Slashdot Mirror
Linus Says No to 'Specs'
auckland map writes to tell us about an interesting debate that is being featured on KernelTrap. Linus Torvalds raised a few eyebrows (and furrowed even more in confusion) by saying "A 'spec' is close to useless. I have _never_ seen a spec that was both big enough to be useful _and_ accurate. And I have seen _lots_ of total crap work that was based on specs. It's _the_ single worst way to write software, because it by definition means that the software was written to match theory, not reality."
Linus is an engineer/tech. He dislikes theory work because it often gives nothing in practice.
However, specs are not always theory, and they may be usefull, as well as docs. He may be smart enough (or know linux code enough) to not need any doc/spec, but it's not the case of many other people. Some specs are good, and sometimes necessary.
He cited OSI model, well, but I can assure you I won't go in an airplane if it was done with Linus' practices... There are specs in some places that are good, and that are read and followed. Even in non-dangerous domains such as Web standards, specs are necessary, and those who don't follow these specs make crap softwares/browsers!
Moreover, in Linux development model, which is fuzzy and distributed, not directed, defining the software may be vain. However, in a commercial environment, defining the spec is really writing a contract, which protects both the customer and the editor. Specs there defines what the software can and must do, and ensures it will do. Linus obviously lacks of experience in industrial and critical projects. He may be right for the kernel development (however I still doubt it should be so entire on that subject), but he's wrong on many other domains.
IOW, Linus does here a generalization which is at least as wrong as are the examples he cited. As we say : "all generalization are false".
If he finds a bad spec, either it throws it away, or he fixes it. It's the same for technical docs. But he shouldn't tell every specs are useless and bad. That's wrong.
How are you supposed to write software which interoperates with other people's software without relying on a specification to define the interface? I have read some of the thread and I really can't understand where Linus is coming from here.
The whole discussion was centered around implementing specs. And the point made by linus was that one should not implement specs literally, not to structure the software as the specs are structured. He did not say the software should not adhere to the interface given by the specs. So the software should work like specified, one should just write the software in a form which makes sense for the larger scope of the software, not one limited to the scope of the specs.
Also having a documentation will keep the leader itself on the correct path and not stray from it's original design.
It is extremely rare that the original design is the correct path.
I believe posters are recognized by their sig. So I made one.
And after three long hard years of implementing a huge amount of code as per specifications, finally wrapping things up and looking to moving on to bigger and better things... they go and change the specs! Arrraggg!!
Theory, doesn't exist to men like Linus. Or men like Alan Cox either. The root word of "spec" is "speculation". And IMHO if you have to speculate what your needs are, then chances are you probably don't really need it.
Romana: "How did you know?" Doctor Who: "Ah, well, knowing is easy. Everyone does THAT ad nauseum. I just sort of hope"
If nothing else comments like this are ammunition for the people who dislike / want to crush Linux (and OSS in general). While I know from experience that the kernel is a quality piece of software and highly reliable if I was new to Linux and considering moving my company over to it comments like this would scare me. It's not that a spec necessarly improves the quality of the software it just improves confidence that the people writting it have a clue about what they hope to acheive.
I, too, didn't believe in writting specs when I was in college. Most of the projects I worked on were either loner affairs or the group was very small so communication was good. When I got into the commercial world though it was a very different ball game. After working on a couple of projects that failed horribly because half the team was confused about what it was supposed to be doing I realized that a spec is a very useful tool.
In my experience the better developers didn't need the spec as much as the poorer developers. The good developers almost understood without words what the other good developers would do in a given situation. The problem was no one could predict what the poorer developers would do in a given situation. This led to large chunks of the system not working / intergrating properly (I freely admit there were other serious management problems on these projecs as well) and needing huge amounts of resources to bring them back on track.
Later projects where there was a spec (even quite an informal spec) produced a better system in less time with fewer resources. I know this sounds like the same old pap that is dished up to every CS student but it really does work on non-trivial projects.
I certainly believe that the spec can be taken to far though. I have seen some projects never even get off the ground for the want of a quick hacked together bit of proof of concept code. The secret is in hitting that fine line between anarchy and unanarchy (there is no good single word antonym for anarchy so I propose unanarchy).
Perhaps the kernel only has uber leet hackers working on it. Somehow I doubt that though.
I used to have a better sig but it broke.
Specification documents are the only thing in the company I work for that stops customers asking for functionality in the 11th hour of development, claiming that "they always meant that it would have that" or "I thought I mentioned that at the first meeting".
As companies go the one I work for is pretty lax with documentation, but they are very careful that all customer requirements are listed iteratively, and - more importantly - signed off on.
I have been in situations at work where for whatever reason a specification hasn't been drawn up for a customer; its either been left to informal emails or in the worst cases word-of-mouth/notes written in an initial meeting. In my experience these often end up running on past their deadline as the customer requests more and more esoteric functionality, or design and presentation tweaks that covertly require additional functionality, etc.
As a rule of thumb as a die-hard programmer I hate documentation, particularly detailed technical specifications which constrict my creativity. That said, where it is necessary I absolutely see the need for it - how else can you constrain the customer to what they originally asked for?
I once worked on a Standards-writing subcommittee, and ended up being the editor of a proposed standard. I was new to the process at the time. I took the work that was done and completely re-wrote it, from the ground up, according to the published guidelines of the Telecommunications Industry Association (TIA). I then presented my work to the subcommittee.
"It's too clear. People might actually understand it." I argued that because it was a specification for testing, it should be clear. Yes, I won the argument, but at what cost?
Over the next few years I watched as more standards were created, edited, published, submitted to the ITU, and eventually turned into Recommendations. When I asked, "what does this section REALLY try to say?" I was told that in order to understand that section I needed to know another piece of the puzzle that wasn't spelled out but was "understood" by "practitioners of the art." In other words, the specification was incomplete...but not according to the rules. I asked why. The answer I got boiled down to one thing: you can't implement the specification without the "stories around the campfire" behind them.
Put starkly, you can't play unless you join the club.
Now, in reality, people have taken these less-than-complete specifications and actually made products with them, products that successfully interoperated with those implemented by members of the club. The development time, however, was extended by the need to discover the missing pieces on one's own, or to buy the missing pieces.
Then there was the story of what eventually became V.80, which I discussed in a Slashdot interview. That particular standard proposal was so bad that I had to vote "no". Again, I ended up rewriting the entire thing so it made sense, and in addition covered not only the corner cases but also future extensions and vendor extensions. It took DAYS to prove that the two versions said technically the same thing (within limits). You could code to mine; the other was almost impossible and "open to interpretation."
Most specifications (or Standards) are written by partisan participants. It's to their best interests to write these things so that outsiders can't understand them -- be it commercial gain or personal ego. Good spec writing is HARD, and not for beginners. It takes work. It rarely pays anything to write a good specification, especially if the writer views it as a pro-forma task. Just as programmers from several decades ago viewed flow-charting as a useless task.
Just as people are starting to view Open Source not as a way to lose money but as a way to gain money, perhaps the partisans will see that writing clear, understandable, WORKABLE specifications is in their better interest....or not.
Given the current state of the art, though, I would tend to agree completely with Linus that specifications, and Standards, that don't provably track with reality deserve not "no", but "HELL NO!"
But for any type of commercial undertaking, specs are an essential part of the development process.
Without a spec you won't know what you're being asked to build, or will find it difficult to get customer agreement that what you're delivering meets their need.
Without a spec you can't estimate, and without accurate estimates you can't insure that you're properly getting paid.
A message from our sponsor
I'd say that there are good specs as well. A few examples:
POSIX standardizes programming interfaces for operating systems. It allows easy portability of applications between operating systems, and it's very successful at that. Although non-compliant operating systems (such an Windows) and non-compliant applications (many applications written for the GNU system, and any application that uses functionality not standardized by POSIX) cloud the picture somewhat, POSIX has worked wonders for application portability.
Common Lisp is a standardization of features found in Lisp systems. It mixed and matched parts from various more or less specialized Lisp systems, and built a generic programming language that is still widely regarded as the best programming language by those who know it. The fact that the language is standardized to a great extent allows code to be easily ported from one implementation to another.
R5RS is the current state of the standardization effort for the programming language Scheme. Contrary to POSIX and Common Lisp, it aims to standardize not as much as possible, but rather a small common core which can then be extended. This makes Scheme a very useful object for programming language research.
Comparing these specifications to the alternative of having no specification, I'd have to say they provide definitive advantages. Without POSIX, we'd still be stuck with operating systems having APIs different enough that it might be easier to rewrite applications for each OS, rather than maintain a single codebase with a few platfrom-specifics here and there. Language specifications like Common Lisp and R5RS have enabled a whole slew of implementations, each filling a specific niche, where other languages are often stuck with one implementation, and perhaps a few not-quite-compatible alternatives; and if you want a different niche, you'll have to use a different language.
Please correct me if I got my facts wrong.
Its an idiot who says a spec is useless. Perhaps a 400 page IBM corporate spec on a filesystem is useless, but 20-40page specs are not.
/* comments, so its damn easier to read and visually see, 100% ascii blows
Hashing out a spec at least shows you what can be possible and what cannot, and while doing it, you may
see possibilities of new features or addons and also you might realise that feature X will take damn ages.
It also shows you that feature Z might ruin your whole design or be nothing more than a timewasting experiment.
There are different levels of spec design, but im not saying, go make it ultra low level. Jeez Linus, even doing a rough
diagram of a gui or this process does step 1 thru 12. At least the other developers on the team can see what in hell
your are going to make. Not just some 1 liner, "we're gona make a kick-ass 64bit indexed image engine/database"
How about a 200 thread level async dns resolver? Oh yeah all in your head Linus.
Heres my product spec for a better IDE in 1 line.
Support basic html inside
man. Even support IMG tags so your can BUILD in documentation thats usefull in your source.
High level specs, yes, lowlevel specs that are 5x larger than source codes, NO.
Liberty freedom are no1, not dicks in suits.
Maybe "what works" is the best approach, especially for an open-ended project like Linux.
TWW
"Encyclopedia" is to "Wikipedia" what "Library" is to "Some people at a bus stop"
A spec should be used to write the acceptance tests for the application (and indeed a lot of the unit tests). Documents just sit there and don't tell you when something's wrong - repeatable tests do.
A specificiation should specify how a program behaves to the external world, not how it should be implemented.
So I think I kind of agree with Linus.
If the theory does not match the practice, the theory is incomplete. In other words, fix the theory. Don't make vague and stupid generalizations against it. Those generalizations are nothing more than rationalizations for the sake of the idiot makeing them.
Yes, you are right... in theory.
I write software to spec. In theory, that should work. In practice it often does. But often there are gaps in the specification that the guy spec'ing should have seen, but didn't. Perhaps, his kids woke him up 20 times last night, perhaps someone made a bad pot of coffee.
These gaps in the spec become glaringly obvious when writing the code and in the iterative component testing. That's the practice.
Now, if you invest 5 times the effort in the specification, you can probably get it all. But in practice, it's often better to prepare a rough, incomplete functional specification. Make a special effort to specify the interface between interacting parts of the system, especially if they are developed by differnt teams. Then allow the developers more scope to communicate and modify this in the development process.
I'm not saying this is a good idea for building spacecraft. But it makes sense for commercial software development.
"software was written to match theory, not reality"
That was very blinkered and unfortunate statement by Linus. While he portrays himself as a "practical engineer", the truth is that he is not flying the flag of professional engineering, but supporting some kind of ill-conceived ideal of ad hoc amateurism.
The world of computing is in crisis. After 40 years of 'pro' development, computing is still a human-driven craft instead of the extremely precise arm of engineering that it could so easily have become through its well-defined subject matter.
While Linus has contributed immensely to the world by delivering a wonderful engineering tool as well as a great end-user product, he is also extending the software crisis through unfortunate remarks like that one. The "reality" which he so seems to praise is THE PROBLEM in software engineering, and not something to be endorsed or supported.
If the world continued along Linus's desired path of "reality" vs theory, the current mess will know no end, and the metaphorical bridges of computer science will still be falling down in the year 3,000.
Mankind's future in computing must build on immoveable foundations of theory and logic if it is to progress into a realm where machines of IQs in the millions work at our behest. Advocating some sort of ad hoc "practical" computing barbarism is very short-sighted, dangerous, and regressive.
"The question of whether machines can think is no more interesting than [] whether submarines can swim" - Dijkstra
and, we all know, all browsers implement all of them correctly, right?
Take a look at your w3c specs. There's _no_ browser on eart which implements 100% of those specs. Nobody builds web pages according to w3c docs, you've to make them work in IE and firefox - none of those implements all the standards 100%.
The point of linus is mainly targetted to hardware makers. Take a look at the hell that ACPI support is, or the first motherboards who implemented IOAPIC support. Specs are _useless_ in those cases. And you can't "fix" hardware: Hardware is there, and your task is to make it work. You've two options: forget the specs, and make it _work_, or write the code according to specs.
The _real_ standars are those which are not written, ie: bugs in the POSIX implementation of some unixes that some apps rely on and that now everybody implements in other unixes because _everybody_ uses it, despite of being "wrong". Same for TCP/IP, same for "everything". I'd say that specs are OK as a reference, but if you want to write software which works in the _real_ world you must not follow them blindly. You must accept that people will not follow them and design your software according to that.
no if you read the thread he doesn't actually mean like the HTML standard.
It's not adventurous or fun
And that's the root of the issue. Linus (like many geek coders) doesn't like namby-pamby stuff like specifications, requirements and documentation. None of that is fun, so getting rid of it as much as possible is a driving force for these kind of guys.
I don't like the paperwork that goes with my fun day job of coding, but I have to do it, and it is necessary. Just ask the guys I hand my releases off to for a very valid reason why the paperwork is necessary.
Alternatively, maybe you could wish that the fuckwit coders who gave the thing to you had read the documentation and done a little testing to make sure that it works according to the docs, instead of changing things arbitrarily without telling anyone.
All that "my code is my design" bollocks is just that - bollocks. I can spend a week reading code to find how stuff actually works, or I can spend a few hours reading the spec that says how it *should* work. My job is *not* debugging someone else's shit code, my job is writing something that uses or interfaces to their code. If they've not done their job properly, why should I be expected to be the one to find the holes, just because they can't be arsed testing it properly?
Grab.
I can see where Linus is coming from; on the other hand, I can see where the statement is fundamentally flawed. The best example I can give is a 3D engine. I have worked on an OpenGL engine for almost 4 years now, and certain aspects of the engine development (namely shader architecture) were purposely left without a formal 'spec'. 3D Hardware changes more rapidly than one can build a 3D engine from scratch. If the entire engine followed a 'spec' from day one, it would be obsolete by the time it were finished. If you had asked someone four years ago what NVIDIA and ATI would be working on right now, they could never guess that vertex and pixel shaders were beginning to merge (both on the hardware (shared pipelines) and in functionality (pixel shaders have front/back face information and vertex shaders can perform texture lookups)). They could have made assumptions that caused them to code themselves into a wall so to speak and which prevents them from ever utilizing the features of Shader Model 3.0.
On the other hand, there are other teams who work on gameplay and network development. For the most part the network developers can develop a 'spec' and reasonably follow it. The gameplay mechanics follow a constantly revised 'spec', and probably the only one the consumers who play the game are ever familiar with. In this aspect of development, a 'spec' is _required_ to complete the project in a reasonable timeframe.
CS may look like engineering, but IMHO it is closer to math because of one simple fact; engineering (partly) has to do with unpredictable variables such as wear-and-tear and environmental influences. In CS, everything boils down to simple boolean mathematics (the microprocessors) thus everything is predictable given sufficient time to calculate.
Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
Each kind of spec has its correct use. Some (like the Pirate's Code) are more like guidelines than hard and fast rules. The rules for a Sonnet or Haiku or Limeric are quite strict, but leave a tremendous amount of latitude to produce different results. Write what you want, but if you don't follow the spec for a Sonnet, its not a Sonnet. Objective, testable specs are essential for any enterprise application to work. Very often, in such an environment, the programmers for different parts of the enterprise may never meet or even know each other's names. The spec is what binds the application together.
Bad analogy. Safety is the major consideration in this example. If we wrote our business software the same way, it would cost a few million dollars instead of a few hundred. Similarly, if NASA wrote its software the way we do, it would be much cheaper, but things would blow up on occasion....
Specs are good for propping up initial work, but they go all-to-hell quickly when projects near milestones or late completion dates. Also the mcdonalds-mentality of "hurry up with my order, I want it yesterday" that the customer always wants does not afford a lot of time to follow a regimented procedure to the tee. I've watched people (myself included) spend an assload of time writing code to follow an exact process only to constantly be late, or go crazy trying to make dates.
Programming is a creative form, no question about it. When you try and corral people's creativity into a one-size-fits-all nutshell of procedures, you are strangling possibly the largest asset they could offer you.
I encourage people to make their code readable and use comments that serve a purpose.
That's about it.
Join the Slashcott! Feb 10 thru Feb 17!
I think there's a lot of confusion over the word "specs". That can mean a few things for software:
:) It shouldn't be too complicated, but the purpose of these kind of "specs" are often mis-interpreted by "pure analysists", what in some cases ends up in a way to detailed almost pseudocode alike book. This is BAD, by theory leaves no room for interpretation, but in practice it does. The person who wrote this could have written the code instead - and would have found all contradictions, errors, and would have been faced with all practical problems his "point of view" suffers from.
:) Basicly these are nothing more than a written down version of good and clear agreements. If reality changes - these should be changed, never the other way around, but which happens way too much.
:P)
:p
1) What the program should and shouldn't do. These can be "demands" from the customer. Should be non-technical, not too detailed - but should be clear. If the customer has specific I/O demands, this should refer to other documents for this, don't mix these things.
2) Internal software analisys. Should describe the internal main blocks, in most software companies I've worked, this is done on a blackboard with all important dev's there brainstorming about a project. If it gets really complicated someone might be victimized of putting that on paper
Sadly enough - these kind of specs (in general) usually end up way too detailed. Programmers always have their "speciality" if they are left with some freedom. Let them do their own thinking give them an "IO spec" for their part - and let them do their job. At least that's what I do, I don't want code-monkeys in my team - I want individual coders who actually understand what the hell is going on. Too bad they're becoming harder and harder to find. I blame Visual Basic *grin*
3) An I/O or interface spec. What goes in and what goes out, described in what form, as short as possible, with flexibility so someone can easily add a proposal/extention to it. These are not easy to make, but luckily I work in a competitive team that understands software writing
These are 3 completely separate things. All 3 need to be done more or less for major projects, some can be left out. Mixing these should be avoided as much as possible. The first 2 I consider to be "software specs", the last-one is something completely different and I see a lot of people here confusing these. HTTP, TCP/IP, HTML, XML, XHTML, RSS and even POSIX aren't software specs, these are standardized I/O / interface specs. Such specs are in general a good thing, they describe how something should be used, so multiple programs can "communicate" with each other using the same interface.
As far as I've seen, writing software to specs is an utopia. The worst specs usually are specs written to an existing program. It's fine as "documentation" and shouldn't be used for anything else, certainly not for writing a new version. Writing detailed specs after a project is finished (well - as far as that's possible) usually has little point. Writing documentation on the other hand has a point, but this is widely regarded as a boring unimportant job (and I can't blame anybody who does
Anyway - what I suspect that Linus means is a mixture of these 3 - a mess which mixes everything in a way to detailed form. Most specs that are written are plain wrong, bad, and mix too many things. Most of the software specs are written by people who think they know everything. Nobody does.. except me offcourse
We wrote the Open Graphics Project spec not based on purely abstract theory but based on the experiences and needs of the community. Purely for the sake of survival, I made it clear that there should be nothing in the design which could not be justified by common needs. Based on that, we developed a SPEC.
Maybe Linus is having a language-barrier problem, but a spec is just a description of something, albeit somewhat formalized. That means you could write a spec retroactively. We could write a spec for the Linux kernel as it is right now. If we were to do that, would Linus abandon Linux? It wouldn't be THAT hard to make it accurate.
Frankly, I can't write anything without SOME sort of spec. Often, those specs are contained completely within my brain, but I nevertheless must develop a coherent concept of what it is I'm going to build and what its pieces are. When I write a document, I often start out with some sort of outline. And when I write code, I have to decompose it into functions.
If a spec is any coherent description of something you make, then Linus uses specs all the time, and he's just blowing smoke out his ass.
He's complaining about specs because they're usually done badly. JUST ABOUT EVERYTHING IS USUALLY DONE BADLY. Should we say that all operating systems are bad just because Windows sucks? Should we say all cars are bad just because the Ford Taurus is designed to last only 5 years? Should we do away with TV just because of shows like "Two guys, a girl, and a pizza shop" or "Survivor"?
Linus is forgetting that Linux is based on specs, Honda makes reliable cars, and Star Gate SG1 is on on SOME channel just about all day.
The usefulness of specs is also LARGELY dependent on the author of the spec and their experience. Some organizations write fuzzy specs that leave a lot of wiggle room. A contractor implementing the spec then delivers a blue widget, not green because it was not clearly spelled out (not a SHALL but a SHOULD). This results in expensive engineering changes (ECs) resulting in cost overruns, budget shortfalls, and late products. Of course, if you are a Government contractor, this means you make more $$$.
Often engineers who are running projects dislike specs and believe them to be a waste of time. The development team must then attempt to work without a spec but must still work toward a goal with some internal plan and list of objectives. When the customer asks why the project is not doing A when he thought it was doing A, the development team has less ammo to defend themselves.
There are MANY examples of bad projects, cost overruns, and late products. The Government contracting area in the US has MANY examples (not just $500 toilet seats). Of course, the defence contractors get richer as they get to do it twice!
This is obviously the rant of a person who has never programmed for an actual client (a human one). 99% of the time a spec is the understanding between the user and the provider, whoever they are. So yes, Torvalds is right that they are mainly for talking about software, but unless you are writing your own operating system on your free time, you have to be able to talk about it or you will implement something other than what the client thought they paid you for, and then they get sour. Specifications are about understanding and communication, when not the whole universe is inside one person's head.
Moreover, Torvalds doesn't really seem to know what science is. There just is no criterion that a scientific theory has "no holes." It doesn't work that way.
From what I read, it seemed like people were trying to get him to soften his stance on that, and he seemed pretty adamant that he hates specs in any form or fashion.
Of course, it's easy to do that when you're Linus Torvalds, and whatever you say/do is the de facto standard without the need to write a spec. He's basically a walking spec. However, I'd invite him to consider what would happen if all the peons adopted his theory. Nothing would interoperate with anything else.
The only thing I can think of is that he defines a spec as something that is inherently written once, before implementation begins, and is strictly adhered to no matter what. However, I don't think any sane person would agree with that definition, I can't imagine that's what the other people in the thread meant by the word "spec," and I can't believe he'd imagine anyone else defending such a process in the first place. So I do believe that Linus is being a bully again.
If specs were 100% accurate, then there would not be a need to write the code, because the specs could be automatically translated to code (we are talking about 100% accuracy here, not 99.999999%).
This is not true in general. It's quite straightforward to spec out a program that solves the Halting Problem, for example, but rather harder to code one. And there are issues to do with optimization and so forth that would not appear in a specification.
Nonetheless, there's a great deal of truth in what you say - for most real-world programs, a 100% complete formal specification of what they had to do would not be much shorter than the program itself. This is why agile development methodologies make sense.
Xenu loves you!
"Rules are there to make you think before you break them."
Simple expertise is knowing the right thing to do. When you go beyond that to knowing when its the right time to do the wrong thing, then you have mastery. So, when somebody who has years of mastery of a craft says, "the rules are crap" it has a different truth level than when somebody who's merely competent. The difference is the way the right thing to do is backed by unspoken, unarticulated working knowledge in one case, and mere bravado on the other. I can do basic carpentry, but the difference between me and a master cabinetmaker when building a book case is that I have to keep referring to my plans, whereas the cabinetmaker, while he may have plans, operates more unencumbered by them, moving quickly and confidently because he's internalized longer sequences of operations, until he can see the whole construction process in his mind's eye. When I don't worry much about my plans, I end up with a dado on the wrong side of a plank.
Being "against specifications" of course is stupid. But Linus is in an unique position to be a bit cavalier, isn't he? Specifications do two things. First, they tell you what needs to get done. Second, they communicate this between parties, say the specifier and implementor, the customer and contracter, the builder of tab-a and the constructer of slot-b. But Linux is, if I understand this, a pretty conservative implementation of an existing model, where innovation where it occurs is fairly contained and focused areas. And as far as Linus and the Linux kernel is concerned, L'etat c'est moi. He may well have managed all these years keeping what needs to be done in his head, and the result could still have more coherence than the product of a well coordinated committee.
The other thing to keep in mind is you can't trust everything anybody says is categorically so, even when that person is perfectly honest and sincere. The simple reason for this that mosts truths have an element of fuzziness in them. In limited circumstances it is sometimes necessary to hold what is, in general more false than true, but in this case more true than false. Wisdom is knowing when and how much to doubt what you believe, or believe what you doubt.
Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
We always write to specs. Usually implied. Whether it starts as just a few lines on a cocktail napkin or it's an explicit interface definition, it's just a starting point; but a project without any is guaranteed disaster. I know that requirements gathered by comittee rarely translate into live code and I personally find that the best way to gather requirements is to prototype heavily, but you have to start somewhere. Every right-thinking programmer detests documentation; unfortunately there is no substitute for the waterfall. People may think they've just written the most brilliant piece of code ever, but if it's not spec'ed and coded to that, thier grand creation becomes just another pile of steaming spaghetti code to the next poor slob that has to deal with it.
MfT
<!--
while(!am) r2();
Why should I be expected to be the one to find the holes, just because they can't be arsed testing it properly?
Usually you shouldn't, however you will. It doesn't matter if you're creating a web browser that can't display "broken-but-renders-on-IE" webpages, an IDE driver that may corrupt data on "UDMA-compatible-but-not-compliant" hard drives, or a server process that crashes on corrupt or malicious out-of-spec data: as long as your code is what's interfacing more directly with the user, your code will probably be blamed for the problems. In particular, if one of your competitors has found and worked around the holes, your code will definitely be blamed for the problems.
It's not fair, but it's life: from a user's point of view it's easier to get new software than to communicate with a different set of people or buy new hardware.
I don't think that you got very far with Bertrand Russell.
Why can't anyone here disagree with anyone else without insulting them? I think you too casually discount the magnitude of Russell's dilemma vis a vis set theory and the theory of types. He wanted the impossible, as we now know in a formal sense thanks to Gödel, namely a complete and consistent logical system, and his failure to resolve his paradox was devistating to him (and moreso, I think, to Whitehead, but I may be worng about that). How far is far enough into Russell to understand that his most formidable acheivement is tainted with a paradox at its heart? You say, "Russell showed that the domain of logic gets tangled if you use it to think about itself. Well (with hindsight) that is no surprise at all." I submit that it was quite a big surprise indeed. And further that its implications, while often overstated, aren't merely a "hiccup," but instead place it at the top of that rather rarified class of ontologically significant mathematical discoveries.
grammar-lesson free since 1999. (rescinded - 2005)
He's not complaining about specs as a way of getting things to behave the same. He's talking about using hardware specs to base your software on. If you try to talk to your PCI hardware by following the PCI spec, chances are that it won't work, because a huge portion of PCI hardware doesn't quite work right. Someone had been saying that, in order to write a good SCSI driver, you should follow the guidelines in the SCSI spec, and Linus was saying that, if you did that, your results wouldn't work with a lot of real hardware that people use, and you won't be able to deal with these quirks, because you won't have designed your system to handle them.
It's not about the development model at all. The situation is that Linux has to work with third party devices, where the spec is like a contract that the other party hasn't signed. You can do your part to be perfectly compatible, but when the computer's BIOS tells you impossible things, you can't go yell at them, because they don't really care, and the user still wants the computer to work.
I personally wouldn't go on an airplane where the people designing it just trusted that parts perform the way the contracts specify. The most common area in engineering failures is to assume that, just because you say that something has to be done a certain way, it'll actually get done that way. I want my airplane designed such that, if a couple of the engines aren't aren't doing what the manufacturer claimed they'd do, the plane doesn't just crash. You have to expect that a certain amount of the stuff will misbehave, and the safety of your system really depends on just how much of it can misbehave before something terrible happens.
In short, if you're producing SCSI adaptors, you should understand the SCSI spec completely. But if you're writing a SCSI driver, you should have a copy of the spec, but also a big database of how particular hardware violates it, and notes on what parts are unreliable in practice, because there are certain to be a lot of these.
Put simply, they implement less. Less features, mostly - usually to the point of anemia. So while the BSDs might be more likely to work, the GNU platforms are more likely to actually do what you want. That's probably got a lot to do with why the GNU platforms have been a qualified success, while the BSDs have mostly been irrelevent in the market. After all, it's easier to fix a bug than it is to implement new features.