Self-healing code is the future of software development:
One of the more fascinating aspects of large language models is their ability to improve their output through self reflection. Feed the model its own response back, then ask it to improve the response or identify errors, and it has a much better chance of producing something factually accurate or pleasing to its users. Ask it to solve a problem by showing its work, step by step, and these systems are more accurate than those tuned just to find the correct final answer.
While the field is still developing fast, and factual errors, known as hallucinations, remain a problem for many LLM powered chatbots, a growing body of research indicates that a more guided, auto-regressive approach can lead to better outcomes.
This gets really interesting when applied to the world of software development and CI/CD. Most developers are already familiar with processes that help automate the creation of code, detection of bugs, testing of solutions, and documentation of ideas. Several have written in the past on the idea of self-healing code. Head over to Stack Overflow's CI/CD Collective and you'll find numerous examples of technologists putting this ideas into practice.
When code fails, it often gives an error message. If your software is any good, that error message will say exactly what was wrong and point you in the direction of a fix. Previous self-healing code programs are clever automations that reduce errors, allow for graceful fallbacks, and manage alerts. Maybe you want to add a little disk space or delete some files when you get a warning that utilization is at 90% percent. Or hey, have you tried turning it off and then back on again?
Developers love automating solutions to their problems, and with the rise of generative AI, this concept is likely to be applied to both the creation, maintenance, and the improvement of code at an entirely new level.
The ability of LLMs to quickly produce large chunks of code may mean that developers—and even non-developers—will be adding more to the company codebase than in the past. This poses its own set of challenges.
"One of the things that I'm hearing a lot from software engineers is they're saying, 'Well, I mean, anybody can generate some code now with some of these tools, but we're concerned about maybe the quality of what's being generated,'" says Forrest Brazeal, head of developer media at Google Cloud. The pace and volume at which these systems can output code can feel overwhelming. "I mean, think about reviewing a 7,000 line pull request that somebody on your team wrote. It's very, very difficult to do that and have meaningful feedback. It's not getting any easier when AI generates this huge amount of code. So we're rapidly entering a world where we're going to have to come up with software engineering best practices to make sure that we're using GenAI effectively."
"People have talked about technical debt for a long time, and now we have a brand new credit card here that is going to allow us to accumulate technical debt in ways we were never able to do before," said Armando Solar-Lezama, a professor at the Massachusetts Institute of Technology's Computer Science & Artificial Intelligence Laboratory, in an interview with the Wall Street Journal. "I think there is a risk of accumulating lots of very shoddy code written by a machine," he said, adding that companies will have to rethink methodologies around how they can work in tandem with the new tools' capabilities to avoid that.
[Editor's Comment: Much more discussion follows in the linked article.--JR]
(Score: 2) by Opportunist on Friday June 09, @10:44AM (3 children)
Why do I suddenly have to think of the episode "The Doctor Dances"?
(Score: 3, Interesting) by Mojibake Tengu on Friday June 09, @11:34AM (2 children)
No worries, soon they will invent software apoptosis and software cancer too.
The edge of 太玄 cannot be defined, for it is beyond every aspect of design
(Score: 2) by Freeman on Friday June 09, @04:21PM (1 child)
I'm pretty sure you're just missing the connections between those and pop-ups and malware.
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
(Score: 2) by Mojibake Tengu on Saturday June 10, @11:36AM
Actually, I had kernel drivers written in Rust on my mind...
The edge of 太玄 cannot be defined, for it is beyond every aspect of design
(Score: 5, Insightful) by acid andy on Friday June 09, @10:45AM (5 children)
You're not kidding! At least money supply and human abilities limited the pace of crappy code creation in the past. This will do to software what Eternal September and later the dot com boom did to internet discourse. But faster.
As for the automated bug fixing, I can really see this hiding the original bug so people think it's gone away, but at the same time breaking the algorithm further in ways that won't be noticed until later. Not much of a big deal for a casual game but they better not let this stuff anywhere near software that handles personal information, financial transactions, health care -- you get the idea.
It reminds me a bit of Visual Basic coders using "On Error Resume Next" which used carelessly would silently hide errors without fixing any underlying causes.
Master of the science of the art of the science of art.
(Score: 1, Insightful) by Anonymous Coward on Friday June 09, @01:47PM
> ... financial transactions,
All the more reason to get paper statements and store them, at least for any accounts that you care about.
(Score: 4, Interesting) by JoeMerchant on Friday June 09, @06:23PM (2 children)
>they better not let this stuff anywhere near software that handles personal information, financial transactions, health care --
you think they care? Financial transactions are the worst, as far as my experience goes. The firm I interviewed with hires a revolving door of college kids to do the coding, all they care about is lowest cost of operations - after all: they're financially focused.
Personal Information? HIPAA, as practiced, is a BS shield to keep prying eyes out of business operations, if anything it is hindering auditing of how personal health information is actually handled.
Due care in handling of other personal information? Surely you're joking.
Health care? I work for a Med Device company. We make so much money under business as usual we're more than happy to comply with all sorts of regulations (as a barrier to entry for potential competitors) and we do actually take "due care" when it comes to being reasonably sure our devices and their software are safe and effective for their intended uses. On the other side of the coin, in the hospitals, clinics, and doctors' offices, it's another show altogether. Picture the Keystone Cops re-told by Leslie Nielsen with vignettes of the most absurd scenes from the Pink Panther, My Big Fat Greek Wedding, and Animal House, with a thin veneer of professionalism easily penetrated as soon as you ask a real question about how things work.
Україна досі не є частиною Росії Слава Україні🌻 https://www.pravda.com.ua/eng/news/2023/06/24/7408365/
(Score: 1, Funny) by Anonymous Coward on Friday June 09, @07:51PM (1 child)
I'm picturing students carrying USB sticks between institutions with identifiable images of patients' intimate areas. In fact I don't have to picture that hard even.
(Score: 0) by Anonymous Coward on Sunday June 11, @07:22AM
So the risks aren't that high in practice but some dumb med students/staff might spread some celebrity's photos or dox em...
(Score: 2) by Ox0000 on Friday June 09, @07:23PM
You are more insightful than you originally realized!
(Score: 2) by inertnet on Friday June 09, @11:44AM (2 children)
I'm sure "auto correct for code" can be useful, but chances are that people will come to rely on it. Like people becoming careless while driving their car because it has lane assist, emergency braking, proximity warning and what have you.
And let's hope that it doesn't turn into Apple's "auto corrupt" as someone here consicely described their auto correct.
(Score: 3, Funny) by istartedi on Friday June 09, @04:00PM (1 child)
For extra grins and giggles, you can instruct the machine with voice wreck ignition.
Good job, machine. I'm going to lunch with Mrs. Dow.
Machine: OK, LAUNCHING THE MISSILES NOW.
Appended to the end of comments you post. Max: 120 chars.
(Score: 0) by Anonymous Coward on Friday June 09, @07:53PM
Hard to give a +1 for that stretch, Mr. WhatRhymesWithMyFunnyPunchine. Sorry.
(Score: 2, Insightful) by Anonymous Coward on Friday June 09, @12:47PM (3 children)
No, it isn't.
(Score: 4, Funny) by PiMuNu on Friday June 09, @12:55PM (2 children)
Or worse still, maybe it is.
(Score: 1, Informative) by Anonymous Coward on Friday June 09, @01:53PM
The last link, https://blog.developer.adobe.com/self-healing-code-a-journey-through-auto-remediation-60367eea312 [adobe.com]
sure looks like these folks at Adobe think it is. But (to me), the article reads like a bunch of kids in a candy store, not something that has been really thought through.
Ref: https://dictionary.cambridge.org/us/dictionary/english/be-like-a-kid-in-a-candy-store [cambridge.org]
Speaking of Adobe, what's the last version of Acrobat Reader for Windows that makes sense (the recent ones seem to auto update and lose features).
(Score: 0) by Anonymous Coward on Friday June 09, @08:31PM
But who will heal the healers?
(Score: 4, Insightful) by JoeMerchant on Friday June 09, @02:51PM (6 children)
...that error message will say exactly what the developer thinks might be wrong and point you in the direction of a fix.
If your software is actually good instead of just being a little good, the developer has already exhausted their knowledge of what could go wrong and honestly won't have a clue about the actual problems that crop up later.
This all comes back around to requirements specification. If you can specify good formal requirements, you don't need good coders you just need a dedicated team that will code, test, and fix until the "perfect" requirements are all met and then you will have perfect software. Example:
Requirements:
1. The subroutine will return the factorial of the passed int32 parameter as an int64 result.
2. The subroutine will handle input cases from 0 up to the any number whose factorial can be stored in a int64.
3. For inputs less than 1, the subroutine will return -1
4. For inputs too high to store the result in an int64, the subroutine will return -2
If that's all you want your software to do, those are relatively complete requirements, but the definition of how to compute factorials is left out. Imperfect humans (or large language models) might assume incorrectly that the factorial of 0 is 0, or have other problems like not knowing how to evaluate the really large results that don't fit in an int32 but do fit in an int64...
It is in bridging those gaps in the specification that programmers and testers add the most value to software.
Україна досі не є частиною Росії Слава Україні🌻 https://www.pravda.com.ua/eng/news/2023/06/24/7408365/
(Score: 2) by Thexalon on Friday June 09, @03:04PM (5 children)
And I'll also note that a good programmer will point out that your requirements are less than ideal due to uselessly throwing away nearly half of the numbers that can be represented by a 64-bit number because of your use of negative results as error codes, rather than taking advantage of exception mechanisms and using an unsigned 64-bit number instead for the response.
The only thing that stops a bad guy with a compiler is a good guy with a compiler.
(Score: 4, Touché) by bzipitidoo on Friday June 09, @03:41PM (3 children)
Pedant time! In this particular case, you're not throwing anything away. 20! < 2^63 and 21! > 2^64.
Okay, factorials weren't the best example. I've noticed this problem with complicated coding concepts. Can take a lot of code, a large example or two, to really show something. Many examples don't measure up.
(Score: 3, Interesting) by JoeMerchant on Friday June 09, @04:22PM
Thank you, I left that particular point for somebody to prick themselves on... was too lazy to see if I missed one factorial point or none, but whatever it was, it wasn't going to be many.
I also have a pet peeve over people who _think_ that they don't need negative numbers, use an unsigned variable type, then cause endless headaches when that unsigned variable type needs to interface with other functions the _do_ need negative numbers.
In this case, I employ two of the negative numbers to communicate error conditions back, which I find preferable to adding another variable to the system, but it's purely a matter of preference. A pattern that passes a reference to an enum with the success/failure states described in that enum is more generally applicable.
Україна досі не є частиною Росії Слава Україні🌻 https://www.pravda.com.ua/eng/news/2023/06/24/7408365/
(Score: 3, Insightful) by inertnet on Friday June 09, @08:00PM (1 child)
Not the best example because one could create a lookup array for those 20 factorials at program start and not call the function every time you need a factorial. Better yet, create the array and hold it local in the function the first time the function is called, and use the array for every other call. With an out of bounds check of course.
(Score: 2) by bzipitidoo on Saturday June 10, @11:41PM
Yes, when it's just 20 items, a lookup table makes a lot of sense.
The thing about factorials is that they're more useful for reasoning than calculations. For instance, a formula for the value of a binomial (n choose c) is n!/(c!(n-c)!). Computer code should not actually compute those factorials, because those intermediate values are apt to overflow, and then the program won't be able to produce the values of a whole lot of binomials that do fit in 64bits or whatever size is being used.
(Score: 3, Interesting) by JoeMerchant on Friday June 09, @04:31PM
>than taking advantage of exception mechanisms
You mean magic error-makes-a-goto mechanisms? No, thank you. I have worked with large code bases that use exceptions, and large code bases that don't. I have far less trouble maintaining code that doesn't use try-catch and similar constructs. It's not that the mechanisms themselves are inherently evil, or flawed, it's the way in which they are generally used that is: flawed, evil, and sometimes wickedly brutal in causing significant system failures when a warning message in a log file would have been just fine, thank you.
See the other reply thread for what I think of people who use unsigned numbers because they think they're smarter than they actually are.
Україна досі не є частиною Росії Слава Україні🌻 https://www.pravda.com.ua/eng/news/2023/06/24/7408365/
(Score: 5, Interesting) by bzipitidoo on Friday June 09, @03:35PM (10 children)
Bad terminology strikes again! What the heck do they mean by "self-healing"? Going over your own code to fix bugs is not "self-healing". Likewise with a chat bot going over code it created. If it evaluated itself, and made improvements, even that shouldn't be called "self-healing". That's "self-improvement" not "self-healing". "Healing" is the restoration of a system to a known working state, not the addition of enhancements or improvements. If you're "healing" a computer system, you're removing viruses, defragmenting hard drives, clearing out old logs and caches, flushing print queues, restarting services and hardware that's gotten stuck, restoring configurations to factory settings, and all that sort of thing.
I have heard of compilers that can figure out and work around simple syntax errors, such as a forgotten semicolon. It inserts the missing syntax and keeps going. That's not self-healing either.
(Score: 2) by istartedi on Friday June 09, @04:10PM (7 children)
Yeah, "self healing" is cringe. I thought IBM marketing invented it, but I could be wrong.
If I were going to try and define it, I'd say you could have a self-healing system if the known good parts were capable of manipulating the known bad parts, like say a script running on a separate machine could be part of such a system. The script could (rather than just monitor uptime) remotely re-start services, apply security patches, etc. I'd call that "automated administration" though.
Appended to the end of comments you post. Max: 120 chars.
(Score: 2) by acid andy on Friday June 09, @06:24PM (4 children)
Yeah the phrase certainly suggests to me patches being automatically applied to running code, a bit like the phrase "self-modifying code". I'm imagining it traps an error at runtime, calls into an AI library and patches itself without stopping execution. I'm sure there are all sorts of reasons why that would be a bad idea though.
Master of the science of the art of the science of art.
(Score: 2) by istartedi on Friday June 09, @07:04PM (3 children)
I wrote some self-modifying code in a college course and the TA marked me down for being "clever but not practical" or something like that. As the years went by, I tend to agree with that decision. Early on, I thought code "tricks" were cool but then you realize tricks are *tricky*.
Appended to the end of comments you post. Max: 120 chars.
(Score: 0) by Anonymous Coward on Friday June 09, @08:55PM (2 children)
I recall reading about a bug that caused a large system to crash intermittently after they upgraded from 16- to 32-bit hardware. After spending $$$ and months tracking it down - with outside consultants - they found the problem was a cute initialize-2-variables-to-0-for-the-price-of-1 trick that depended on 16-bit integer size. Most of the time, the assigned memory in 32-bit integer was zero but occasionally it was non-zero ===> weird crashes.
(Score: 2) by istartedi on Friday June 09, @09:06PM (1 child)
I like to refer to these as "Yet another unintentional pseudo-random number generator".
So I'm thinking what they did was type punning maybe?
Appended to the end of comments you post. Max: 120 chars.
(Score: 2) by istartedi on Friday June 09, @11:46PM
Ooops. Forgot to dereference it. Well, it's bad and it's awful so of course; but y'all get the idea.
Appended to the end of comments you post. Max: 120 chars.
(Score: 2) by quietus on Saturday June 10, @10:55AM (1 child)
There was indeed a section on 'self-healing networks' on IBM's DeveloperWorks website in the early 2000s.
(Score: 2, Interesting) by Late on Saturday June 10, @05:13PM
Andrew Tanenbaum gave a talk at FOSDEM entitled A Modular, Self- Healing POSIX-compatible Operating System. If I remember rightly Minix 3 is "self healing" in the sense that it will restart if it reaches an invalid state rather than panic frozen. Maybe there was more to it than that.
In its favor Minix is minimal.
If the future of corporate software development becomes some combination of pushing the button to tell the machine to generate and tidying up the result*, with result being beyond our ability to begin to comprehend, maybe people will want to dust off Minux, Plan 9, minimal Scheme interpreters, etc. Even now, simply maintaining a couple tens of thousands of lines of Perl that's gotten out of hand and that interacts with a Linux userland that's in my opinion shambling over a cliff of complications, I'm finding my default state as a developer mostly to be one of paralytic haze. Reading or working on anything clear, simple, and elegant is a huge breath of fresh air. Maybe we'll be called luddites but for those who still like programming these well designed smaller hobbiest or educational systems might give some relief. Call it Oberon therapy. Heal the coder and the code may improve.
* I have this idea of a code editor (that being a person) from the concern of David Goodman, head of the Writers Guild of America, in a recent interview with Ralph Nader, that writers will be few in number and their job become wrangling the mess that LLMs "barf out" (his words) into something half watchable, with the studio's goal being to further reduce money and number of open positions for writers.
(Score: 2) by Thexalon on Friday June 09, @09:26PM
What they mean by "self-healing" is "Venture capitalists! Yoo-hoo, over here! The thing I'm talking about is buzzword compliant, you should give me millions of dollars with minimal accountability for the next year or two!"
The only thing that stops a bad guy with a compiler is a good guy with a compiler.
(Score: 2) by hendrikboom on Thursday June 15, @11:46AM
I've used compilers that can make changes when there's a syntax error - changes like inserting a semicolon.
Those compilers often do it wrong.
(Score: 2) by sjames on Friday June 09, @10:53PM (1 child)
After the 5th reported bug that turned out to be PEBKAC, AI decides to work on the problem. Solution found...
Computer: "I've just picked up a fault in the AE-35 unit. It's going to go 100 percent failure within 72 hours."
(Score: 2) by Freeman on Sunday June 11, @08:08PM
PEBKAC may assume a human user, but we can look forward to a nice bright future of robots interfacing with touchpads or the like.
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
(Score: 3, Insightful) by jb on Saturday June 10, @06:26AM
I beg to differ. It's very easy -- in that situation the correct feedback is "learn to write a patch before submitting one". Except in a few VERY RARE circumstances, submitting a 7,000 line diff is just asking for it to be rejected. Either the programmer was too lazy to split his work up into discrete chunks for review (most likely), or if it can't be split up then it's probably chock-a-block full of cross-cutting concerns / tight coupling, so isn't worth the platter it's written on (also quite possible), or perhaps he's going for the world record of "least efficient algorithm". It doesn't matter whether the programmer is a person or a LLM. Anywhere sane insists that programmers meet reasonable SE standards. Lowering SE standards to meet the capabilities of underwhelming programmers (whether human or electronic) is not a viable option if you care at all about things like software quality, maintainability, etc.
(Score: 2) by Frosty Piss on Saturday June 10, @06:54AM (1 child)
"Self healing" code is the future of Black Hat hackers.
(Score: 0) by Anonymous Coward on Saturday June 10, @11:58AM
> Hacker's Drlight
Any idea why the Firefox spell checker works inside the SoylentNews compose "Comment" box...but not in the single line "Subject" box? Right clicking on Drlight gives me Delight for one possible correction.
I don't use any sort of completion or error correction, but I do use the spell checker (which underlines in red). I'm not the best typist or speller, and I sometimes copy/paste my "subject" line into the Comment box to spell check it.