We programmers need all the help we can get, and we should never assume otherwise. Careful design is great. Testing is great. Formal methods are great. Code reviews are great. Static analysis is great. But none of these things alone are sufficient to eliminate bugs: They will always be with us. A bug can exist for half a century despite our best efforts to exterminate it. We must program carefully, defensively, and remain ever vigilant.

via: https://lukeplant.me.uk/blog/posts/breaking-provably-correct-leftpad/ via: https://buttondown.com/hillelwayne/archive/three-ways-formally-verified-code-can-go-wrong-in/