Slashdot Mirror

← Back to Stories (view on slashdot.org)

Fixing Bugs, But Bypassing the Source Code

Posted by timothy on from the wrapping-puzzles-in-enigmas dept.

shreshtha contributes this snippet from MIT's Technology Review: "Martin Rinard, a professor of computer science at MIT, is unabashed about the ultimate goal of his group's research: 'delivering an immortal, invulnerable program.' In work presented this month at the ACM Symposium on Operating Systems Principles in Big Sky, MT, his group has developed software that can find and fix certain types of software bugs within a matter of minutes." Interestingly, this software doesn't need access to the source code of the target program.

6 of 234 comments (clear)

  1. Re:MS will probably kill it by SnarfQuest · · Score: 5, Insightful

    If MS included this in Windows, you'd never get to see the login screen because the CPU would be so busy fixing bugs.

    --
    Who would win this election: Andrew Weiner vs Andrew Weiner's weiner.
  2. Sensationalism ruined it for me by billcopc · · Score: 4, Insightful

    When a potentially harmful vulnerability is discovered in a piece of software, it takes nearly a month on average for human engineers to come up with a fix and to push the fix out to affected systems

    Yes. It takes us 5 seconds to an hour to actually come up with the fix, the remainder of the month is spent in bureaucratic hell - sitting in a trouble ticket queue, sitting in a verification queue, sitting in a QA manager's inbox, sitting with the communications team.

    Clearview, if it does what it says on the tin, only addresses the 5 second problem. Any "sane" dev shop would still run the resultant patch through the many cogs and loops of modern software management. You won't get your hole patched any quicker, you'll just have shifted the coders' attention away from your own app's bugs, and onto Clearview's bugs. Net gain: less than zero.

    Theoretically and conceptually, it's an interesting tool (you know, like Intercal). It just doesn't really fit in the industry, IMHO.

    --
    -Billco, Fnarg.com
  3. How about by raddan · · Score: 4, Insightful

    "Entscheidungsproblem". You'd think a professor of CS at MIT would have heard of it.

    1. Re:How about by eggnoglatte · · Score: 4, Insightful

      Except that you are making two mistakes:

      - the Entscheidungsproblem refers to the problem of finding a general solution that will determine for all possible programs whether or not they are correct. This is an undecidable problem. However, this does NOT mean you can't find a solution for certain subclasses of programs, or a program that finds certain kinds of flaws.

      - also, you already know there is an error (otherwise the program wouldn't be triggered), and the type of error (e.g. NULL pointer, array index out of bounds etc.) . That makes much easier again than the general Entscheidungsproblem.

  4. Re:Did they use that tool to develop that tool? by Wonko+the+Sane · · Score: 5, Insightful

    The fiendish prof announced that he will run that code through itself. Whatever letter grade it spits out will be his thesis grade. He got a D. He begged and cried and threw a hissy fit and wangled a B and scraped through the degree.

    Fiendish? What could possibly be more fair and objective than making him eat his own dogfood?

  5. Re:Did they use that tool to develop that tool? by KillerBob · · Score: 4, Insightful

    Either that or put in an author check that automatically spits out an A+ if it detects that the author of the code was himself....

    --
    If you believe everything you read, you'd better not read. - Japanese proverb