<div dir="ltr"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">I also put a lot of blame on C, it was a terrific language when<br>compiling had to be fast. Basically macro assembler. Now the utility<br>of being 'close to HW' is gone, as the CPU does so much C compiler has<br>no control over, it's not really even executing the same code<br>as-written anymore. MSFT estimated >70% of their bugs are related to<br>memory safety. We could accomplish significant improvements in<br>software quality if we'd ditch C and allow the computer to do more<br>formal correctness checks at compile time and design languages which<br>lend towards this.<br></blockquote><div><br></div><div>Agree 1000%. I think this is greatly compounded by current generations of programmers who come out of school without having had much experience with low level memory management, having mostly worked in more modern languages that handle such things in a much better way. Moving from college Python to mature C code with a hellscape of pointers must be a pretty jarring transition. :) </div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Nov 17, 2020 at 1:56 AM Saku Ytti <<a href="mailto:saku@ytti.fi">saku@ytti.fi</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On Tue, 17 Nov 2020 at 03:40, Sabri Berisha <<a href="mailto:sabri@cluecentral.net" target="_blank">sabri@cluecentral.net</a>> wrote:<br>
<br>
Hey Sabri,<br>
<br>
> Also, in the case that I described it wasn't a Junos device. Makes me wonder how bugs<br>
> like that get introduced. One would expect that after 20+ years of writing BGP code,<br>
> handling a withdrawl would be easy-peasy.<br>
<br>
I don't think this is related to skill, that there was some hard<br>
programming problem that DE couldn't solve. These are honest mistakes.<br>
I've not experienced in my tenure the frequency of these bugs change<br>
at all, NOS are as common now as they were in the 90s.<br>
<br>
I put most of the blame on the market, we've modelled commercial<br>
router market so that poor quality NOS is good for business and good<br>
quality NOS is bad for business, I don't think this is in anyone's<br>
formal business plan or that companies even realise they are not even<br>
trying to make good NOS. I think it's emergent behaviour due to the<br>
market and people follow that market demand unknowingly.<br>
If we suddenly had one commercial NOS which is 100% bug free, many of<br>
their customers would stop buying support, would rely on spare HW and<br>
Internet forums for configuration help. Lot of us only need contracts<br>
to deal with novel bugs all of us find on a regular basis, so good NOS<br>
would immediately reduce revenue. For some reason Windows, macOS or<br>
Linux almost never have novel bugs that the end user finds and when<br>
those are found, it's big news. While we don't go a month without<br>
hitting a novel bug in one of our NOS, and no one cares about it, it's<br>
business as usual.<br>
<br>
I also put a lot of blame on C, it was a terrific language when<br>
compiling had to be fast. Basically macro assembler. Now the utility<br>
of being 'close to HW' is gone, as the CPU does so much C compiler has<br>
no control over, it's not really even executing the same code<br>
as-written anymore. MSFT estimated >70% of their bugs are related to<br>
memory safety. We could accomplish significant improvements in<br>
software quality if we'd ditch C and allow the computer to do more<br>
formal correctness checks at compile time and design languages which<br>
lend towards this.<br>
<br>
<br>
We constantly misattribute problems (like in this post) to config or<br>
HW, while most common reasons for outages are pilot error and SW<br>
defect, and very little engineering time is spent on those. And often<br>
the time spent improving the two first increases the risk of the two<br>
latter, reducing mean availability over time.<br>
<br>
<br>
-- <br>
++ytti<br>
</blockquote></div>