Comment by henvic
6 years ago
1. You say like aircrafts are being manufactured by laymen. Despite all recent problems with Boeing, it's not the case. 2. Running a battery of formal proof tests is expensive and way more complicated than running a unit test suite for software. 3. Probably more complexity is required to solve this issue, and where is more complexity there, there might be more risk.
I'm not saying that this is even acceptable or a great trade-off, but the way you worded your comment is presumptuous.
We can't see what's in the box (since closed source), but I personally would be okay with this being a clearly laid out limitation, i.e. having a nice blinking red function comment saying "This integer will overflow if the system is up for more than 50 days, but due to hardware limitations we're unable to properly do X Y & Z with a 64 bit width integer on these subsystems."
If this issue is clearly identified and tested around that's alright, it isn't a huge deal to have to reboot periodically... I'm more concerned this issue is one of those "Oh well, it just... gets a bit off after fifty days - try rebooting it, that seems to fix it."