zlacker

[parent] [thread] 2 comments
1. whatev+(OP)[view] [source] 2023-07-02 01:22:03
There is never sufficient testing. If there is, then you have a formal proof for your algorithm.
replies(1): >>kybern+cR
2. kybern+cR[view] [source] 2023-07-02 11:45:54
>>whatev+(OP)
Beware of bugs in the above code; I have only proved it correct, not tried it. – Donald Knuth

It's not just hypothetical either. There was a bug in a sorting algorithm a few years back that had been 'proved' correct. I think it was to do with numbers wrapping, and that hadn't been considered in the mathematical proof.

replies(1): >>Regic+LF1
◧◩
3. Regic+LF1[view] [source] [discussion] 2023-07-02 17:41:46
>>kybern+cR
WPA2 also had an exploit (KRACK) while the handshake algorithm itself was "proven to be secure". Formal verification is a powerful tool but it does not guarantee bug-free code: it merely guarantees that the particular bugs you checked for are not possible.
[go to top]