NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.
All the Perl that's Practical to Extract and Report
--Larry Wall in perl.c from the perl source code
Stories, comments, journals, and other submissions on use Perl; are Copyright 1998-2006, their respective owners.
Failure is an option (Score:2)
Case in point - today we discovered a bug in my spam scanning software that has been there for years. Hundreds of thousands of mails have triggered this bug. Yet we only just noticed it because failure wasn't a total showstopper. Creating the software with a tool like Alloy would have caught the bug (probably) but it would have also taken a hell of a lot longer to get the software written.
Re:Failure is an option (Score:2)
Depending upon what you're doing, failure may not be an option. Consider the Therac-25 [wikipedia.org], a well-known radiation therapy machine which killed at least 5 patients due to a software bug.
Or how about the doctors who were indicted for murder [baselinemag.com] because they didn't double-check the results of some software and had several patients die as a result?
On a less lethal scale, tests can be used to prevent software flaws from reappearing, but if the underlying design of the software is flawed, the fixes that go in place are often patchwork messes which merely help bad systems limp along. Eventually, many systems with core flaws can turn into a big ball of mud [laputan.org]. One of my friends is working at a company which has offered this person a huge amount of money to stay, but key flaws in their underlying software have made it very difficult for the software to scale and they may go out of business because they are having trouble keeping up with demand.
Software flaws caught at design time are usually less expensive to fix than post-deployment flaws and the larger the project, the more likely it is to have serious design flaws. Any tool which might help catch those flaws up front seems worth looking at.
To be honest, I'm not sure what you're getting at. I'm sure plenty of programmers have horror stories about software flaws driving companies into bankruptcy (the article I point to mentions this in regards to United Airlines, but plenty of smaller companies have issues like this and I've seen it firsthand).
Reply to This
Parent
Re:Failure is an option (Score:2)
So what happens is that software developers don't get trained in formal design methodology, or if they do, they
Re:Failure is an option (Score:1)
First of all, most programmers do work in enviroments where bugs matter - the internet. If your web enabled CRUD app has an exploitable vulnerability, then you risk both exposing the rest of us on the internet to DDoS attacks, worms, etc from your script kiddy owned host, and the fraud or damage to your reputation which can result from a more savvy attacker.
Second, code reuse means that what looks like a non critical bug can quickly become cata
Re:Failure is an option (Score:2)
I'm basically saying that a lot of places and jobs would like to do better, but can't afford it (again, mostly not due to financials, as catching these bugs later is more expensive, but due to time-to-market pressures).
Re:Failure is an option (Score:1)
The problem with the "I would like to, but it costs too much" argument, is that when inevitably something bad happens, the rest of us have to pay for it. Either directly in SYN floods, indirectly through the market (phishing, cc fraud, stock scams), or worst of all, forever and ever though ill tho
Re:Failure is an option (Score:2)
It's funny, I almost wish we as software developers had ignored Y2K. Show the public what a real disaster looks like. Lets get it right for 2038, eh?
Re:Failure is an option (Score:2)
The Therac 25 is a really important story, but it is an outlier, and ultimately not relevant to most discussions about bugs, reliability or catastrophic failure. There is no general lesson to learn from that, except to be extremely careful when working on a system where life is on the line (medical, embedded or otherwise).
Case in point: I've worked on many online publishing systems
Re:Failure is an option (Score:1)
Whether the failure is acceptable or not depends on the values of the clients, I think. Or does it?
I was thinking accidental complexity comes from the problem that the software is supposed to solve, but it looks like Brooks didn't think this way.
He said use of a high-level language frees a program from much of its accidental complexity.
I think I ha
Re:Failure is an option (Score:2)
In the systems I can remember at the moment, catastrophic failure related to essential complexity is intolerable. Catastrophic failure related to accidental complexity is accepted as part of the "cost of doing business". Prime example: IIS and Windows servers instead of something more solid, like VMS, TrustedSolaris or something even more paranoid that can run a webapp.
You could make a convincing case that the inherent complexity of a computer is a part of the
Re:Failure is an option (Score:1)
Now for my lovely little anecdote to debunk the rest of your point. Back before I worked for ActiveState, I was an IT consultant to a very large forestry company (who shall remain nameless
Re:Failure is an option (Score:2)
mock! How've you been? Where have you been hiding yourself?
Yes, they do, but not all bugs have equal weight. Not even security related bugs. Do I care if a package has a known buffer overflow if it's running inside my firewall? OK, I care, but do I care as much as I would if it's in the DMZ or on a public site? Do I care enough to patch inside the firewall first, leaving a public machine wide open?
We can trade annecdotes all day about how bugs matter or don't. In the end, thou
Re:Failure is an option (Score:1)
While I don't disagree that perspective is necessary, obviously when limited resources are