[StrykerKKD]

I have to nitpick.

2) You can't prove correctness with tests. You can only state that it ran correctly for that test case(s).

[ArkyBeagle]

"Proving correctness" is sort of windmill-tilting for today. Just don't despair of this :)

Good test vectors are a great investment, as are constraint checks and supporting instrumentation of said constraint checks.

[StrykerKKD]

I don't despair, because I know that to prove correctness of a program you need to use math.

For example proof assistants(like Coq, Agda, Idris, hol) are capable of proving correctness of a program.

[einrealist]

Well, usually my code does not run in space. ;)

But you are right, tests are biased. Pair programming can reduce the chance of code/tests being biased in a negative way.

[StrykerKKD]

No, I literally mean that you can't prove correctness with tests, because you would need a lot of test cases to prove the simplest function.

For example: int addOne(int input) function would need test cases for every number in the int type, which would be 2,147,483,647 * 2 + 1 test case.

[misttar]

The point of writing tests is to provide information, not prove correctness.

IE, a test is another way to explain what the developer of that test cared about, worried about, needed to verify of the code that is exercised.

Also, tests provide anothing built in consumer of the code, and all code with more consumers is better code, purely by surviving the stress.

[einrealist]

It depends on the terms we set for our tests. Usually we infer things to be correct that are out of scope. For instance, my tests usually don't cover to test the runtime or hardware before executing tests. And what if laws of physics change? No seriously, I know what you mean. But I mean correctness in the bounds we set. Those bounds are different if you write software for aviation or biometric devices or an Instagram clone.

[khedoros]

It's perfectly possible to write a function with a small enough set of arguments to make it practical to exhaustively test.

[StrykerKKD]

Well it's possible, but how many developer would rather make a new type for using the first ten integer instead of just using int?

I think random testing is a good way to get almost exhaustively tests.

[khedoros]

A developer that uses a narrower integer data type, or who wants to be clear that the argument is a member of an enumerated set of options, not an integer. What kind of developer represents non-integer data as an integer data type?

> I think random testing is a good way to get almost exhaustively tests.

I think that testing known/predictable edge and corner cases makes more sense (in some cases), but I also think that I was responding to a comment about the impossibility of using tests to prove correctness of a function, not about how to derive practical benefits despite theoretical limitations.

[StrykerKKD]

You are right, I didn't think the example through.

You are right, you can use tests to prove a function if - the function has very limited arguments and - the function is pure or does very limited amount of state change(side effect)

Generally speaking tests are not the right tool for proving program correctness.

[8note]

integers are frequently used to represent fixed point numbers anytime you're doing interesting math in an embedded system

[khedoros]

And old PC hardware, where you aren't guaranteed to have an FPU, or where integer operations were a lot quicker than FP ones.