Debug your Code, or Else!

Trevor Lovett writes "I ran across a collection of famous software bugs that have caused large scale disasters including the explosion of the Ariane 5 rocket due to integer overflow and the misfiring of a US Patriot missile that caused 28 deaths because of accumulated floating point error. "

speaks more to TESTING

[teambpsi]

It really amazing how many software project managers that don't fully understand what regression testing is all about.

Software engineers simply cannot be trusted to do more than small unit level testing! We get into a pattern of behavior, we know what to expect, and simply do not stress test the system.

Thats why I like hiring sales people and 2-year olds to test my code at the unit/integration level.

Re:speaks more to TESTING

[Junks+Jerzey]

It really amazing how many software project managers that don't fully understand what regression testing is all about.

Not in important fields like telecom. In those fields you live and die by testing, and you can be held accountable for bugs found in your code. If there are too many, you might be in for it.

What's shocking to me is that almost no open source authors or advocates give a hoot about automated testing of any kind. The only free software I've found with a test suite is gcc. As much as I hate to say it, there's a good chance that the relative inexperience of most open source authors is a factor here.

Re:speaks more to TESTING

[Kidbro]

What's shocking to me is that almost no open source authors or advocates give a hoot about automated testing of any kind. The only free software I've found with a test suite is gcc.

Bullshit

another bug page

[blooher]

Software Horror Stories linked from the post's link

Re:especially important in healthcare..

[sisukapalli1]

I believe more patients' lives are lost because of mistakes by doctors/hospitals/nurses, or sheer negligence. In some parts of India, for example, private hospitals are afraid to admit victims of accidents or crimes because the hospital itself might get into some trouble. Personally, I have seen doctors giving stupid advice, and people losing lives.

To put things in perspective, fatalities caused by human errors (non programming related) outnumber those caused by software errors by orders of magnitude, in many fields (except, say in launching unmanned space vehicles).

S

Happy to hear it...

Sure, some people here gripe about this not being newsworthy. But as a hardware guy, I am happy to see that software guys are finally going to be held to some sort of standard.

In electronics, if your hardware has ONE little problem, it's almost bankruptcy time. Remember the Pentium FP bug? And how it would have affected very little? Remember the hoopla, people wanted new processors, etc..

But software bugs? Who cares! It's NORMAL, it's EXPECTED. Well, geeks and nerds, time to get your asses in gear and live up to the same standards mechanical and electrical engineers have been living up to for decades.

I'm tired of being held to a standard of perfection that the software people (who make more money than me!) don't even KNOW about.

Software bugs...NOT!

[T.E.D.]

I'd call it a bad sign when the first two entries on a page that proports to show famous software bugs are not, in fact, software bugs.

The bug that caused Airane explosion was a requirements analysis bug. The Pentium FP bug was a hardware bug.

A quick skim of the rest nets me at least 6 more non-software software bugs

• 4. Mars Climate Orbiters, Loss (Mixture of pounds and kilograms, 1999) - Specification bug
• 27. Distributed denial-of-service attacks - Malicious people
• 31. Florida Voting Chaos - not a damn thing to do with computers
• 34. Wall Street Crash, October 1987 (Acceleration of the crash) - computers did precisely what their users wanted them to do
• 42. Great Concert Disasters - WTF?!
• 43. Tacoma Bridge (not a computer bug)(collapse, 1940) - he said so himself

After seeing that, I can't really trust the list on things I don't have a good knowledge about.

Here's a challenge for someone: Go through the list and find out how many (if any) of the listed software bugs are actually software bugs.

Nice

[pete-classic]

The actual article links to http://www.byte.com/art/9509/sec7/art20.htm which says:

THE BUG THAT KILLED

1985-1987: At least four people died when they were exposed to lethal doses of radiation from Therac-25 linear accelerator machines (made by Atomic Energy of Canada Ltd.), used for radiation treatment of cancer. Software errors caused the machines to incorrectly calculate the amount of radiation being delivered to the patient. The most tragic incident to date of death or injuries to human beings due to defective computer software, [emphasis mine] this incident is a reminder that, as we entrust human lives and health to computers, the seriousness of eliminating bugs becomes a life-or-death proposition.

and goes on to say:

SIN OF OMISSION

1991: American Patriot missiles were fairly successful. However, the failure of some Patriot missiles to track and destroy Iraqi Scud missiles during the Persian Gulf War may have been due to a software problem of the system. During one such Iraqi missile attack, 28 American soldiers were killed in their barracks in Dhahran, Saudi Arabia.

seven times the loss of human life, but less of a tragedy? I guess they are soldiers so fuck 'em, eh?

This story is over two years old, so they have had ample opportunity to correct it. The "comment" button on that page just takes me to the front page. Nice.

Also on that page, "The DoubleSpace automati hard disk comparision software included in Microsoft MS-DOS 6.0 [. . .]" WTF is "automati"? "Comparision" isn't even a word as far as I know, but it looks a lot like comparison. DoubleSpace is disk compression software.

Ironic that there are such glaring errors in an article about buggy software.

Well, I wasn't particularly a fan of Byte before, but now I'm convinced that they suck.

-Peter

Re:It's Worse: The Patriot Never Worked

[Wavicle]

Your first link is a translation of a patriotic Israeli article cheerleading the competence of their military. It doesn't necessarily make what they're saying false, but does make it suspect.

The second link is way low on content, I'm not sure how to judge it. All it says is "we looked at a bunch of videotapes and arrived at this conclusion". And then goes on to mention the bitter dispute between the U.S. and Israeli military over why the system didn't work so well in Israel.

I'm not sure I'm going to buy either argument. I know enough about flight characteristics to question the assertion that the scuds were so good at jinking and chaff the patriots (which were originally designed to hit jinking, chaff releasing aircraft) couldn't hit them.

If the scuds were dropping debris because extra fuel tanks made them unstable:

1) Why wasn't the wobble a pronounced problem at launch when the extra weight would have completely thrown off the trim characteristics of the missile?

2) Dropping "debris" is a bad thing, and it's only a matter of time before doing so results in an uncorrectable failure of the missiles flight aerodynamics. Why weren't most of them failing earlier?

3) Missiles don't fly in smooth trajectories nearly as often as you think. They jink to try and make anti missile systems (like say the Phalanx close-in weapons system) miss them or think they are dead and not worth any more attention.

Even if the patriots did fail, why would that have grave implications for our anti ballistic missile shield? SCUDs are cruise missiles, not ballistic missiles. Why do you think those big computers at Norad can accurately predict where the warheads will hit just after boost?

CUI

[Ozan]

I think most of the bugs in software are the result of "Coding Under Influence". Wether it is a strict time-limit, ambiguous specifications, no sleep or other disturbances, it leads to blatant dumb assumptions or similar faults. Everyone knows that driving under influence is dangerous and can lead to accidents. Why do "software architects" think this is different when someone writes important programs?
I think part of the problem is that writing software is a rather new handwork in comparison to e.g. metalworking. Programmers don't have a union, often they work under poorer confitions than workers at conveyor belts if you consider the higher responsibility they have.

Re:It's Worse: The Patriot Never Worked

[5KVGhost]

The failure of the Patriots to intercept scuds (and the fact that the media never mentions this) has grave implications for our anti ballistic missle shield.

I'm pretty sure the media has mentioned this, beyond those two media links you already posted, I mean. The issue has been debated since the first Patriot experiences during the Gulf War.

But I don't really see how this has "grave implications" for an anti-ballistic missile shield. The effectiveness of the Patriot missile used during the Gulf War era is in doubt, but a that does nothing to invalidate the general concept of destroying a ballistic missile with another interceptor missile. It certainly isn't easy to do, and there may be better ways to accomplish the same goal or things more worthy of our limited resources, but to claim that it's somehow physically impossible is both disingenuous and incorrect.