This thread on Hacker News terrifies me

Nick Sabalausky (Abscissa) SeeWebsiteToContactMe at semitwist.com
Sun Sep 2 03:18:17 UTC 2018 

On 08/31/2018 03:50 PM, Walter Bright wrote:
> https://news.ycombinator.com/item?id=17880722
> 
> Typical comments:
> 
> "`assertAndContinue` crashes in dev and logs an error and keeps going in 
> prod. Each time we want to verify a runtime assumption, we decide which 
> type of assert to use. We prefer `assertAndContinue` (and I push for it 
> in code review),"
> 

Yea, that one makes me cringe. I could at least understand "unwind the 
stack 'till you're at least out of this subsystem, and THEN MAYBE 
abort/retry (but not ignore)", though I know you disagree on that. But 
to just...continue as if nothing happened...Ugh. Just reminds me of 
common dynamic scripting language design and why I never liked those 
languages: If the programmer wrote something nonsensical, best to do 
something completely random instead of giving them an error message!


> "Stopping all executing may not be the correct 'safe state' for an 
> airplane though!"

Honestly, comments like this suggest to me someone who's operating under 
the false assumption that "stop all executing" means "permanently stop 
all of the software running on all components of the plane" rather than 
"stop (and possibly restart) one of several redundant versions of one 
particular subsystem". Which suggests they only read comments and not 
the article.

Interestingly, the same user also said:

"Software development often does seem like a struggle between 
reliability/robustness and safety/correctness."

WAT?!

That's like saying, "Speaker design often seems like a struggle between 
loudness versus volume." Each one *requires* the other.

Scary.


> "One faction believed you should never intentionally crash the app"

I can understand how people may naively come to that conclusion: "Duh, 
crashing is bad, so why would you do it intentionally?" But, of course, 
the reasoning is faulty.

There's also the "It depends on your industry/audience. You're talking 
airplanes, but my software isn't critical enough to bother with the same 
principles." I wonder if it might help to remind such people that's 
*exactly* how MS ended up with Windows Me:

This is well-known:

After Win3.11, MS decided that businesses required more reliability from 
their OS than the home users needed. So they split Windows into two 
product lines: WinNT for business (more focus on reliability) and Win95 
for home (speed and features were more important).

Things started out mostly ok. Win95 wasn't quite as reliable as NT, but 
not a gigantic difference, and it was expected. Then Win98...some more 
issues, while NT stayed more or less as-was. Then WinMe hit. BOOM!

By that point, the latest in the WinNT line was "Win2k", which was STILL 
regarded as pretty well stable, so MS did what's probably the smartest 
move they've ever made: Killed off the 9x/Me codebase, added DirectX to 
Win2k and called it "WinXP". And it spent a whole decade widely hailed 
as the first ever home version of Windows to not be horrible.

So yea, I don't care how non-critical you think your software is. If 
it's worth using, then it's important enough.

> And on and on. It's unbelievable. The conventional wisdom in software 
> for how to deal with programming bugs simply does not exist.

In my observation, there doesn't seem to be much conventional wisdom in 
software in general. Everything, no matter how basic or seemingly 
obvious, is up for big, major debate. (Actually, not even restricted to 
programming.)


[From your comment in that thread]
 > fill up your system disk to near capacity, then try to run various 
apps and system utilities.

I've had that happen on accident once or twice recently. KDE does NOT 
handle it well: *Everything* immediately either hangs or dies as soon as 
it gains focus. Well, I guess could be worse, but it still really irks 
me: "Seriously, KDE? You can't even DO NOTHING without trying to write 
to the disk? And you, you other app specifically designed for dealing 
with large numbers of large files, why in the world would you attempt to 
write GB+ files without ever checking available space?"

Seriously, nothing in tech ever improves. Every step forward comes with 
a badly-rationalized step back. Things just get shuffled around, rubble 
gets bounced, trends get obsessively chased in circles, and ultimately 
there's little, if any, overall progress. "What Andy giveth, Bill taketh 
away." Replace Andy/Bill with any one of thousands of different 
pairings, it still holds.

And there's no motivation for any of it to change. Capitalism rewards 
those who make more money by selling more flashy garbage that's bad 
enough to create more need for more garbage to deal with the flaws from 
the last round of garbage. It doesn't reward those who make a better 
product that actually reduces need for more. Sometimes something decent 
will come along, and briefly succeed by virtue of being good. But it's 
temporary and inevitably gets killed off by the next positive feedback 
loop of inferiority. Incompetence DRIVES capitalism; competence 
threatens it.

More information about the Digitalmars-d mailing list