|
|
Log in / Subscribe / Register

Development quotes of the week

[Posted February 5, 2020 by ris]

Writing non-trivial software that is correct (for any meaningful definition of correct) is beyond the current capabilities of the human species.
Wesley Aptekar-Cassels

Comments on how the code might be better structured would also be welcome; I'm afraid I open-coded a singly linked list in my haste...
Keith Packard
to post comments

Development quotes of the week

Posted Feb 6, 2020 14:00 UTC (Thu) by ballombe (subscriber, #9523) [Link] (11 responses)

> Writing non-trivial software that is correct (for any meaningful definition of correct) is beyond the current capabilities of the human species.

And yet I know of 3 such software:
1. Knuth TeX
2. IJG libjpeg (not -turbo and other forks alas)
3. djb qmail.

which means that almost nobody has interest in producing correct software rather than them being impossible.

Development quotes of the week

Posted Feb 6, 2020 14:45 UTC (Thu) by cesarb (subscriber, #6266) [Link]

I believe seL4 would also be an example.

Development quotes of the week

Posted Feb 6, 2020 14:50 UTC (Thu) by pizza (subscriber, #46) [Link] (8 responses)

I'm not so sure about that. All three of those are relatively trivial, and in spite of their relatively small scopes and gargantuan efforts, still aren't completely bug-free.

Meanwhile, I'm working on an application that relies on dozen libraries/components/modules that are each easily an order of magnitude larger and more complex than those three. And several dozen components of comparable complexity.

So yes, I think the quote is (depressingly) correct.

Development quotes of the week

Posted Feb 6, 2020 15:22 UTC (Thu) by excors (subscriber, #95769) [Link]

As a corollary to the original quote: Any software which can be written correctly within the current capabilities of the human species, will be considered trivial.

Or a third way to look at it: The only limit to the complexity of software is our capability to understand it. As our capabilities improve, we write increasingly complex software to solve increasingly complex problems, so that it's always at the threshold where we can't quite understand it but are close enough to muddle through.

Development quotes of the week

Posted Feb 6, 2020 18:04 UTC (Thu) by tau (subscriber, #79651) [Link] (6 responses)

Avionics software is rigorously (though perhaps not formally) analyzed and tested for correct behavior even under complex failure conditions. It is responsible for presenting complex user interfaces and managing very intricate machinery under strict timing constraints.

In general there is very little economic demand for this level of rigor, but we do know how to practice software capital-E Engineering when the occasion calls for it.

Development quotes of the week

Posted Feb 6, 2020 18:51 UTC (Thu) by chfisher (subscriber, #106449) [Link] (5 responses)

Unless of course you are flying a 737Max

Development quotes of the week

Posted Feb 6, 2020 18:57 UTC (Thu) by excors (subscriber, #95769) [Link]

And don't forget to reboot your 787 at least once every 248 days (2^31 centiseconds).

Development quotes of the week

Posted Feb 6, 2020 19:03 UTC (Thu) by pizza (subscriber, #46) [Link] (3 responses)

Eh, not really.

Boeing followed a very strict regulated process for developing the 737 Max's avionics software. It proveably met every requirement.

The problem was that not all of the requirements were captured, and the process that was supposed to catch those errors/omissions of specification was itself insufficient, if followed at all.

Development quotes of the week

Posted Feb 6, 2020 20:04 UTC (Thu) by rgmoore (✭ supporter ✭, #75) [Link] (2 responses)

One of the comments from The Mythical Man Month that really stuck with me is that much of debugging is really debugging the specification, not the code. This is probably more true in cases where the project is underspecified, but people who expect formal correctness proofs as evidence that software is perfect need to remember it, too.

Development quotes of the week

Posted Feb 7, 2020 5:33 UTC (Fri) by ncm (guest, #165) [Link]

I don't think I am alone in having released multiple versions of ambitious software, over years, in which the only bugs discovered were specification bugs. No buffer overruns, no integer overflows, no used-after-freed or double-freed memory. Deliberate, bounded leaks, yes.

Specification bugs are much harder to prevent than any piddly sort of pointer problem.

Development quotes of the week

Posted Feb 13, 2020 3:48 UTC (Thu) by pizza (subscriber, #46) [Link]

"Beware of bugs in the above code; I have only proved it correct, not tried it." -- Donald Knuth

Development quotes of the week

Posted Feb 7, 2020 21:20 UTC (Fri) by flussence (guest, #85566) [Link]

IJG libjpeg? The one distros threw out extremely quickly once the sole maintainer started pushing proprietary incompatible extensions to the format into it with no oversight and declaring them official?


Copyright © 2020, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds