On Wed, 25 Oct 2023 at 12:11, Thomas Passin via Python-list <python-list@python.org> wrote: > This doesn't mean that no program can ever be proven to halt, nor that > no program can never be proven correct by formal means. Will your > program be one of those? The answer may never come ...
Indeed, and I would go further and say that, in any non-trivial system, it is impossible to completely 100% prove that it is perfectly correct. Sometimes you might have perfect mathematics and software, but only subject to certain assumptions about the environment. Or about the users. More commonly, you build a system so that failure becomes vanishingly unlikely. Take space flight as an example. Computers have been vital to the safety of human lives in space pretty much since humans have been going to space at all. How do you make sure that the Apollo Guidance Computer works correctly when you need it to? Multiple layers of protection. Error correcting memory, redundant systems, and human monitoring, plus the ability to rewrite the guidance software on the fly if they needed to. Even when people are being sent to the moon, you can't completely guarantee that the software is perfect, so you add other layers to give greater protection. (And more recently, both India's "Chandrayaan 2" and Japan's "Hakuto-R" unmanned moon missions crash-landed due to software issues. A half century of improvements hasn't changed the fundamental fact that building a perfect system is basically impossible.) So is all hope lost? No. We learn from our mistakes, we add more layers. And ultimately, we test until we're reasonably confident, and then go with it, knowing that failures WILL happen. Your goal as a programmer isn't to prevent failure altogether - if it were, you would never be able to achieve anything. Your goal is to catch those failures before they cause major issues. 1. Catch the failure as you're typing in code. Done, fixed, that's what the Backspace key is for. 2. Catch the failure as you save. We have a lot of tools that can help you to spot bugs. 3. Catch the failure before you commit and push. Unit tests are great for this. 4. Catch the failure collaboratively. Other developers can help. Or you can use automated tests that run on a bot farm, checking your code on a variety of different systems (see for example Python's buildbots). 5. Catch the failure in alpha. Release to a small number of willing users first. They get rewarded with cool new features before everyone else does, in return for having fewer guarantees. 6. If all else fails, catch the failure before it kills someone. Design your system so that failures are contained. That's easier for some than others, but it's part of why I've been saying "system" here rather than "program". Eff up like it's your job. https://thedailywtf.com/articles/eff-up-like-it-s-your-job ChrisA -- https://mail.python.org/mailman/listinfo/python-list