by Paul Curzon, Queen Mary University of London
(updated from the archive)
Bugs are everywhere, but why not learn from the mistakes of others. Here are some common bugs with examples of how they led to it all going terribly wrong.
The bugs of others show how solid testing, code walkthroughs, formal reasoning and other methods for preventing bugs really matter. In the examples below the consequences were massive, but none of these bugs should have made it to final systems, whatever the consequences.
Here then is my personal countdown of the top 10 bugs to learn from.
BUG 10: Divide by Zero
The USS Yorktown was used as a testbed for a new generation of “smart” ship. On 21 September 1997, its propulsion system failed leaving it “dead in the water” for 3 hours. It tried to divide by zero after a crew member input a 0 where no 0 should have been, crashing every computer on the ship’s network.
Moral: Input validation matters a lot and there are some checks you should know should be done as standard.
BUG 9: Arithmetic Overflow
Keep adding to an integer variable and you run out of bits. Suddenly you have a small number not the bigger one expected. This was one bug in the Therac-25 radiation therapy machine that killed patients. The Boeing 787 Dreamliner had the same problem. Fly for more than 248 days and it would switch off.
Moral: Always have checks for overflow and underflow, and if it might matter then you need something better than a fixed but-length number.
BUG 8: Timing Problems
AT&T lost $60 million the day the phones died (all of them). It was a result of changing a few lines of working code. Things happened too fast for the program. The telephone switches reset but were told they needed to reset again before they’d finished, … and so on.
Moral: even small code changes need thorough testing…and timing matters but needs extra special care.
BUG 6.99999989: Wrong numbers in a lookup table
Intel’s Pentium chip turned out not to be able to divide properly. It was due to a wrong entry in a lookup table. Intel set aside $475 million to cover replacing the flawed processors. Some chips were turned in to key rings.
Moral: Data needs to be thoroughly checked not just instructions.
BUG 6: Wrong units
The Mars Climate Orbiter spent 10 months getting to Mars …where it promptly disintegrated. It passed too close to the planet’s atmosphere. The programmers assumed numbers were in pound-force seconds when they were actually in newton-seconds.
Moral: Clear documentation (including comments) really does matter.
BUG 5: Non-terminating loop
The spinning pizza of death is common. Your computer claims to be working hard, and puts up a progress symbol like a spinning wheel…forever. There are lots of ways that this happens. The simple version is that the program has entered a loop in a way that means the test to continue is never false. This took on a greater spin in the Fujitsu-UK Post Office Horizon system where bugs triggered the biggest ever miscarriage of justice. Hundreds of post masters were accused of stealing money because Horizon said they had. One of many bugs was that mid-transaction, the Horizon terminal could freeze. However, while in this infinite loop hitting any key duplicated the transaction, subtracting money again for every key press, not just the once for the stamp being bought.
Moral: Clear loop structure matters – where loops only exit via of one clear (and reasoned correct) condition.
BUG 4: Storing a big number in a small space
The first Ariane 5 rocket exploded at a cost of $500 million 40 seconds after lift-off. Despite $7 billion spent on the rocket, the program stored a 64 bit floating point number in to a variable that could only hold a 16 bit integer.
Moral: Strong type systems are there to help not hinder. Use languages without them at your peril.
BUG 3: Memory Leak
Memory leaks (forgetting to free up space when done with) are responsible for many computer problems. The Firefox browser had one. It was infamous because Firefox (implausibly) claimed their program had no memory leaks.
Moral: If your language doesn’t use a garbage collector then you need to be extra careful about memory management.
BUG 2: Null pointer errors
Tony Hoare who invented the null pointer (a pointer that points nowhere) called it his “billion-dollar” mistake because programmers struggle to cope with it. Null pointer bugs crash computers, give hackers ways in and generally cause chaos.
Moral: Avoid null pointers and do not rely on just remembering to check for them.
BUG 1: Buffer overflow
The Morris Worm, an early Internet worm, came close to shutting down the Internet. It used a buffer overflow bug in network software to move from computer to computer shutting them down. Data was stored in a buffer but store too much and it would just be placed in the next avaialbale location in memory so could overwrite the program with new code.
Moral: Array-like data structures need extra care. Always triple check bounds are correct and that the code ensures overflows cannot happen
BUG 0: Buffer overflow
Arrays in many languages start from position 0. This means the last position is one less than the length of the array. Get it wrong… as every novice (and expert) programmer does at some point … and you run off the end. Oddly (in Europe), we have no problem in a lift pressing 1 to go to the second floor up. In other situations, count from 0 and you do one too many things. Did I say 10 bugs…OOPS!
Moral: Think hard about every loop counter in your program.
The number 1 moral from all of this is that thorough testing matters a lot. Just trying a program a few times is not enough. In fact thorough testing is not enough either. You also need code walkthroughs, clear logical thinking about your code, formal reasoning tools where they exist, strong type systems, good commenting, and more. Most of all programmers need to understand their code will NOT be correct and they must put lots of effort into finding bugs if crucial ones are not to be missed. knowing the kinds of mistakes everyone makes, and being extra vigilant about them, is a good start.
And that is the end of my top 10 bugs…until the next arrogant, over-confident programmer causes the next catastrophe.
Magazines …
More on …
EPSRC supports this blog through research grant EP/W033615/1,
cs4fn 