalltalk,comp.lang.eiffel Date: 1997-01-29T00:00:00+00:00 List-Id: Samuel says "Yeah, I can see it that "Many Of You" just say "It Compiles, Let's Ship It" Well you are a little confused about this, what you might be arguing against, if you argument makes sense, is a viewpoint of "It is correct, let's ship it", where correctness has been established by tools, both formal and informal. Compilers are not typically very good examples of such tools, since they themselves are beyond this kind of verification. However, have a look at the SPARC examiner for something close. Would it work to ship without testing? Hard to imagine right? Obviously flies in the face of common sense right? Well common sense is not always a good guide. In practice I can't imagine not doing some basic integration testing, e.g. running at least the ACVC suite in the case of an Ada compiler -- although that's not a good example anyway, since modern compilers are far too complex to verify in either an informal or formal sense. However, it is definitely the case that unit testing is a stage that can be skipped, and indeed what quite a bit of research shows is that software quality can be improved in an environment where developers rely less on testing, and more on getting the code right in the first place. What is worrying is that a remarkable number of programmers seem completely unaware of the concept of formal reasoning about their code, and are completely unaware of tools and techniques to support such reasoning. I once had someone (who shall be nameless) working on the Ada Ed project who said to me "there is no point in worrying about being one off in a loop, you will find the error during testing anyway". Needless to say, this person did not work long on the project! It is this kind of attutide that brings you many of the high profile software screwups in this world!