[aaronbeekay]

As somebody currently working at an automaker on software systems, the amazing thing to me is that a mess up of this level doesn’t happen weekly. It’s rough out here.

[jacquesm]

Thank you. At least you're honest about it, the other day someone was trying real hard to convince me that software developers at automakers are made of magic fairy dust.

[kalleboo]

I'm amazed anyone would argue that after the Toyota firmware analysis.

[jacquesm]

Check out the thread a couple of days ago:

https://news.ycombinator.com/item?id=38244149

[bozhark]

What's the priority then, telemetry data? Why is it rough out there?

[jacquesm]

Relatively crappy pay, complex toolchains, long build times, layer upon layer of (really bad) legacy code, badly specified (if they're specified) protocols between subsystems, subsystems that are completely opaque (no source code provided), homegrown OS's or older RTOS's, subset-of-C to keep it safe(r), tricky debugging environments and if you're really unlucky anemic hardware.

I hope I didn't miss anything but I wouldn't be surprised if I did.

[ahartmetz]

Yeah, I think you missed something. The "software architects, heavy enterprisey tooling, and minions" approach to development where some of the architects could be good developers, but they don't develop, and the minions are often not that good and also not given any autonomy, so they are in a state of learned helplessness and just do what they're told without much thinking or initiative. It results in over-abstracted, over-complicated, slow, unreliable, and sometimes just stupid code.

[jacquesm]

Fair enough, yes. That's hopefully not all of them though but I don't doubt that many of the older companies work like that.

[ahartmetz]

Most car companies are, in fact, quite old. Their big suppliers (who are often even worse at software, if you can believe that) are also quite old.

[reactordev]

Probably due to fires, failures, and fatigue.

[firtoz]

Games have AAA, autos have FFF

[foobiekr]

do you guys not have confirmed boot and swizzling to fallback images?

[AlotOfReading]

Automotive varies widely between "basically modern Linux systems with proper updates" and the most janky, home-grown update systems imaginable, sometimes even within the same components and teams.

[foobiekr]

Yah, I know from friends at ford and vw that there's still vxworks and qnx, but even there, good grief, a-b with confirmed boot is about as basic as you can get.

I confess I've seen incredible sloppiness about when a confirmation is done (too early, including in the initial init stages which is way too soon) and watchdogs (spawn off a process that has a while loop stroking the wd - just absolutely pointless).

[cozzyd]

I've seen kicking and petting the watchdog, but this is my first time seeing stroking

[LoganDark]

Sometimes the watchdog needs to have fun too, you know.

[WWLink]

I've heard all of the above, often "stroking". I never used those because I like systems where you have a random challenge code to respond to. Then the software has to not be acting as wonky to react correctly.

[ahartmetz]

From experience, QNX is actually very nice. I wouldn't say "still using QNX" like it's some crap that nobody would want.

[mips_r4300i]

Indeed, a good RTOS from 10-20 years ago works just as good now as it did back then. The only things that change are dev environments and the driver support.