Their argument was along the lines of “The requirements and design don’t specify what should happen if you move and delete at the same time so it can’t be a bug. Behavior that doesn’t violate the design but also doesn’t lead to the result the user wanted is a user error”. My argument was that we can’t always specify the interaction between arbitrary features other than “If the user does two things at once, at least one of them should be executed, ideally both” and “the program shouldn’t crash just because the user did something unexpected”. Otherwise our design document would be ten times as long.
Yeah, that’s basically the kind of logic you use when designing a low-level programming language: If we didn’t define what happens here then anything that happens is correct behavior and it’s up to the user to avoid it.
Of course applying that logic to a GUI application intended for a comparatively nontechnical audience is utter madness.
That’s the kind of logic people historically used when designing low level programming languages. It’s not the kind of logic you should use or that people nowadays usually do use. Undefined behavior is widely seen as a Bad Thing in the programming language design community.
Oh, don’t get me wrong, I fully agree. Undefined behavior is terrible UX and a huge security risk.
Undefined behavior was kind of okay when RAM and storage were measured in kilobytes and adding checks for this stuff was noticeably expensive. That time has passed, though, and modern developers have no business thinking like that, even ones working on low-level languages.
Hey, the design specs never said the program shouldn’t blast out and air raid siren at full volumn every time the user clicks a button. Cannot be a bug, must be user error.
Software for a medical device. Everything needs to be done exactly right and documented in three different places or else the regulatory agencies from at least three countries get really angry at you and worst case pull your device from circulation. Less cowardice and more cover your ass. Still annoying though.
Their argument was along the lines of “The requirements and design don’t specify what should happen if you move and delete at the same time so it can’t be a bug. Behavior that doesn’t violate the design but also doesn’t lead to the result the user wanted is a user error”. My argument was that we can’t always specify the interaction between arbitrary features other than “If the user does two things at once, at least one of them should be executed, ideally both” and “the program shouldn’t crash just because the user did something unexpected”. Otherwise our design document would be ten times as long.
Yeah, that’s basically the kind of logic you use when designing a low-level programming language: If we didn’t define what happens here then anything that happens is correct behavior and it’s up to the user to avoid it.
Of course applying that logic to a GUI application intended for a comparatively nontechnical audience is utter madness.
That’s the kind of logic people historically used when designing low level programming languages. It’s not the kind of logic you should use or that people nowadays usually do use. Undefined behavior is widely seen as a Bad Thing in the programming language design community.
Oh, don’t get me wrong, I fully agree. Undefined behavior is terrible UX and a huge security risk.
Undefined behavior was kind of okay when RAM and storage were measured in kilobytes and adding checks for this stuff was noticeably expensive. That time has passed, though, and modern developers have no business thinking like that, even ones working on low-level languages.
I should’ve phrased my comment differently.
That is the type of thinking that causes a massive amount of CVEs in those languages.
Hey, the design specs never said the program shouldn’t blast out and air raid siren at full volumn every time the user clicks a button. Cannot be a bug, must be user error.
I think that there is always an implied design requirement of the program shouldn’t crash.
You would think so, right? But that doesn’t have a requirement ID so apparently it can’t be referenced in the incident report.
Sounds like the devs are cowards. Or maybe their pay counts on it not being a bug
Software for a medical device. Everything needs to be done exactly right and documented in three different places or else the regulatory agencies from at least three countries get really angry at you and worst case pull your device from circulation. Less cowardice and more cover your ass. Still annoying though.
I see, so it’s a situation where catching the full blame can tank your career. Yeah, that makes sense.