Re: Multiple Linux Flaws Reported

Discussion in 'NZ Computing' started by pbs, Apr 24, 2004.

  1. pbs

    pbs Guest

    Enkidu wrote:
    > On Tue, 20 Apr 2004 20:42:18 +1200, Chris Hope
    > <> wrote:
    >
    >>There was also an interesting study done across various languages but I
    >>can't remember where that one came from either. It compared C++, Python,
    >>Java and a couple of others on specific projects and worked out how long it
    >>would take to code them and how many bugs on average there would be. It
    >>basically came down to the more concise languages (ie Python, which I've
    >>never coded with, but apparently does a lot with very few lines) being much
    >>faster to code with and requiring few fewer lines of code. And of course
    >>less code means less chance of bugs :)
    >>

    >
    > I'd say that was bogus. You could write quite a complicated one line
    > program that had more than one bug. Something with a complicated RE
    > would be a good example.
    >
    > There is no direct relationship between number of lines of code and
    > probable numbers of bugs, simply because bugs can overlay one another.
    > I've heard for example that IBM's MVS when first released was 2
    > million lines long and was estimated to contain 2 million bugs.
    > Obviously each line did not contain a bug. So that mean that bugs
    > contained multiple lines and bugs overlaid one another. It was common
    > (in the early MVS days) for a bug to be fixed only to reveal another
    > bug in the same area which was previously masked by the fixed bug.


    I think that you are both saying the same thing. A programs in C, C++,
    Perl, Python or Java, probably have the same number of lines of code in
    them. It is just that in some they are at application level and in some
    they are in libraries or in the compiler/interpreter. IMHO the number of
    initial bugs depends on the number of lines of code. In many application
    those lines are in (system/language) libraries and not application code.
    If the language has been around for a time the system libraries will
    have already been debugged.

    As most code is not written at the raw firmware level but relies on
    layers of software: firmware, an OS, a compiler and associated
    libraries. The more mature each of theses are the less likely there are
    to be bugs. There is a relationship between complexity, the age of the
    software and the number of bugs. The more complex a layer the more
    initial bugs. The older the layer the more bugs found.

    This all assumes that all the layers are written to functional
    specifications which have no mistakes, or ambiguities in them. As the
    old adage goes "Documentation is easy, it doesn't have to compile".

    --
    My computer does what I tell it to do not what I want it to do.
     
    pbs, Apr 24, 2004
    #1
    1. Advertising

  2. pbs

    Nihil Guest

    On Sun, 25 Apr 2004 10:33:09 +1200, pbs wrote:

    *snip*

    >> There is no direct relationship between number of lines of code and
    >> probable numbers of bugs, simply because bugs can overlay one another.


    *snip*

    > I think that you are both saying the same thing. A programs in C, C++,
    > Perl, Python or Java, probably have the same number of lines of code in
    > them. It is just that in some they are at application level and in some
    > they are in libraries or in the compiler/interpreter. IMHO the number of
    > initial bugs depends on the number of lines of code.


    Um, that's rather crude. Infact useless.

    You should instead be interested in cyclometric complexity which is
    essentialy a measure of the number of decisions and branches within code.

    --
    "...The anti-Christ, if you get me in a vendetta kinda mood... You can
    tell the angels in Heaven you never saw evil so singularly personified
    then in the face of the man who killed you..."
     
    Nihil, Apr 25, 2004
    #2
    1. Advertising

  3. pbs

    Enkidu Guest

    On Sun, 25 Apr 2004 14:56:59 +1200, Nihil <> wrote:

    >On Sun, 25 Apr 2004 10:33:09 +1200, pbs wrote:
    >
    >*snip*
    >
    >>> There is no direct relationship between number of lines of code and
    >>> probable numbers of bugs, simply because bugs can overlay one another.

    >
    >*snip*
    >
    >> I think that you are both saying the same thing. A programs in C, C++,
    >> Perl, Python or Java, probably have the same number of lines of code in
    >> them. It is just that in some they are at application level and in some
    >> they are in libraries or in the compiler/interpreter. IMHO the number of
    >> initial bugs depends on the number of lines of code.

    >
    >Um, that's rather crude. In fact useless.
    >
    >You should instead be interested in cyclometric complexity which is
    >essentialy a measure of the number of decisions and branches within code.
    >

    ....which will average out over a large number of programs to be
    loosely related to the number of lines, probably.

    What you are sort of saying is that complex programs are likely to
    have more bugs than simpler programs. But program of a similar
    complexity will contain bugs in proportion to their size.

    Cheers,

    Cliff
     
    Enkidu, Apr 25, 2004
    #3
  4. pbs

    Nihil Guest

    On Sun, 25 Apr 2004 16:05:55 +1200, Enkidu wrote:

    > On Sun, 25 Apr 2004 14:56:59 +1200, Nihil <> wrote:
    >
    >>On Sun, 25 Apr 2004 10:33:09 +1200, pbs wrote:
    >>
    >>*snip*
    >>
    >>>> There is no direct relationship between number of lines of code and
    >>>> probable numbers of bugs, simply because bugs can overlay one another.

    >>
    >>*snip*
    >>
    >>> I think that you are both saying the same thing. A programs in C, C++,
    >>> Perl, Python or Java, probably have the same number of lines of code in
    >>> them. It is just that in some they are at application level and in some
    >>> they are in libraries or in the compiler/interpreter. IMHO the number of
    >>> initial bugs depends on the number of lines of code.

    >>
    >>Um, that's rather crude. In fact useless.
    >>
    >>You should instead be interested in cyclometric complexity which is
    >>essentialy a measure of the number of decisions and branches within code.
    >>

    > ...which will average out over a large number of programs to be
    > loosely related to the number of lines, probably.


    Well you can average anything, but I think it's a naive way of looking at
    it.

    > But program of a similar complexity will contain bugs in proportion to their size.


    Not necessarly. Consider differences in cohesion and coupling as well.

    --
    ....check out the nametag.. you're in MY world now grandma...
     
    Nihil, Apr 25, 2004
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Lance
    Replies:
    0
    Views:
    764
    Lance
    Oct 31, 2004
  2. =?Utf-8?B?cHNhbG1pc3Q3?=

    same network-2 different strengths reported

    =?Utf-8?B?cHNhbG1pc3Q3?=, Nov 19, 2005, in forum: Wireless Networking
    Replies:
    1
    Views:
    460
    Ryan Younger
    Nov 20, 2005
  3. Ismaiel
    Replies:
    0
    Views:
    6,155
    Ismaiel
    Oct 26, 2004
  4. =?ISO-8859-1?Q?R=F4g=EAr?=

    Re: Microsoft Probing Reported Flaws In Windows XP SP2

    =?ISO-8859-1?Q?R=F4g=EAr?=, Nov 14, 2004, in forum: Computer Support
    Replies:
    3
    Views:
    372
  5. pbs

    Re: Multiple Linux Flaws Reported

    pbs, Apr 24, 2004, in forum: NZ Computing
    Replies:
    14
    Views:
    563
    Nihil
    Apr 27, 2004
Loading...

Share This Page