Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > NZ Computing > Re: Multiple Linux Flaws Reported

Reply
Thread Tools

Re: Multiple Linux Flaws Reported

 
 
pbs
Guest
Posts: n/a
 
      04-24-2004
Enkidu wrote:
> On Tue, 20 Apr 2004 20:42:18 +1200, Chris Hope
> <(E-Mail Removed)> wrote:
>
>>There was also an interesting study done across various languages but I
>>can't remember where that one came from either. It compared C++, Python,
>>Java and a couple of others on specific projects and worked out how long it
>>would take to code them and how many bugs on average there would be. It
>>basically came down to the more concise languages (ie Python, which I've
>>never coded with, but apparently does a lot with very few lines) being much
>>faster to code with and requiring few fewer lines of code. And of course
>>less code means less chance of bugs
>>

>
> I'd say that was bogus. You could write quite a complicated one line
> program that had more than one bug. Something with a complicated RE
> would be a good example.
>
> There is no direct relationship between number of lines of code and
> probable numbers of bugs, simply because bugs can overlay one another.
> I've heard for example that IBM's MVS when first released was 2
> million lines long and was estimated to contain 2 million bugs.
> Obviously each line did not contain a bug. So that mean that bugs
> contained multiple lines and bugs overlaid one another. It was common
> (in the early MVS days) for a bug to be fixed only to reveal another
> bug in the same area which was previously masked by the fixed bug.


I think that you are both saying the same thing. A programs in C, C++,
Perl, Python or Java, probably have the same number of lines of code in
them. It is just that in some they are at application level and in some
they are in libraries or in the compiler/interpreter. IMHO the number of
initial bugs depends on the number of lines of code. In many application
those lines are in (system/language) libraries and not application code.
If the language has been around for a time the system libraries will
have already been debugged.

As most code is not written at the raw firmware level but relies on
layers of software: firmware, an OS, a compiler and associated
libraries. The more mature each of theses are the less likely there are
to be bugs. There is a relationship between complexity, the age of the
software and the number of bugs. The more complex a layer the more
initial bugs. The older the layer the more bugs found.

This all assumes that all the layers are written to functional
specifications which have no mistakes, or ambiguities in them. As the
old adage goes "Documentation is easy, it doesn't have to compile".

--
My computer does what I tell it to do not what I want it to do.
 
Reply With Quote
 
 
 
 
Nihil
Guest
Posts: n/a
 
      04-25-2004
On Sun, 25 Apr 2004 10:33:09 +1200, pbs wrote:

*snip*

>> There is no direct relationship between number of lines of code and
>> probable numbers of bugs, simply because bugs can overlay one another.


*snip*

> I think that you are both saying the same thing. A programs in C, C++,
> Perl, Python or Java, probably have the same number of lines of code in
> them. It is just that in some they are at application level and in some
> they are in libraries or in the compiler/interpreter. IMHO the number of
> initial bugs depends on the number of lines of code.


Um, that's rather crude. Infact useless.

You should instead be interested in cyclometric complexity which is
essentialy a measure of the number of decisions and branches within code.

--
"...The anti-Christ, if you get me in a vendetta kinda mood... You can
tell the angels in Heaven you never saw evil so singularly personified
then in the face of the man who killed you..."
 
Reply With Quote
 
 
 
 
Enkidu
Guest
Posts: n/a
 
      04-25-2004
On Sun, 25 Apr 2004 14:56:59 +1200, Nihil <(E-Mail Removed)> wrote:

>On Sun, 25 Apr 2004 10:33:09 +1200, pbs wrote:
>
>*snip*
>
>>> There is no direct relationship between number of lines of code and
>>> probable numbers of bugs, simply because bugs can overlay one another.

>
>*snip*
>
>> I think that you are both saying the same thing. A programs in C, C++,
>> Perl, Python or Java, probably have the same number of lines of code in
>> them. It is just that in some they are at application level and in some
>> they are in libraries or in the compiler/interpreter. IMHO the number of
>> initial bugs depends on the number of lines of code.

>
>Um, that's rather crude. In fact useless.
>
>You should instead be interested in cyclometric complexity which is
>essentialy a measure of the number of decisions and branches within code.
>

....which will average out over a large number of programs to be
loosely related to the number of lines, probably.

What you are sort of saying is that complex programs are likely to
have more bugs than simpler programs. But program of a similar
complexity will contain bugs in proportion to their size.

Cheers,

Cliff
 
Reply With Quote
 
Nihil
Guest
Posts: n/a
 
      04-25-2004
On Sun, 25 Apr 2004 16:05:55 +1200, Enkidu wrote:

> On Sun, 25 Apr 2004 14:56:59 +1200, Nihil <(E-Mail Removed)> wrote:
>
>>On Sun, 25 Apr 2004 10:33:09 +1200, pbs wrote:
>>
>>*snip*
>>
>>>> There is no direct relationship between number of lines of code and
>>>> probable numbers of bugs, simply because bugs can overlay one another.

>>
>>*snip*
>>
>>> I think that you are both saying the same thing. A programs in C, C++,
>>> Perl, Python or Java, probably have the same number of lines of code in
>>> them. It is just that in some they are at application level and in some
>>> they are in libraries or in the compiler/interpreter. IMHO the number of
>>> initial bugs depends on the number of lines of code.

>>
>>Um, that's rather crude. In fact useless.
>>
>>You should instead be interested in cyclometric complexity which is
>>essentialy a measure of the number of decisions and branches within code.
>>

> ...which will average out over a large number of programs to be
> loosely related to the number of lines, probably.


Well you can average anything, but I think it's a naive way of looking at
it.

> But program of a similar complexity will contain bugs in proportion to their size.


Not necessarly. Consider differences in cohesion and coupling as well.

--
....check out the nametag.. you're in MY world now grandma...
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Three Flaws Surface For Firefox Jay Calvert Firefox 0 02-11-2005 01:11 PM
Re: Microsoft Probing Reported Flaws In Windows XP SP2 =?ISO-8859-1?Q?R=F4g=EAr?= Computer Support 3 11-14-2004 08:50 PM
Backup Error: The device reported an error on a request to write data to media. Error reported: bad data. Ismaiel Computer Support 0 10-26-2004 11:42 AM
Security Flaws Bounty Program Tony Raven Firefox 0 08-03-2004 08:01 AM
Re: Multiple Linux Flaws Reported pbs NZ Computing 14 04-27-2004 10:33 PM



Advertisments