Maguire’s book is a great example of causal analysis at work. He suggests programmers ask two questions whenever they detect an error in their code: How could I have prevented this bug? and How could I have automatically detected this bug? The answers he gives to these questions are the basis of eight illuminating chapters on keeping responsibility for error detection firmly in the hands of the developers. His premise is the Microsoft corporate belief that quality assurance only finds 60 percent of errors. If developers do not get better at finding bugs before shipping the product to the testing organization, then 40 percent of the errors will be found by customers.
Maguire begins the book by showing how to use existing automation to locate errors, such as lint for C and some optional compiler warnings. He then suggests that maintaining two versions of code, code as shipped and code with debugging statements retained, makes detecting and confirming reported bugs easier and faster. He also shows how to use assertions to validate functions and eliminate unwarranted assumptions. Another preventive measure is stepping through newly compiled code with a debugger. The chapter on interface creation and validation is a gem of abstraction and modularization, but the chapter on avoiding risky code is even better. Maguire completes the book with a chapter on developing the proper attitude in a programming team and how prioritizing the values the team uses to develop code helps in error prevention.
The best feature of this book is its utility. Working programmers (especially those writing in C, which is the language of the examples), students in advanced programming courses, quality assurance specialists, and not a few managers can benefit from it. Exercises are provided for use in the classroom. I recommend this work highly for practicing software engineers and all those interested in defect-free programming.