Two Wrongs Can Make a Right (and Are Difficult to Fix)

Two Wrongs Can Make a Right (and Are Difficult to Fix)

Allan Kelly

CODE NEVER LIES, BUT IT CAN CONTRADICT ITSELF. Some contradictions lead to those “How can that possibly work?” moments.

In an interview,* the principal designer of the Apollo 11 Lunar Module soft- ware, Allan Klumpp, disclosed that the software controlling the engines con- tained a bug that should have made the lander unstable. However, another bug compensated for the first, and the software was used for both Apollo 11 and 12 Moon landings before either bug was found or fixed.

Consider a function that returns a completion status. Imagine that it returns false when it should return true. Now imagine that the calling function neglects to check the return value. Everything works fine until one day some- one notices the missing check and inserts it.

Or consider an application that stores state as an XML document. Imagine that one of the nodes is incorrectly written as TimeToLive instead of TimeToDie, as the documentation says it should. Everything appears fine while the writer code and the reader code both contain the same error. But fix one, or add a new application reading the same document, and the symmetry is broken, as well as the code.

When two defects in the code create one visible fault, the methodical approach to fixing faults can itself break down. The developer gets a bug report, finds the defect, fixes it, and retests. The reported fault still occurs, however, because a second defect is at work. So the first fix is removed, the code inspected until the second underlying defect is found, and a fix applied for that. But the first defect has returned, the reported fault is still seen, and so the second fix is rolled back. The process repeats, but now the developer has dismissed two possible fixes and is looking to make a third that will never work.

* http://www.netjeff.com/humor/item.cgi?

file=ApolloComputer

172 97 Things Every Programmer Should Know

???

???????????????The interplay between two code defects that appear as one visible fault not only makes it hard to fix the problem, but also leads developers down blind alleys, only to find they tried the right answers early on.

This doesn’t happen only in code: the problem also exists in written require- ments documents. And it can spread, virally, from one place to another. An error in the code compensates for an error in the written description.

It can spread to people, too: users learn that when the application says Left, it means Right, so they adjust their behavior accordingly. They even pass it on to new users: “Remember when that applications says ‘click the left button,’ it really means the button on the right.” Fix the bug, and suddenly the users need retraining.

Single wrongs can be easy to spot and easy to fix. It is the problems with multi- ple causes, needing multiple changes, that are harder to resolve. In part, this is because easy problems are so easily fixed that people tend to fix them relatively quickly and store up the more difficult problems for a later date.

There is no simple advice for how to address faults arising from sympathetic defects. Awareness of the possibility, a clear head, and a willingness to consider all possibilities are needed.

时间: 2024-10-13 22:26:52

Two Wrongs Can Make a Right (and Are Difficult to Fix)的相关文章

Linux安全检测常用方法

chkrootkit | grep INFECTED ! User 24306 pts/0  grep INFECTED 查找指定的tty进程:ps aux | grep pts/0 rkhunter rkhunter --check   检测.出现红色的警告信息,请仔细检测是否已经中招了. 查看产生的日志:cat /www.qixoo.qixoo.com/var/log/rkhunter.log | grep Warning 技术分享 自动发送报告每天5点检测并发送通知邮件 crontab -

NIKE KOBE A.D. NXT PERFORMANCE REVIEW

Traction – Despite sharing the same pattern as the Nike Kobe A.D. NXT For Sale — which, thankfully, is the only performance feature the NXT has in common with the original A.D. — the traction had no issues on any surface no matter the condition. If d

hdu 5459(递推好题)

Jesus Is Here Time Limit: 1500/1000 MS (Java/Others)    Memory Limit: 65535/102400 K (Java/Others)Total Submission(s): 512    Accepted Submission(s): 368 Problem Description I've sent Fang Fang around 201314 text messages in almost 5 years. Why can't

[2016-5-4]OMG美语每日笔记-What do you think about people who talk smack about others?

坚持~坚持~坚持~! Talk smack about someone 说别人坏话 I heard you were talking smack about me to my friends.Why would you say something bad about me? 我听说你跟我朋友说我坏话,你为什么要说我坏话呢? talk behind someone's back 在背后说别人 to vent to someone 对别人诉苦 I didn't mean to talk behind

【题解】 2015 ACM/ICPC Asia Regional Shenyang Online

[1006] FangFang (暴力枚举) Fang Fang Time Limit: 1500/1000 MS (Java/Others)    Memory Limit: 65535/32768 K (Java/Others) Total Submission(s): 871    Accepted Submission(s): 364 Problem Description Fang Fang says she wants to be remembered. I promise her.

The Sorrows of Young Werther

The Sorrows of Young Werther J.W. von Goethe Thomas Carlyle and R.D. Boylan Edited by Nathen HaskellDole PREFACE I have carefully collected whatever I have been able to learnof the story of poor Werther, and here present it to you , knowing thatyou w

296句原味英语

1. I wasn't born yesterday.(我又不是三岁小孩) 2. How do I address you?(我怎么称呼你) 3. She turns me off.(她使我厌烦.) 4. So far so good.(目前为止,一切都好.) 5. Be my guest.(请便.别客气) 6. That was a close call.(太危险了/千钧一发) 7. Far from it.(一点也不.) 8. It's a pain in the neck[麻烦的事(人)]

hdu5459 Jesus Is Here(沈阳网赛)

Jesus Is Here Time Limit: 1500/1000 MS (Java/Others) Memory Limit: 65535/102400 K (Java/Others) Total Submission(s): 257 Accepted Submission(s): 175 Problem Description I've sent Fang Fang around 201314 text messages in almost 5 years. Why can't she

Bible

001 Love your neighbor as yourself.         要爱人如己.--<旧·利>19:18      002 Resentment kills a fool, and envy slays the simple.         忿怒害死愚妄人,嫉妒杀死痴迷人.--<旧·伯>5:2 003 Does a wild donkey bray when it has grass, or an ox bellow when it has fodder?