Too Darned Big to Test?

gManZboy writes "In part 2 of its special report on Quality Assurance (part 1) Queue magazine is running an article from Keith Stobie, a test architect in Microsoft's XML Web Services group, about the challenges one faces in trying to test against large codebases."

Got an idea

[johansalk]

Maybe they can take a clue from other large code projects and open source it?

Re:Got an idea

[MarkRose]

Open-sourcing a project will do little to nothing in regards to testing. First, there is often little to no insentive to attract open-source developers. Second, a poor design is a poor design, and those in charge are highly unlikely to through a working design out (two rare exceptions are Apple's move to Mac OS X and Microsoft's move to NT). Third, open-source developers frequently have no insentive to test -- testing is boring and labourous. And while the occasional person may fix the occasional bug, on the whole, opening the source a product for testing purposesly is almost always a fruitless exercise.

Re:Got an idea

[oirtemed]

Yes. It's a wonder why we even have packages like bugzilla anyhow. Nobody tests and reports bugs in opensource software. Ever. Nobody fixes them, either. Ever.

Re:Got an idea

[MarkRose]

I've found bugs in OSS before. I've reported them, and they've been fixed. Remember that people don't have unlimited time, and that your itch itches less than their own. If you are unwilling to write the fix yourself, what real insentive to they have to scratch your itch first? Have you tried putting a bounty on the bug you want resolved, such as cash?

Complaining about bug-fixing in volunteer maintained software is like complaining that no one picks the litter up in front of your house.

Re:Got an idea

[Skye16]

Psst! He was being sarcastic!

Re:Got an idea

[MarkRose]

It seemed more flamebaitish to me.

Re:Got an idea

[SunPin]

It seemed more flamebaitish to me.

No. Seriously. It was sarcasm. Perhaps you have never read a flamebait comment before?

Re:Got an idea

[Skye16]

Wait wait wait, I have one!

Flamebait: Linux sucks!
Flamebait: Apple sucks!
Flamebait: Windows is the best!
Flamebait: The United States is the best!
Flamebait: The United States sucks!

THAT is flamebait.

At worst, waaaaaay yonder (what, great grandparent?), he was trolling, but I thought he was just being facetious.

Re:Got an idea

[MarkRose]

Then why are people modding it up as Insightful instead of Funny? The case for sarcasm is weak.

Re:Got an idea

[ninejaguar]

Considering that most corporations have similar needs and often re-invent the software wheel internally cycle after cycle, your comment should be marked 'insightful', not 'redundant'. In time, the logical course for corporations will be to Open Source commonalities such as software based on scheduling, accounting, hr, inventory, payroll, time tracking, forecasting, marketing, space planning, customer relationship managment, contacts...etc. Sharing the burden of re-inventing the wheel will save costs and will allow them to spend more money on customizations.

You may even see Open Source Operating Systems, Web Browsers, Office Suites and Databases first being brought in, then being customized over time.

= 9J =

Re:Got an idea

[Skye16]

Oh, come on, you know the moderators here are on crazy. They're the same people who post here, and you've read their comments. Slashdot is some sort of Mecca for insanity. It makes me tingle down there.

(That's me being silly, in case your funny bone is still broken =O )

Re:Got an idea

[MarkRose]

Well that post made me laugh, and the skeletal structure in my arms is perfectly fine ;)

Re:Got an idea

[SunPin]

Then why are people modding it up as Insightful instead of Funny? The case for sarcasm is weak.

Moderators smoke crack. That's a law of Slashdot. As for "insightful verses funny" just consider that some people find humor to be more insightful than somebody on a soapbox.

Re:Got an idea

[MarkRose]

Yeah, or sometimes mods will mod a funny post insightful to give the poster karma. It's funny you should say that about mods though... I still have one point to use right now.

Re:Got an idea

[SunPin]

Well... you're a crackhead. :)

Re:Got an idea

[MarkRose]

You're not the first person to say that lol

Re:Got an idea

[CrankyFool]

It's interesting how vitriolic some of the responses to this post have been.

I didn't read parent's post as a complaint about OSS/FS testing, but rather as the parent verbalizing a perception -- that stuff that isn't sexy is often done with less vigour than the stuff that either scratches an itch or looks cool. Testing _is_ less sexy than development (and as someone who wears a software testing hat, among others, I have some perspective on the matter), and it tends to get the short shrift in many organizations and projects.

OSS/FS in some respects has it easier, because they've chosen to make bug submission more open (typically) and recruit their users to test and submit bugs. So, IMHO, it's sort of analogous to companies outsourcing testing to India -- they outsource to India, and "we" outsource to the users. It means the users need to be more tolerant of bugs (at least in the versions that are pre 1.0), but I do think that there is a wider audience for pre-1.0 OSS/FS software than there is for, say, pre-1.0 Windows XP, so we tend to do quite well. And in the end, because we do have more user involvement in the pre-1.0 versions, I'd tend to argue that 1.0 OSS/FS software tends to be pretty rock-solid compared to 1.0 closed software, where typically the vast majority of users only start playing with it at the 1.0 stage.

Patiently awaiting "Open Software and Free Software are entirely different things and you can't just use them interchangeably, you insensitive clod!" flames...

Re:Got an idea

[johansalk]

Linux, BSDs, OOo, Mozilla, etc etc are all large code, open sourced and well tested software. Now even Solaris has joined the party.

I get it

[Hyksos]

So this will be Microsoft's latest excuse, then? ;)

Re:I get it

[pklong]

Naa, we all know Microsofts testing strategy is to release it to the public and see what happens.

You save on the software testers wages that way :)

Re:I get it

[jellomizer]

Except people pay Microsoft to beta test their software.

Re:I get it

[jellomizer]

To continue on. I think that is part of the problem. a lot of Microsoft Beta Testers are just those Windows Nerds who think it is hip and cool to run the unpolished edge of technology and able to put on their resumes that they have 11 Year experience in windows 95. But most of them do in counter bugs but do not report them. Why should they they have to pay to get the product so why bother reporting bugs. Microsoft should release the Beta Tests for Free and to a wide group of people thus allowing them and promise them a free copy of the release product if they report so many bugs. The trick for beta Testing is to get as many eyes on it as possible who know that this isn't a completed or stable product. and are able to try funky things to break it.

Re:I get it

[dioscaido]

Google is pretty awesome at that too. Do then have any products that aren't in beta?? :)

Re:I get it

[MrMickS]

Apple released a public beta of OS X to take advantage of the nerd factor. This did cost, but only enough to cover shipping costs. One key thing was that they provided an easy mechanism to provide feedback on bugs encountered. That there were bugs sort of proves the point of the article, that the OS as a whole was too big to be tested, at least in economic terms.

Re:I get it

[Curunir_wolf]

Why should they they have to pay to get the product so why bother reporting bugs. Microsoft should release the Beta Tests for Free and to a wide group of people thus allowing them and promise them a free copy of the release product if they report so many bugs.

Yea, right. MS knows that nobody cares and the important bugs only get reported by idiots trying to get real work done and willing to spend $260 per incident to help MS fix their bugs.

You've obviously never read the EULA that accompanies thier BETA releases. You are required as a condition of the license to report all the bugs you encounter. Not that anybody follows or even reads the EULA's, but it does give MS something else to beat you over the head with if they don't like something you say.

Re:I get it

[WildStream]

Yes Google Desktop Search is no longer beta. The 1.0 release officially is out. Here is the link
http://www.microsoft-watch.com/article2/0,1995,177 3249,00.asp?kc=MWRSS02129TX1K0000535

Re:I get it

[Tablizer]

"...those Windows Nerds who..."

I'm surprised slashdot lets you use "Windows" and "nerds" together like that :-)

Re:I get it

[mr_duget]

Many comments confuse two quite distinct questions:
1) What is the best way to do software testing?
2) What is the best way to make money selling software?

Question 2 may encompass aspects of question 1 as the useability of a company's software will have an influence on sales. Other influences will also be important, perhaps of greater importance.

All corporations (including Microsoft) are trying to find the best answer to questrion 2. As far as business is concerned Question 1 will only be solved (by them) to the degree that it maximzes profits.

lots of monkeys

[FlashBuster3000]

they should just hire a lot of monkeys to test their software.
Besides, in this way the IQ of the later user and the testers arent differing too much.

Re: lots of monkeys

[bcmm]

The monkeys are busy writing it. It's like infinite monkeys trying to write shakespeare, except when they finally write code that compiles it has many many unused lines, contibuting to bloat.

Re: lots of monkeys

[NadMutter]

That's not far off what apple did back in the '80s. They only used one 'monkey', though.

http://folklore.org/StoryView.py?project=Macintosh &story=Monkey_Lives.txt&sortOrder=Sort%20by%20Date &detail=medium&search=monkey

The key is...

to Keep It Simple, Stupid.

Re:The key is...

[zootm]

Like Linux?

Sometimes things just get big, and there's not a lot we can do about it. "Keep It Simple" is a good phrase to develop by, but in the real world it ain't always possible.

Re:The key is...

[zootm]

I don't agree with the last phrase in that, but you make a good point. Creeping featurism is what's killing a lot of systems, particularly in terms of usability.

Shouldn't that be too bloated to test?

[MarkRose]

Shouldn't that be too darned bloated to test? It shouldn't be hard to test the individual subcomponents for functionality and at boundary conditions. Of course, you can't fully test something as complex as the system in the article. No reasonable sized program can ever be fully debugged -- the possibilities are too many to explore. However, it is possible to fully verify the smallest components, and build large components from them and fully verify those as well. Obviously, the complexity increases greatly with each new layer, but when one is working with fully verified components, any errors that occur must be in the local logic. Granted, this is much more labour intensive, but as long as each component follows precise specifications, it's more than feasible. I'm amazed that many prominent software projects still use largely monolithic testing...

Re:Shouldn't that be too bloated to test?

Indeed. What is the problem here exactly? You have layers of testing. Good development houses will use a waterfall or iterative process.

1. Unit test. This can easily be automated with almost any language, especially modern languages like Java (JUnit).
2. Component test. This is usually a low-volume testing phase because you're only testing boundary conditions and each component only needs to be retested when it changes.
3. Integration test. Again, usually quite low volume if the unit testing and component testing have done their job. You pretty much put it all together and check that it runs, along with the most basic of sanity checks (Can it access the database? Can a user log in? Is it producing log files? etc.)
4. System test. The biggy, but it doesn't have to be daunting. If you have proper requirement and design documentation writing the test plans should be a breeze for any competent tester, no matter how large the codebase. If the unit testing, component testing and integration testing have done their job system testing should really only be about validating the software against the requirements, not finding bugs. If you're finding significant bugs at system test stage either your unit or component testing wasn't done correctly or your requirement and design process is poor.

This sort of thing is basic, bread 'n butter stuff to a tester. Usually it doesn't work as it should because either management don't allow proper timescales, don't use a proper iterative process ("I've penciled in one re-build to fix any bugs we find the week before it's due to ship. O.K? Oh well, it'll have to do.") or the requirement and design phase is done so poorly there is no way to write proper test plans. It is almost never the case that the software is "Too complex". If NASA managed to debug the entire shuttle flight control software, I'd expect a company the size of Microsoft to be able to debug a server application.

Re:Shouldn't that be too bloated to test?

[CortoMaltese]

Big construction projects such as planes, ships, etc. would never make it they weren't divided into components of manageable size, as suggested for software in the parent. Suppose if someone suggested in an airplane project that random integration testing at the very end of the project is sufficient - a practise still commonly in use in software projects.

What is it about software construction that makes this so difficult a concept to grasp?

Re:Shouldn't that be too bloated to test?

[kernelblaha]

...which is why open source works. The philosophy of OSS apps has always been to make small programs that do one thing very well, then join them together to get good funcionality for more complex tasks. And not through specific design, but throught adaptation and tinkering. ...yeah yeah preaching to the converted and all that...

Re:Shouldn't that be too bloated to test?

[MarkRose]

That's actually more the philosophy of Unix -- to do one thing, and to do it well -- and has been around for 30+ years. I'd say that philosophy is common in the OSS world for a few reasons: One, open-source encourages code & component reuse. Two, most OSS developers don't have time to write large projects on their own, and three, the free software movement started in the Unix domain, the source of this philosophy.

Re:Shouldn't that be too bloated to test?

[MarkRose]

And that, my friend, is why software "engineering" is not engineering at all. I'm all for raising coding standards to engineering levels. The amount of time and headaches saved by such an effort would easily exceed thousands of lifetimes. It's silly that we still accept such shoddy workmanship.

Re:Shouldn't that be too bloated to test?

[uss_valiant]

What is it about software construction that makes this so difficult a concept [unit/component tests] to grasp?

Maybe an illusionary view of time-to-market, costs of bad design, costs of ignoring design for testability etc.

In other areas, i.e. ASIC / integrated circuits, the costs of wrong decisions and errors explode during the design cycle. This is why the whole IC industry commits itself to a "first-time-right" ideology. Each step, from specification to the final layout, involves testing. As a ASIC designer, you're happy if you can spend more than 25% of your time and effort on designing the actual architecture. 75-90% of the overall effort is "wasted" for testing.

Re:Shouldn't that be too bloated to test?

[Yaztromo]

If NASA managed to debug the entire shuttle flight control software, I'd expect a company the size of Microsoft to be able to debug a server application.

The problem is that in the NASA case, if they don't get that shuttle flight control system ready on time for launch, they can easily push the launch back indefinately. It isn't as if they're going to go out of business if they don't have launches due to unsafe conditions.

Besides which, once the flight control system version x.y is finished, the development tea doesn't then immediately start working on flight control system version x.y+1 (or worse, versionn x+1.0). It isn't as if NASA finishes a shutttle, and then immediately starts building a new, improved shuttle.

But this is exactly what happens in big software houses. The pressure to release ahead of your competition and stay ahead (or catch up with) the perceived feature curve is huge. Delays are bad -- delays equal lost sales. And once the product is done, unlike a bridge or a plane or a shuttle which will last 20 - 30 years or more as is, that software immediately starts getting new features and major modifications for "the next version".

And perhaps worse, once a version ships, most software development companies stop any sort of further testing -- instead, they rely upon customers to report problems, and typically only then do they investigate (and, hopefully, fix the problem).

The process is different due to "market forces". Personally, I don't like it either, and have stayed away from corporate software development for some time because of it. It's simply not a good way to develop software, as eventually the poor design decisions and rushed jobs (and burnt out developers) cost the company and the users dearly.

Yaz.

Re:Shouldn't that be too bloated to test?

Yes, you're dead right. The biggest problem is that customers have come to accept buggy, late or incomplete software deliveries as the status quo. In turn development house feel that it is acceptable to deliver buggy, late or incomplete software to the customer.

Customers are unreleastic; we all know that. The problem is that most customers surpassed the normal unreality a long time ago and now expect nothing short of miracles, which most development houses are only to happy to try and deliver. A customer attitude readjustment would help; if customers were realistic about their requirements and the timescales required to deliver their requirements, and likewise if development houses stopped lying to customers about what they can deliver in a given time period, maybe we'd see better software as a result.

Well, it's a nice dream.

Re:Shouldn't that be too bloated to test?

[adepali]

All these are fine for IT theory textbooks, but in practice it never gets further than that. The main reason is that there are far more programmers than designers, and the usual programming approach is let's begin and see how it turns out.
Apart from this, large (and i'm talking about large ) projects can easily get out of hand regardless of design, since a few people (well usually one, but often more) must have the entire picture, and if they go you're basically neck deep...

Re:Shouldn't that be too bloated to test?

[Fizzl]

1 Unit test.
2 Component test.
3 Integration test.
4 System test.

Sounds like someone is using Telelogic Synergy* for version/configuration control? ;)

* Also known as CCM, Continuus, GodDamnPieceOfShitBrokeTheBuildAgain** and CanYouCheckThisInForMe***)
** Too many ways to break things accidentally.
*** Too steep learning curve to bother to learn properly. Closely related to the one above.

Re:Shouldn't that be too bloated to test?

[allanj]

It isn't as if NASA finishes a shutttle, and then immediately starts building a new, improved shuttle.

And there we have the reason why the Shuttle never got out of beta, I suppose...

Re:Shouldn't that be too bloated to test?

[Bastian]

This sometimes amazes me. The market forces that push companies to try and release products ahead of the competition exist in every industry, but it seems to only be software that has responded in such an insane manner, and I'm pretty sure software is the only industry where a company who does this can get away with it.

Let's consider the hypothetical situation where Airbus releases the A380 prematurely (to keep ahead of the market) and creates an airplane that costs an incredible amount of money to maintain - or even worse, breaks regularly. What happens in this situation? Easy; everyone throws up a huge stink, and Airbus loses lots and lots of business for the next few years or decades.

On a smaller scale, I have definitely done this with Belkin - they released a couple too many crap products, and now I am never buying their stuff again, and I know of other people who feel the same way.

But in software, companies can just promise that It Will All Be Better In The Next Releease. Repeatedly.

Windows 95 will fix the world. Ooops, no, we meant 98. . . uhh. . make that 98SE. Nope, ME. Ahh, screw that, let's drop that line and give Windows 2000 a shot. Except you should probably try XP. . . . . SP2. . .

And I don't mean to just Microsoft-bash; they are just an easy target. Apple does it, most the major Linux distros I've used do it, it seems like it is just the way the software industry works nowadays. And it is insane.

Re:Shouldn't that be too bloated to test?

[gosand]

But this is exactly what happens in big software houses. The pressure to release ahead of your competition and stay ahead (or catch up with) the perceived feature curve is huge. Delays are bad -- delays equal lost sales. And once the product is done, unlike a bridge or a plane or a shuttle which will last 20 - 30 years or more as is, that software immediately starts getting new features and major modifications for "the next version".

This is not always the case. I just left a very large company for a smaller one, and I have been doing software testing for 11 years. I have worked for two very large companies in my career, and two small ones. In the large ones, I learned most of what good testing was about. I also learned most of what I know about the development process, and how it should be done. Unfortunately, at both of those companies, they talked a good game but didn't deliver very well.

When it comes to software projects, you have 4 factors:

Schedule

Cost

Quality

Features

The rule is, you get to optimize one of these, are constrained by one, and you have to accept the other two. Everyone always thinks that they can get around this somehow, but it never works out. Oh, and you have to make these choices when you start the project - if you change them mid-stream it changes the game.

NASA was used as an example. They are constrained by features and want to optimize quality. Therefore, it costs what it costs and you get it when you get it. Most big software houses are constrained by schedule and want to optimize features. That means they throw money at it and take whatever quality they get. Until they bitch about the quality. If only they really understood this. I presented this to my manager, and he said "But cost is free, because everyone is salaried and can just work overtime." He was serious. Do you wonder why I left?

We always thought we were constrained by schedule because every single release, some manager would say "This is the release date, and it is not moving!" It would move EVERY SINGLE RELEASE. For 4 years, we never hit a release date. Of course, we thought we did because we kept moving it during the cycle. Once, we delivered the release 1 year late - but it was on time according to our re-evaluation. Phbbbt. We did software for hospitals, and it wasn't that big of a deal if we missed our release date. These were huge inventory systems, and it took months for them to deploy. They had to be signed off by Beta sites before it could even be made available to everyone, and even then nobody just bought it off the shelf. We had to go in, install it in their test environments, train them on it, and set up transition dates. And we had to schedule it all within their budget constraints. So time to market wasn't nearly as big of an issue as it is in small companies, where if you don't deliver in a week or two, you can really hurt the company.

I guess my point to all of this is that there are good QA and testing practices, but they might not apply to all situations. The key is knowing when to apply what. If I tried to apply Quality Assurance to where I am now, it would be a total waste of effort. The same goes for testing methodology. (they are NOT even remotely the same things you know) Our build schedules at the big company were every 2 weeks. Where I am now, we do at least 4 releases of software in that time. But it is hosted software, so it is a totally different animal. I value my time at large companies, I learned how things work and don't work in the QA and software testing arenas. The good part is, there is still more out there to learn.

Re:Shouldn't that be too bloated to test?

[oliverthered]

Two points.
1: I agree, but it takes a long time (5-10years) to get you coding skills upto traditional engineering levels.

2: Mechanical devices have much higher tolerances than mathematical ones, if I want a bus that's going to be safe I do some rough calculations and then add 10% to the thickness of all the materials etc...

If I want software that I know is safe I have to make a estimate, double it, then allow ten times the development time to fix the bugs. Even if I had fifty pears reviewing my code bugs are going to slip in because they don't fully understand what I am writing. If you don't believe me, download the kernel source, download a few API's and check the kernel against the API's I bet you'll find a bug. You could even download the DirectX 9 patch from my website and find some bugs if you want!.

If I was writing commercial software I would make sure that all code has full modular testing with wide data sets, and possibly introduce a random data sets and leave a few boxs running from now till we ship just testing the code with valid data and junk. I would also make sure that people were given the opertunity to work on 'pet projects', maybe do some OSS hacking in more R&D area to help keep their skill sharp.

Re:Shouldn't that be too bloated to test?

[revscat]

And I don't mean to just Microsoft-bash; they are just an easy target. Apple does it, most the major Linux distros I've used do it, it seems like it is just the way the software industry works nowadays. And it is insane.

Apple at least seems to be better about it. With one very notable exception where the contents of my iPod were completely erased, all of the software updates I have gotten from Apple have been flawless and for the most part made the product better. This includes point releases as well as security updates.

I don't know the internals of Apple's development process, but I suspect that they are very disciplined in their QA process. I think Microsoft has driven them to this, because one of the prime differentiating characteristics between Apple and Microsoft software is quality.

Re:Shouldn't that be too bloated to test?

[plague3106]

Actually, I think if when you are starting from scratch and begin then to build automated unit tests...and updating unit tests to expect new functionality before you implment..you can build solid software, and keep it testable.

Of course unit testing isn't everything...you need integration testing which is what would get hairy really quickly. But at the very least, you'd know the units are peforming as specified.

Re:Shouldn't that be too bloated to test?

[EddieBurris]

Besides which, once the flight control system version x.y is finished, the development tea doesn't then immediately start working on flight control system version x.y+1 (or worse, versionn x+1.0). It isn't as if NASA finishes a shutttle, and then immediately starts building a new, improved shuttle.

Every flight requires a new version of the primary flight control software and, because of the long lead time to prepare a version, they often have 2 or more in the works at the same time. At one time in 1983 there were 5 versions being worked on simultaniously.

Reliability in the flight control software for the space shuttle comes at a price. Their cost per line of code is $350*. That buys more quality than most commercial vendors can afford.

Eddie Burris

*http://www.stsc.hill.af.mil/crosstalk/1998/11/k rasner.asp/

Re:Shouldn't that be too bloated to test?

[Tassach]

Let's consider the hypothetical situation where Airbus releases the A380 prematurely (to keep ahead of the market)

Bad analogy. Aircraft are one of the most HEAVILY regulated products on the planet. You need to pass dozens of government inspections before you're allowed to sell a new aircraft design. Desktop software is completely unregulated.

Re:Shouldn't that be too bloated to test?

[meadowsp]

Just out of interest, how do you square this with the overlap between the unix tools, find, grep and so on? There is a fair bit of overlap between them (you can do the same thing by using the differnt tools). This seems to me to fit more into Perl's there's more than one way to do it philosophy.

Re:Shouldn't that be too bloated to test?

[Yaztromo]

Let's consider the hypothetical situation where Airbus releases the A380 prematurely (to keep ahead of the market) and creates an airplane that costs an incredible amount of money to maintain - or even worse, breaks regularly. What happens in this situation? Easy; everyone throws up a huge stink, and Airbus loses lots and lots of business for the next few years or decades.

It tends to be for situations like this that governments come in. If Airbus produces a plane which is unsafe, it won't get government certification to be flown in a nations airspace. Transport Canada (or whatever the corresponding agency is in the US) isn't going to license a plane which is prone to blowing up, causing Airbus to not even make sales in the first place.

But we don't have this sort of oversight in most computer software (there are exceptions, of course -- including software for flight systems). Microsoft can ship a crappy product, and nobody ever tels them otherwise. Heck, in this case governments the world over actually buy their products themselves, endorsing their products through their use (and I have a doozy of a story I'd love to share if it weren't for the fact I had a military security clearance at the time I encountered it. Sorry, but as much as I love to tell a good story on slashdot, having the military police or RCMP at my door would _not_ be cool :P).

People would argue whether or not such oversight would be a good thing for softwaree in general -- my point isn't to suggest it's necessary, but more that companies like Airbus have special added incentive to ensure the quality of their products beyond what most software companies so.

Yaz.

Re:Shouldn't that be too bloated to test?

[Daniel]

Even if I had fifty pears reviewing my code bugs are going to slip in because they don't fully understand what I am writing.

Well, that's because pears can't code worth a darn. You should be using oranges. I know some people will hold out for bananas, but I've never had good luck with them; they're too fickle. Oranges will get the job done every time.

Daniel

Re:Shouldn't that be too bloated to test?

[Bastian]

Judging from the design of Cocoa, I think that Apple is probably also helped along by the fact that they have the luxury of working with a much cleaner system that is probably a great deal easier to maintain.

(And it's not that OS X is a complete re-write, because it isn't. Lots of major components of Mac OS X are getting close to being 20 years old. That's a lot more decrepit than the Windows NT line.)

Re:Shouldn't that be too bloated to test?

[oliverthered]

I prefer to consult Melonie's melons whiles coding, Oranges aren't the only fruit.

Re:Shouldn't that be too bloated to test?

[Bastian]

That's great and all, and I realize that there are all sorts of safety regulations on aircraft.

But I said it is a hypothetical situation, and it was obviously an example that was deliberately chosen as an exaggeration. What about the core of the remark? Why don't we talk about manufacturers like Belkin?

Re:Shouldn't that be too bloated to test?

[Yaztromo]

But I said it is a hypothetical situation, and it was obviously an example that was deliberately chosen as an exaggeration. What about the core of the remark? Why don't we talk about manufacturers like Belkin?

Well, we can talk about Belkin if you really want, but I think I only own one or two Belkin products (all cables), so I can't really comment on the quality of their goods, making it a pretty one-way conversation :).

But I think you missed the point -- I agree with your assessment of the computer industry, and only wanted to point out that other industries involved in product manufacture have certain government regulations and oversights to comply with that gives them an added incentive to do the job right the first time. Computer companies can afford to be lazy and ship shoddy products, because unless they are seriously unsafe, nobody is going to prevent them from putting them on a store shelf and selling them to whomever comes along.

Yaz.

Re:Shouldn't that be too bloated to test?

[Reziac]

I knew a programmer who worked for Apple as a member of their core OS development team, back around MacOS7. He told horror stories about how poorly managed it was. One problem he specifically ranted about was that some manager would decide that YOU were DONE with a given project, and physically remove your work machine from your desk, give it to some other coder, and give YOU someone else's half-finished work (which you'd then have to figure out before you could work on it). So no one ever got to actually FINISH their coding, hence there was a lot of half-baked code, kludges, and workarounds. And management *forbid* them from publishing a patch to fix a particular broken firmware, because management wanted people to buy their next machine (with fixed firmware), not just fix the old one!!

Anyway, my point is that just because what you see on the surface looks polished, doesn't necessarily mean the QA or development process is any better.

Re:Shouldn't that be too bloated to test?

[Reziac]

Damn, so THAT'S why sometimes stuff goes pear-shaped!!

Next time I will be sure to keep those oranges around. ;)

Re:Shouldn't that be too bloated to test?

[AnxiousMoFo]

I'd disagree that system testing won't find significant bugs, at least not in a large application or complex system. Even with good unit testing, a competent QA organization will test scenarios that the developers didn't think of, because that's their job. In addition, even if the components are all working to their individual requirements, QA will find bugs that expose design flaws.

I'd also say that having good functional specifications and requirements documents makes writing a test plan much easier for the QE, but doesn't make it a breeze - at least in commercial software development, where resources and time are scarce, QA is all about allocating testing time to make sure the important bugs are caught, and that takes skill.

But what do I know? I'm a black box QE, and I have a vested interest in convincing people that black box QA is important.

Re:Shouldn't that be too bloated to test?

[ratboy666]

Ok, I'll give you a simple task:

Please design an ASIC that can run C code.

I would be willing to accept ANY implementation, as long as it *is* an ASIC (no fair giving me an ASIC that itself must be programmed), and does compile at least K&R C (there you go, I've simplified your life).

WHEN (if) you come back (it'll be a few years -- possibly decades), we'll talk again about the equivalence and practicality of applying ASIC rules to software.

Ratboy.

Re:Shouldn't that be too bloated to test?

[warriorpostman]

*sigh*

Market forces != a gangster named Tony

No one is holding a gun to the heads of software company execs. Some of these managers need to grow a pair and listen to their engineers when the engineers say, "Hey, this isn't ready to go out. It's bloated with untested features. It's buggy, etc". Microsoft is reacting to greed not an unreconcilable set of "natural" phenomenom. The idea of "market forces" is just a gee-whiz economics term to define the process through which a collection of individuals decide which products are better than others. That process is way imperfect. Market forces have more to do with the arbitrary perceptions of corporate executives, so let's not scapegoat unit testing in the name of covering up the real problem, which is people following the cash trail, as opposed to following more disciplined software development practices.

Re:Shouldn't that be too bloated to test?

[gosand]

Actually the rule is: "Good, Cheap, Fast: Pick 2".

That is the "casual conversation" rule. The one I mentioned is something that you can actually put into a grid in your project plan and have people discuss it, agree to it, and sign their name on the dotted line. That would include the customers (if applicable). If you put something like that in front of someone, like a VP or a customer, you can manage their expectations real fast. If you can get them to commit to accepting the quality and the cost (for example) then there is no way for them to back out of that later. Well, they will try, but you can use a signed project plan to CYA. It is all part of "agreeing to requirements" for a project, and those things are certainly requirements.

I have heard stories of people who did just that, and got into some hot water with execs because they refused to change the grid to Optimize more than one thing. THAT is how software development should be, and until it is treated seriously it won't mature.

Re:Shouldn't that be too bloated to test?

[GileadGreene]

The problem is that when you have a large and complex system that integrates a lot of different units (particularly where you have loads of concurrency) each unit may be working fine, but the unexpected interactions between these units can come back to bite you. With a really large system the combinatorial explosion of system states is such that full testing simply can't be done. You can have all of the requirements and documentation you want, but you simply will not be able to cover the full state-space of the system. Which is kind of the point the article was trying to make.

Will good requirements and design processes help? Yes. Assuming that by good you mean requirements and design processes that carefully specify interactions between the different parts of the system, and a design process that includes things like model-checking to ensure that the specified interactions actually produce the desired result. Which is exactly what TFA was advocating.

As to your point about NASA vs MS, you might be interested to know that NASA has begun adopting the same approach that TFA describes - in particular, model-checking of complex flight software is becoming more prevalent, for all of the reasons discussed in the article.

Re:Shouldn't that be too bloated to test?

[winwar]

"If only they really understood this. I presented this to my manager, and he said "But cost is free, because everyone is salaried and can just work overtime." He was serious."

And some say that programmers/coders/employees don't understand business....

Granted, from his perspective, it WAS free. Wouldn't seem to be a good way to run a business but there seem to be a lot of businesses that make lots of money operating that way.

Re:Shouldn't that be too bloated to test?

[Brian+Brian]

You say it is almost never to complex to test? Most times it is. And it certainly always is when you must ship when the company wants to. Software, like many things are becoming gigantic and out of the ability for one person, or a group of people to fully understand. Example: modern jet liners are too big for one or several people to fully understand. And testing the Shuttles flight system - when? I mean originally it had like the power of an Apple II in a way. Bigger today but I bet in many ways less than airline flight systems. In the end, it is a fact that you cannot fully test any software. Time and risks have to be assesed. It will only become more challenging.

Re:Shouldn't that be too bloated to test?

[runderwo]

And how would you plan to accomplish this? Legislation? Licensing? Guilds?

Re:Shouldn't that be too bloated to test?

[Doctor+O]

Then again, from the POV of someone who uses Macs at work since 1996, System 7 really was a huge, stinking pile of shit compared to anything else at that time. Random crashes, slow data transfers, no multitasking whatsoever (sit there and watch your file copy take 20 minutes for that huge 40 MB SyQuest), constant updates that break stuff... bah. MacOS 8 was at least a bit better with time-slice stuff, and MacOS 9.2 was actually pretty good, even though still slow in many respects.

Know anything about the QA or management of the later versions of the classic MacOS? (OSX looks like one well-managed creature.)

Re:Shouldn't that be too bloated to test?

[MarkRose]

It's like any math or science: there are often several ways of doing something, each more suited to a different situation. Each tool is designed to do a small, related subset of tasks. For instance, grep is designed to find something in content (from a pipe or a file), where find is designed to search for files, so it's natural there will be some overlap when handling mutliple files.

Re:Shouldn't that be too bloated to test?

[Yaztromo]

let's not scapegoat unit testing in the name of covering up the real problem, which is people following the cash trail, as opposed to following more disciplined software development practices.

I don't disagree -- it's the reason why I used "market forces" in quotes. It certainly is an excuse, and a pretty poor one at that. I'm not trying to make excuses for the industry, only to point out the industry's point of view.

Yaz.

Re:Shouldn't that be too bloated to test?

[gosand]

And some say that programmers/coders/employees don't understand business....Granted, from his perspective, it WAS free. Wouldn't seem to be a good way to run a business but there seem to be a lot of businesses that make lots of money operating that way.

I wonder when business people will realize that the employees are the best assets that they have, and if they treat them like a commodity, they will leave when they get a chance or get fed up with the treatment. When people complained about the treatment they were getting, management actually said "the job market is weak, you are lucky to have a job." While technically correct, telling employees in that way makes them harbor some resentment. I speak from personal experience.

Re:Shouldn't that be too bloated to test?

[dbIII]

The problem is that in the NASA case, if they don't get that shuttle flight control system ready on time for launch, they can easily push the launch back indefinately. It isn't as if they're going to go out of business if they don't have launches due to unsafe conditions.

Now, when did Win95 get released? Win98? Win2k? Upcoming longhorn? None of them hit their first announced release date. If Microsoft can't hit the announced date they delay shipping - which is a good thing. The problem is not the late shipping, it is the early announcement.

If programmers want to call themselves engineers or architects they have to start behaving like them, and not release unfinished poorly tested things on the world. You can always patch software or poorly constructed bridges, the difference is the bridges are built with the assumption that they should work properly and will not be patched up.

The majority of software is more akin to basket weaving than engineering - planning and proper testing are the things that differentiate an engineered project from a high school craft project.

Re:Shouldn't that be too bloated to test?

[ttsalo]

This sometimes amazes me. The market forces that push companies to try and release products ahead of the competition exist in every industry, but it seems to only be software that has responded in such an insane manner, and I'm pretty sure software is the only industry where a company who does this can get away with it.

It's simple. It's the same as pricing. If the customer complains that the product is too expensive but still buys the product, it does not mean that the product is too expensive. On the contrary, the price is quite right at that point. As long as the customers complain about the bugs but still buy the product, there are not too many bugs in it, from the viewpoint of the seller.

Re:Shouldn't that be too bloated to test?

[Reziac]

That was my impression of MacOS 7 too. Horrible memory management, on a par with Win3.0 (not even 3.1!), no crash protection, no true multitasking, and way slower than the GEM desktop it still so greatly resembled. -- The OS was tied to the hardware because part of it was in ROM, my friend said because otherwise boot time was unacceptably long by anyone's standards. He also told me that *the* reason Macs used SCSI HDs is because that was the only way they could get acceptable data throughput. (Macs still had a 16bit data bus 10 years after PCs had gone to a 32bit bus.)

In my observation MacOS 8.5 was better, but it still didn't truly multitask, had driv^H^H^H^H extension issues, and was far too easy to crash with what looked like an OS resource leak. (I remember trying to view a particular rather large but plain web page on OS 8.5 and finding that it froze solid at about 200k, no matter what browser was used. On Win3.1x or 9x, the *lowest* single plain-page limit I've found is 2.1 megs.)

I've been told that the reason Apple shitcanned the old OS was because it was such a mess of kludges that there was no upgrading it any further.

I haven't messed with OS X itself, but I did look at Darwin for x86, and liked that -- at least as a CLI (which was all it would give me) it didn't seem to have any obvious issues, leaks, or sluggish points (other than the fact that the installer was easy to break), and gave me good feelings toward BSD. Of course, that doesn't say anything about the desktop!!

I picked up OS X at a yard sale for a buck, but don't have any Apple hardware to try it on (and after having had my hands inside a few Macs, nor would I buy any!)

Code can't be too big, just badly designed

[Welsh+Dwarf]

For those who didn't RTFA, it is basically saying that exaustive (?sp) testing can't be done on a large codebase, and random testing is all you can use, to which most coders will say bull.

If a piece of code is too big to test exaustivly, it's time to refactor it into bits that can be.

After you've tested each part to make sure it works, you test a super set of parts, thus testing the interactions between the smaller parts, lather rinse repeat until you've tested th whole application.

Correct use of unit testing will always outstrip random testing.

This is just an excuse for badly designed code bases.

Re:Code can't be too big, just badly designed

[NickFitz]

For those who didn't RTFA, the parent post is talking complete nonsense when claiming that "it is basically saying that exaustive (?sp) testing can't be done on a large codebase, and random testing is all you can use".

Headings from the article include:

• Good unit testing (including good input selection)
• Good design (including dependency analysis)
• Good static checking (including model property checking)
• Concurrency testing
• Use code coverage to help select and prioritize tests
• Use customer usage data
• Choose configuration interactions with all-pairs

All in all, it's a good article, and may go some way to explaining why MS's XML component actually works (I write code to it all day, every day).

Re:Code can't be too big, just badly designed

[StrawberryFrog]

If a piece of code is too big to test exhaustively, it's time to refactor it into bits that can be.

Yeah, I told that to my boss about the product that my predecessors have been working on for years, without any test cases. Internally it's a convoluted entwined mess. I estimated about a man-year to break it down and build it up again, with exhaustive test cases of all the parts. He laughed at the idea, and didn't see the business benefit.


This is just an excuse for badly designed code bases.

So what do you do with them when you are handed them?

Re:Code can't be too big, just badly designed

[MarkRose]

If a piece of code is too big to test exhaustively, it's time to refactor it into bits that can be.

Yeah, I told that to my boss about the product that my predecessors have been working on for years, without any test cases. Internally it's a convoluted entwined mess. I estimated about a man-year to break it down and build it up again, with exhaustive test cases of all the parts. He laughed at the idea, and didn't see the business benefit.

This is just an excuse for badly designed code bases.

So what do you do with them when you are handed them?

Start.

You don't have to completely refactor the code -- but there is no reason why you can't refactor parts as you work on them. That happens all the time in the Linux kernel for instance. I would imagine every component in the kernel has been rewritten at least twice -- but not once was the whole kernel replaced.

Re:Code can't be too big, just badly designed

[Welsh+Dwarf]

And for those who didn't RTFA to the end:

The author is suggesting pseudo-random testing rather than exhaustive testing for a large code base, which may be a valid point when you recoup a large piece of monolithique code, but should never be used for a fresh project, where comlplete, staged testing is the only way to avoid a complete kludge.

David

Re:Code can't be too big, just badly designed

[MrMickS]

In an ideal world this is indeed true and has been true for many years. When at college, over 20 years ago, it was drummed into us that we should spend more time designing than coding because in the end it would save time. In the 20 years since then I've only worked on a few projects that have embodied this principle. In most cases the pressure to deliver something outweighs everything else.

Re:Code can't be too big, just badly designed

[iabervon]

Actually, it's saying that randomized testing is as good at finding bugs as targetted testing by QA people. Targetted testing by the authors is better, because they know where the boundary conditions and tricky areas are.

Furthermore, randomized testing or static debuggers are better at finding some issues than unit tests, because people tend to write unit tests with only those inputs they've considered, while bugs often are due to the possibility of inputs that the author hasn't considered.

Re:Code can't be too big, just badly designed

[Coppit]

Did you RTFA? It's practically impossible to exhaustively test a unit, nevermind the entire system. For example, consider pow(x,y). There are x*y possible combinations of inputs.

Things actually get better at the system level because you can ignore the sub-modules. For example, if your code only ever calls pow(2,3), then you don't need to waste time testing all the other values that are possible inputs to the module.

Unit testing != exhaustive testing.

Re:Code can't be too big, just badly designed

[GileadGreene]

If you'd bothered to understand TFA, instead of just reading it, you would have realized that the point they are trying to make is that the complexity of some systems is reaching a point where unit-testing alone is insufficient, and integration testing cannot achieve the necessary coverage (TFA most definitely does not advocate abandoning unit-testing). "Exhautive" testing really never was exhaustive. And now it's reached a point where even what passes for "exhaustive" testing is insufficient to guarantee functionality and correctness because the state space to be covered by testing is simply too large.

So what do we do if we can't fully test? As I've said elsewhere in this thread: we look to things like design-by-contract (i.e. minimize unexpected interactions), model-checking of abstract system models, carefully designing the test-cases we do perform to achieve good statistical coverage, and actually engineering a system instead of just perpetrating random acts of hackery until it "works".

Re:Code can't be too big, just badly designed

[Welsh+Dwarf]

The point is that if you analyse problem correctly, you can set up unit tests for the corner cases, the ones that matter.

Hence you get a better result with unit testing/integration testing etc.

Just throwing (pseudo) random numbers at the thing during the final week is just asking for trouble.

And no, things don't get better at the system level, because if you haven't tested properly at the module level, the bugs become virtually untraceable.

Re:Code can't be too big, just badly designed

[Welsh+Dwarf]

Learn to code, when you analyse you're problem, you end up with corner cases that you test (in the case of pow, you make sure that when x**y produces an overflow, the function throws an exception, or better still, limit your input to avoid an overflow).

You then work you're way up, testing as you go.

This approche works in every other industry (including electronics), so what makes software so special, apart from (1'm 4 133t, 1 d0|\|'t n33d t3sting).

AND FYI, yes I do code for a living.

Re:Code can't be too big, just badly designed

[Welsh+Dwarf]

>and actually engineering a system instead of just perpetrating random acts of hackery until it "works".

We agree on this point, it's just that for me, I don't see the limit of structured testing that pseudo random testing is supposed to overcome.

If they could use it to debug the shuttle flight control systems, then they can use it for other projects.

Re:Code can't be too big, just badly designed

[GileadGreene]

The thing is, just how complex is the shuttle flight control system, really? Is it really comparable in complexity to the kind of apps TFA was talking about? I'm skeptical. Besides, if you read this, you'll find that "exhaustive" testing of the shuttle software to achieve the levels of reliability NASA desires simply isn't feasible, so they end up using a statistical process to track and predict faults. Not quite the same process that TFA was advocating, but similar in principle.

Too costly to test would be the real meaning of it

[Gopal.V]

The article just says what everyone knew ..

* code coverage != proper testing
* clever inputs are needed to test
* few programmers test concurrency

Ending with - "ECONOMY IN TESTING" (ever heard about "Good Enough Isn't")

Essentially apologetic about the lack of testing. Test driven development is not a philosophy, it's a way of doing. In a perfect company environment, you'll never be blamed for breaking someone's code - but in most places the idea is "he made me look bad". Peer reviews never work out properly. This is why FOSS is turning out more secure and clean code.

Testing for real-world use

[G4from128k]

I recently had a problem with ordering from Amazon that illustrates the problem with testing and all the possible permutations of user actions. I was checking out when I noticed that high shipping cost from one vendor, went back to order from a different vendor and hosed the order. Apparently, there was only one of the item in stock and it was now committed to the pending, partially checked-out order. There was no way to clear the partially complete check-out process and no way to checkout with the item in my shopping cart -- it would only complain that I was trying to order TWO of the item and pull the ONE instance of the item from the cart.

Amazon is not the only e-commerce site with this problem (although I expected better from Amazon). Many sites fail to test for user action sequences other than the straight-through order process. I'm not suggesting that developers test for all possible sequences (that's impossible), but they should test for more plausible ones that a simple linear execution of the process.

When I did software testing (a task that I hated), I quickly broke an RDBMS application with just a simple series of adding and removing items from a user-manipulable working set of data objects. Moreover, I even broke the UI layer and dumped myself into a lower level of the RDBMS shell that was supposedly inaccessible to users. The developers grew to hate me so much for finding bugs in their code and the RDBMS vendor's code that I was moved to another job (YAY!).

The point is that it is often too easy to break code because the developers have created overly simple linear use cases that are then used in testing.

Re:Testing for real-world use

[Chris+Kamel]

The developers grew to hate me so much for finding bugs in their code and the RDBMS vendor's code that I was moved to another job (YAY!).
I don't know what kind of developers you were dealing with there, but I am a developer myself and I actually like and respect QA or test engineer who come up with creative and "smart" bugs, they keep it interesting, they make my job easier and they make for a more successful product, so what's there to hate about them?

Re:Testing for real-world use

[streamscape]

Foolish organisation to move you on because you were so successful at what you were doing. Good testers (who manage to break things all the time) are extremely hard to find.

Re:Testing for real-world use

Well, if a QA tester is too clever enough, they can come up with a bug that 1) no end user would ever encounter since it's so arcane and 2) is really, really hard to fix. While theoretically, a programmer should enjoy the challenge of fixing a challenging bug, I can understand there comes a point where the programmer says in effect, "Screw this! The customer is never going to start an order, cancel, put in an invalid amount, then start an order and overflow the buffer! Fixing this will take a month, but it's not going to help anyone!"

So, I can sort of sympathize with the programmer, sort of. However, OTOH if your job is to fix the bugs, you've gotta fix the bugs, so quit yer bitchin' and fix the bugs or get a new job.

Re:Testing for real-world use

[gstoddart]

I don't know what kind of developers you were dealing with there, but I am a developer myself and I actually like and respect QA or test engineer who come up with creative and "smart" bugs, they keep it interesting, they make my job easier and they make for a more successful product, so what's there to hate about them?

As much as I rely on our QA people to come up with bizarre inputs, sometimes bug reports from QA can be a bitch to decode. They'll have the tester's perceived explaination of the source of the bug, which may or may not jibe with the actual one; it's like user-reports -- sometimes the interpretation is a red-herring explaination.

I've had to explain that the bug they saw was in other code because it caused a bizarre interaction it wasn't supposed to.

Unfortunately, users submit bug reports to the software they were interacting with.

Re:Testing for real-world use

[IainMH]

"[Testers]...so what's there to hate about them?"

I started out testing. And saw that depending on how you told the devloper was an important factor.

However, there were always the coders who resented it.

Usually the crap ones.

Re:Testing for real-world use

Then, six months to a year later, a customer starts and order, cancels, puts in an invalid amount and then starts an order. Guess what happens?

Yes that's right! You get a critical bug report from a customer because the entire system just crahsed and corrupted the database. Now someone in your support team has to spend the entire day helping the very annoyed customer recover their data and restart the system, all the while of course the customer suffers downtime.

Whoops.

Of course this may never happen to you. You probably got lucky. This sort of scenario is why bugs should be classified, and why they should be given a priority. If a bug is found and is deemed to be critical, you'd better fix it. If you don't think it's really a critical bug then fine, argue with the QA team and see if you can change their mind, but at the end of the day they may have use case scenarios or data that you do not, and may have a better idea of just how critical the bug will be.

Use your judgement, but rely on theirs as well.

Re:Testing for real-world use

[Chris+Kamel]

sometimes bug reports from QA can be a bitch to decode
Yes I agree, that happens, but it usually means that the QA personnel are not sufficiently trained/experienced. Also for a Quality Engineer to come from a development background helps a great deal there...

Re:Testing for real-world use

1) no end user would ever encounter since it's so arcane and

Assuming an end user will never encounter an error because it's "arcane" is a really good way to get your ass handed to you. The parent was probably GOOD for testing because he at least knows how to describe the problems and is familiar with the systems. You take the average drone user who doesn't know jack about the system when it blows up and your talking about a huge argument where no one knows what the hell is going on.

I agree about the "hard to fix" problem though. I mean if your code is 99% right with a bug that will be rare and non-criticle and it will raise the cost of the software significantly - then perhaps it's better to let it slide. Or just try to throw up some last minute defenses.

Re:Testing for real-world use

[UnknownSoldier]

LOL - Now *that's the Dilbert principle! You do your job well, so you get promoted/moved!

I would love to have you on my team -- far too many testers don't think "outside the box" when testing.

I agree that programmers assume far too much about how the code will operate on its data. We really need to ask ourselves:
- How will my code function if I've given random/bad data?
- How about 95% correct data?
- And how will I communicate this to the rest of the system?

You should of told your peers
"Don't shoot the messanger, just because you hate the message" :-)

Peace

--
5 Years driving without a "Driver's Licence."
3 times being pulled over by the Police.
ZERO tickets for driving without a license.
ANSWER: ALL [Man-Made] Law is Contract Law. (Admitted very grudgingly by a Lawyer friend.)

Structural problems

[ites]

It is possible to build immense and complex code bases that are incredibly well tested and robust. Look at any Linux distribution and this is what you have.

The key is that the code base is structured so that it can evolve over time as many independent layers and threads, each using an appropriate technology and competing in terms of quality and functionality.

The problem is not the overall size of the code base, it's the attempt to exert centralised control over it.

To take a parallel from another domain: we can see very large economies working pretty well. The economies that fail are invariably the ones which attempt to exert centralised planning and control.

The solution is to break the code base into independent, competing projects that have some common goal, guidelines, and possibly economic rationale, but for the rest are free to develop as they need to.

Not only does this make for better code, it is also cheaper.

But it's less profitable... and thus we come to the dilema of the 2000s: attempt to make large systems on the classical model (which tends towards failure) or accept that distributed cooperate development is the only scalable option (and then lose control over the profits).

Re:Structural problems

[glesga_kiss]

It is possible to build immense and complex code bases that are incredibly well tested and robust. Look at any Linux distribution and this is what you have

Utter tripe, you clearly don't work in QA. Linux is not well tested. In fact, I've never ever come across an article discussing testing of a distribution.

They are WELL USED, which is a different thing altogether. A good tester will look at all of the possible usage scenarios and come up with a test plan that ensures that each of them work, and that they pass several different tests. "Well used" only tests to obvious common stuff.

Never once as a QA engineer have I come across anything resembling a coherent test plan. I'm sorry, but OSS products are some of the worst tested on the planet. OSS's strengths lie elsewhere, and that is what results in less bugs overall.

Retooled jokes

[Ford+Prefect]

"Yo' codebase's so fat, when it get in a lift it has to go down!"

"Yo' codebase is so bloated, it's got its own dialling code!"

"Yo' codebase's so big, NASA includes it in orbital calculations!"

Etc. etc., ad nauseam et infinitum...

Software rewrites may be considered harmful, but at which point do you declare that enough is enough and start again, breaking it down into smaller, easily tested modules? Big, old projects (like, say, OpenOffice.org) can get so appallingly baroque that there must be vital areas of code which haven't been modified (or, more importantly, understood) in years - how do you test those?

Re:Retooled jokes

[DrMrLordX]

If it ain't baroque, don't fix it.

Ha ha! Ha ha ha!

*cough*

Re:Retooled jokes

[starseeker]

I still content that rewrites are harmful only when all of these three conditions are met:

a) Your code is your commercial product/livelyhood

b) You need to support legacy systems

c) You are coding for practical results not for the art of programming.

Joel is an insightful guy, but he approaches software exclusively as a deliverable intended to Get The Job Done Now. For a lot of software this is appropriate, but in the case of open source software it is seldom that all of the above conditions are met. There are also a couple of points he doesn't mention that are relevant to open source software:

d) Users of the old code are not left out in the cold - the complete old codebase is available for them to pick up and maintain (or hire someone to maintain - maybe even the original author) if there is sufficient motivation. Open source authors often aren't motivated to maintain steaming piles of turd just for the joy of it, so they are more inclined to do rewrites. If you want them to maintain old stuff, do like everyone else who really wants some service and hire them!

e) The software stack is almost completely free for open source software - there is no "but I can't afford to upgrade to Windows 98 and break everything!" problem. Granted you might run into those problems, but in theory if you care enough they can be solved. (Often NOT true for legacy commercial software.) So open source developers as a whole are a lot less concerned with backwards compatibility. Take KDE for example - the incentive to support KDE2 when coding a KDE app today is virtually nil - there are many very good reasons KDE3 exists, both from a user AND a developer standpoint. If a user really wants the crap handled to deal with old, broken environments they shouldn't expect to get something for free. The point, again, is that they CAN hire someone to do what they want, because the code is available to be updated.

Now, that said, I would agree that OpenOffice is too critical to the free software world to rush off and be headstrong about. It might be a case where a Netscape type move would be a bad idea. But I like the enlightenment project, even if they have treated violating Joel's rules like a pro sport. They are creating something artistic, advanced, and with the intent of "doing it right". If you look at enlightenment as not a continuation of the old e16, but instead as a totally new product, then it takes on a different light - they are actually doing prototypes, designing and testing, etc. BEFORE they release it in the wild and invite support headaches. Now, as usual first to market wins, but in open source losers don't always die and can sometimes come back from the grave. Rosegarden is an example of an application that is good because they explored their options and found a good one, even with and partially because of their experience on previous iterations of the code. They didn't do it "the Joel way" but they did it in the end and they did well.

I think there is another "zen" of programming, that we are getting closer to reaching - the "OK, we have discovered the features we want and use, now let's code it all up so we never have to do it again" level. There is little that is surprising in spreadsheets, databases, word processors, etc. - they are mature applications from a "user expected featureset" point of view. So now I propose we do, not just a rewrite, but a reimplimentation using the most advanced tools we have to create Perfect software. Proof logic, careful design, theorm provers, etc. etc. etc. We know, in many cases, what program/feature/OS behavior/etc. we want. Let's formalize things as much as humanly possible, and make a bulletproof system where talking about rewrites makes no sense, because everything has provably been done the Right Way. (Yes, I'm watching the coyotos project - they've got the right attitude, and they might determine if it is possible.)

Re:Retooled jokes

[Spunk]

Joel is an insightful guy, but he approaches software exclusively as a deliverable intended to Get The Job Done Now

That is a good point, and Joel himself touches on this in Five Worlds of Software.

(I am a Joel but not that Joel)

Re:Retooled jokes

[metamatic]

Software rewrites may be considered harmful, but at which point do you declare that enough is enough and start again, breaking it down into smaller, easily tested modules?

Except Microsoft already did that once. They called the new codebase Windows NT. And now it's the biggest OS ever constructed, measured by lines of code...

Testing,

[pinkfloyd43]

We have little time to code much less test! Who else codes, sends to QA, gets bugs, codes, sends to QA, get bugs...............

Re:Testing,

Where did you learn the trade? If I guessed you're pretty fresh from a Computer Science course, say two or three years in the business, would I be far from the mark?

I ask because what you describe is exactly what is supposed to happen. You know you're done when, surprise, QA stop sending you bugs (Or at least, stop finding bugs which are classified above a certain severity level). Then, and only then, should the software be considered complete and ready.

The problem is that attitudes like yours, that QA is a pain that should be wished away, is wrong but very very pervalent within the IT industry. It is such a wrong and totally backward attitude I can't fathom where it came from. It's a brain rot that's killing the industry in a see of broken code and half assed implementations.

Re:Testing,

[Mark+Hood]

I ask because what you describe is exactly what is supposed to happen.

Well, yes and no - you're correct, the software keeps going back to QA until they say 'ok, it's good enough' :) But it's an oversimplification.

I'm not trying to say you don't know this; I assume you know that QA isn't something you bolt on after the coding is done & you think you finished... in a perfect world, QA are involved in every step of the design and implementation process, checking your design, documentation, assumptions, test frameworks, everything...

And you're right - this guy's (implied) attitude of 'QA are just there to stop me shipping' is a problem, but equally so are some people's attitudes (not necessarily yours) that 'QA is just there to test the final builds'.

I've seen any number of projects go right off the timeline because the testers got something that wasn't any good, and 'QA' was a rubber-stamp that they applied when the testers were done (or when the ship date arrived, whichever happened first). If QA had been involved from the get-go, they ought to have insisted on unit tests, function tests and all the others that were listed in a previous post, and I won't repeat here...

Mark

Re:Testing,

[superpulpsicle]

The problem is that most companies run at a speed that is on crack and unhealthy. Rarely do QA ever have to final say on release dates.

You know who gets all the power to give it the final yes and no? Sales folks.

Not darned testable

[tezza]

At least by a computer.

I do a lot of programming with visual output. It is impossible to have a computer check that the font got outlined correctly in the PDF, say.

When you combine this with user input and then rare-case branching logic, you can end up with a nightmare of unfollowed paths. Unfollowed, to some extent, means untested.

Just one extra branch can be disasterous because of factorials involved depending where it is placed in the branch pipeline. One minute, everything working, next minute some new code and

(n+1)!

things that need to be eyeballed.

Re:Not darned testable

[BenjyD]

I've faced this problem too with checking visual output. What I will probably do at some point is do automated screenshot comparison: have the system do the test, then compare the relevant region of the screen to a known-good image as a regression test. The only problem I can see with that is that generating the known-good images is time-consuming and minor changes would require regenerating them all.

Re:Not darned testable

[Richard+Kirk]

I find there are three different sorts of test you can run...

(1) Designed tests: You know what is supposed to happen, and you design a test to fit the extreme conditions. If you are processing images, you might include an image with just extreme black-white edges to check for integer overflows, and stuff like that. These take time and thought to develop. They are usually informative if they fail. If the person who designed the code designs the tests, their coverage is likely to be poor.

(2) Real tests: If you can get some real data, such as scanned images, then you can eyeball the results and see whether they look right. The coverage is better, but the pass/fail test is more arbitrary. Sometimes you may have important failures but they only have a faint effect on your particular images. The coverage will be incomplete, but it will be different to (1). These are very useful for regression tests, because they can be easy to develop, and the pass/fail test is limited to checking that you get exactly the same result.

(3) Random tests: Fill the image buffer with white noise and use that. This is useful to test that two implementations are identical. I have used random tests to show that hardware and software implementations of the same algorithm are identical. The coverage is still not good, but it complements (1) which will have flat regions, and (2) which will typically have small differences between adjacent pixels. However, if you get a difference, then it is very hard to trace the cause.

I would guess any good testing strategy ought to include all three types. If you can think of a fourth type, please post.

Re:Not darned testable

[Jerf]

I do a lot of programming with visual output. It is impossible to have a computer check that the font got outlined correctly in the PDF, say.

No, it's not. The problem is your API isn't built to include the ability to test.

It is true that you can not verify that once it is on the graphics card, it is correctly displayed on the screen, but everything up to that point is testable, if the underlying API is built for it.

GUIs have a similar problem; there is nothing fundamentally impossible about testing GUIs, but they are not designed for it. The two major flaws are the inability to run the GUI without the fully-fledged event loop running (I ought to be able to poke the GUI and say "Hey, run your event loop once now"), and the inability to completely transparently post events to the GUI as if the user did it. (I've managed to convince Tk (in Python) to do the former but I still can't say "pretend that the user just pressed the 'a' key correctly.)

Many people then claim that GUIs are untestable, when the problem is that all current existing GUIs are untestable; the class itself is not untestable. Similarly, if you had better support, it'd be easier to test the more interesting properties. I have to admit that that would probably require an even more fundamental re-design than in the GUI case, but it is still possible. Right now, though, too few people care about testing and even fewer people are actually good at it for us to end up with testable libraries. It has to be an explicit goal.

Re:Not darned testable

[Jerf]

Actually, you're showing the exact same blindness that the GUI designers are showing.

You can test a GUI by reaching into the data structures and validating that they look like what you want them to look like. You can test a GUI by posting an event and making sure everything that is supposed to happen in response to that event does. For instance, test that the "submit" button actually changes values in your database, or that when they entered the negative number that the field that only applies to positive ones got disabled.

(This also flows you naturally into describing the GUI with metadata and building it to do what you want, rather than drawing an impenetrable "drawing" of the UI that can't be meaningfully manipulated; then you can rapidly alter the UI and still maintain its testability by testing based on the metadata with minimal effort over the long term. But that's the "static UIs and the tools to create them are for losers" rant, which would fill another post.)

Screen-scraping or HTML sniffing is a horribly broken hack, not a solution. While final compliance testing will require a human to double-check that the data structures of the GUI aren't lying to you (although the GUI ought to be unit tested too), that should be a last resort. The problem is, "eyeball time" is not and can not be an adequate testing procedure for any moderately capable program; the testing matrix rapidly exceeds what any human could do, let alone what any human would do.

So, you misunderstood my point. GUIs are not effectively testable today; there are a couple of hacks but they suck so much ass that it's a rare occasion that anyone uses them, and even rarer that they are maintained for more than the couple of days it takes for them to become completely unwieldy. Someday, I hope to use GUIs that can be tested, and it would only take a couple of small surface changes... but I have to admit not knowing how far those changes would go into the infrastructure as I am a GUI user, not developer.

Re:Not darned testable

[dbIII]

It is impossible to have a computer check that the font got outlined correctly in the PDF, say.

Let's compare software to engineering again. If something has the wrong physical dimensions you can measure each time to find out, or you can use a "go-nogo" gauge to do a quick test - a piece of metal cut to size which determines if the component fits the spec. In software test suites can do that for us - potentially even for situations like those described above. It's a matter of defining your tests to ensure they flag incorrect behavior.

Do people really think their software is more complicated than a large aircraft?

Brought to you by the letter 'c'

Mark, incentive is spelt with a c.

I was tempted to send you a text on your phone to tell you - are you sure you want to leave that on your website to be harvested? You might regret it in a few years.

Re:Brought to you by the letter 'c'

[MarkRose]

Yeah, I need coffee or something. That's what I get for staying up until 5 a.m. I spoted a couple other errors in that post, too.

And that email addy to my cell is simply a forwarding address.

Re:Brought to you by the letter 'c'

[Peter+Cooper]

I think he was referring to the actual number you leave on there. Could get harvested and end up receiving a ton of SMS spam.

Re:Brought to you by the letter 'c'

[MarkRose]

Yeah, I since removed the area code after his comment. I'm not sure how else to disguise a number from a harvester. Ideas?

Re:Brought to you by the letter 'c'

[Karzz1]

Use an image of the number rather than text.

Re:Brought to you by the letter 'c'

[MarkRose]

But that would double the number of images on the page! *laugh*

Perhaps I can encode it. I think I'll ambiguated it with some HTML comments for now.

Re:Brought to you by the letter 'c'

[19thNervousBreakdown]

Put each digit in a <p> element, put the whole thing in a <div class="phone"> then make a stylesheet with "div.phone p { display: inline; }"

If that's not enough for you I'm sure you can think of even more obfuscation, maybe by setting text direction to RTL or something.

Re:Brought to you by the letter 'c'

[MarkRose]

That's brilliant! I shall implement that today...

Article summary...

[TuringTest]

... automatically performed by OTS:

Finally, testers can use models to generate test coverage and good stochastic tests, and to act as test oracles. A fundamental flaw made by many organizations (especially by management, which measures by numbers) is to presume that because low code-coverage measures indicate poor testing, or that because good sets of tests have high coverage, high coverage therefore implies good testing (see Logical Fallacies sidebar). One of the big debates in testing is partitioned (typically handcrafted) test design versus operational, profile-based stochastic testing (a method of random testing). Current evidence indicates that unless you have reliable knowledge about areas of increased fault likelihood, then random testing can do as well as handcrafted tests.[4,5]

For example, a recent academic study with fault seeding showed that under some circumstance the all-pairs testing technique (see Choose configuration interactions with all-pairs later in this article) applied to function parameters was no better than random testing at detecting faults.[6]

The real difficulty in doing random testing (like the problem with coverage) is verifying the result. A test design implication of this is to create relatively small test cases to reduce extraneous testing or factor big tests into little ones.[9]

Good static checking (including model property checking). If you know the coverage of each test case, you can prioritize the tests such that you run tests in the least amount of time to get the highest coverage. First run the minimal set of tests providing the same coverage as all of the tests, and then run the remaining tests to see how many additional defects are revealed. Models can be used to generate all relevant variations for limited sizes of data structures.[13,14] You can also use a stochastic model that defines the structure of how the target system is stimulated by its environment.[15] This stochastic testing takes a different approach to sampling than partition testing and simple random testing. Code coverage should be used to make testing more efficient in selecting and prioritizing tests, but not necessarily in judging the tests. Test groups must require and product developers must embrace thorough unit testing and preferably tests before code (test-driven development).

The Oracle Problem

[Goonie]

One point that this article doesn't really come to grips with regards to stochastic testing is the "Oracle Problem". In essence, how do you know that the result of testing is the right answer? This is a particular problem with random-input testing, or any testing method that involves using automatic methods to generate a large number of tests.

#ifdef PLUG

My own research group works on methods to reduce this burden in a number of ways. One, my personal work, is on "semi-random" testing (we call it Adaptive Random Testing) which, we claim, detects more errors with fewer tests and reduces the problem that way. Another is "metamorphic testing" which tackles the oracle problem more directly by a slightly more sophisticated form of sanity checking assertions. You test the program with two (or more) related inputs, and check whether the outputs have the relationship you'd expect based on the inputs.

Unfortunately, the boss has an, um, slightly behind-the-times attitude to putting papers on the web; but if you search the DBLP bibliography server for T.Y. Chen you can get references for most of them.

#endif

However, I'd be the last to claim that we have a complete solution to the oracle problem; there will of course never be one. But it is a problem that will continue to make automated testing a challenge.

Re:The Oracle Problem

[pfdietz]

I'm a great fan of randomized testing, and have used it to good effect in testing Common Lisp compilers as part of the GNU CL ANSI test suite. The oracle problem is tractable, since one can do differential testing -- test that two different computations that should produce the same answer actually do. For example, construct a random lisp form, then eval it, and also wrap it in a lambda form, then compile and funcall. Differences in output, errors during compilation, or errors during execution all indicate bugs (assuming one has generated legal lisp code.)

This and other more focused random testing schemes have found oodles of bugs in many Common Lisp implementations.

Re:The Oracle Problem

[Goonie]

Could you possibly contact me privately about this? I'd be most interested in discussing this with you further.

Re:The Oracle Problem

[OldManAndTheC++]

#ifdef PLUG

//blah blah

#endif

You left out

#define PLUG 1

so I didn't read that part.

Re:The Oracle Problem

[cburley]

"semi-random" testing (we call it Adaptive Random Testing) which, we claim, detects more errors with fewer tests and reduces the problem that way

When I was developing GNU Fortran (g77), one of the other volunteers (Dave Love, I think it was?) used this approach to stress-test the compiler.

It worked great. Caught lots of the usual "duh" kind of bugs, but occasionally caught the "omigod" sort -- the kind of bug that, at first, looks like just another crash, but, upon further investigation, exposes a higher-level flaw in the design or implementation.

I would definitely strongly recommend this kind of testing for any pertinent product while under development.

sigh......

[sunami]

...such is the outcome of not doing test-driven development. Test the functions as you write them, and just leave the tests there until you release, makes sure everything works. When will these people learn!

Re:sigh......

[GileadGreene]

Sigh. I can't believe this got rated "insightful".

Testing functions as you write them is fine (and the article advocates unit-testing). The problem comes when you have a large and complex system that integrates a lot of individual functions, particularly where you have loads of concurrency. each individual function be be working fine, but the unexpected interactions between these functions can come back to bite you, and the combinatorial explosion of system states is such that full testing can be well-nigh impossible. Which is kind of the point the article was trying to make.

So what do we do if we can't fully test? We look to things like design-by-contract (i.e. minimize unexpected interactions), model-checking of abstract system models, carefully designing the test-cases we do perform to achieve good statistical coverage, and actually engineering a system instead of just perpetrating random acts of hackery until it "works".

"Developers: Too Darned Big to Test?"

[verus+vorago]

Yes. I am far too big to test. Oh you meant the code ...

Quote from an (otherwise) intelligent guy at work today:

"Yeah I got a bit heavy with the delete key whenever I saw the word 'test' but I got annoyed that it wouldn't compile"

sigh ...

Unrelated note: why do people pretend to swear ("Darned")? Either swear (Damned at least) or don't - but why pretend? I don't get it.

Re:Too costly to test would be the real meaning of

[Tim+C]

Peer reviews never work out properly. This is why FOSS is turning out more secure and clean code.

Isn't that a contradiction in terms? Or by "peer", do you mean something other than "a comparable programmer"?

Random vs. Handcrafted testing

[starseeker]

I've seen this debate before, and the part I always wonder is "why not both?" At least, when you are starting from scratch. You can verify your components do what they are supposed to and then check for bizarre situations no one thought of with random testing (sometimes you will expose obscure bugs in the software stack itself, not just your code - but remember no code stands alone, and all crashes look the same to the end user no matter what the root cause.)

Particularly on large, old projects one has inherited, random testing can really help because you have absolutely no clue what you are looking for. There are so many discrete components to the system that could be tested it would be the work of ten years to set it up, so you are forced to (as much as possible) assume that things work and find the cases where they don't. Then, you gradually begin to fix things over the long haul while fighting fires.

GCL and the other free Lisp implimentations are a good example of testing - we have a very dedicated individual who has been creating tests of ANSI behavior from the spec and testing a wide variety of implimentations - indeed many non-standard behaviors have been corrected because of these tests. He has also created a "random tester", which I like to call "the Two Year Old Test." It is a code generator which generates random but legally valid Lisp code and throws it at the implimentation. It has exposed some very obscure bugs in GCL which probably would have otherwise hidden for years. Anybody who has been around small kids knows they will introduce you to all sorts of new failure modes in just about everything you own, so I always think the Two Year Old Test should be administered as a final check whenever possible. (Granted this works particularly well for compilers.) Newbies are very useful for this kind of stuff as well, because they will use the software in ways you never thought to.

Re:Random vs. Handcrafted testing

[Reziac]

Kindof like method, which boils down to "If I can do this with the software, why can't I do that?" until I hit something that falls over. Not so much random as "but it LOOKS like I should be able to...." in ways the coder frequently didn't anticipate.

Hence I am widely feared as "the beta tester who can break anything" :)

On a similar note, Linux QA

[starwindsurfer]

Is anyone doing independant QA audits of linux, outside of the development sources/bug report/linus ruling on high loop?

M$ are much more clever than that (-1 Flamebait)

[patrixx]

They call their monkies "End users" and charge them big bucks for the testing, and on top of that have them accept EULA's that take away their rights. ;-)

Succinct Code * Tests = Code Quality

[Baldrson]

The fact that text compression is a better test of intelligence than the Turing test has a corollary, and that is that succinct expression is a better basis for code quality via test assurance.

This fact alone is enough to dispense with programming languages that attempt to use large numbers of low quality programmers by inhibiting polymorphism with static type declarations. Compile time assertions are only one kind of test and do a lot less for quality assurance than allowing flexibility in choosing the test points on a more succinct body of code.

Right On, Etc.

[4of12]

[TFA] Another great way to target testing is based on actual customer usage.

This is a really good idea.

The crash feedback systems in Mozilla exhibits this model of testing.

I think more of the casual user applications I run on the desktop should be compiled with debugging and a simple transparent mechanism for returning information to the developers about problems.

Nothing mandatory, no hidden information sent back to the mother ship, just a text file showing back traces, etc. that the user can see contains no sensitive information.

Thus all users become beta users that can feedback to the developer which bugs really matter.

Taken to the next step of optimization and UI design, developers can find out which code paths really matter in terms of real life usage if the application is instrumented with profiling turned on and the option for the user to feedback information this way. IIRC, some compilers have options to take advantage of run-time statistics to better compile the second time around.

Re:Right On, Etc.

[Reziac]

Someone mentioned elsewhere that there is one problem with the traceback system: if it's tied to the app in question, and the app's failure also crashes the traceback component, you'll never see a report on that fatal bug.

Likewise, if the traceback component itself crashes, you won't get your bug reports.

So it's important that traceback systems be robust and able to operate independently of the app they are supposed to crash-monitor.

Re:Right On, Etc.

[Tassach]

The problem with this testing approach is that it ONLY works for errors that result in a crash. While these bugs are important, they aren't necessarily the most important ones. There are lots of important bugs which will never be detected by crash analysis.

bloated code, or just poorly written?

[Targon]

Back in the old days, a common way to write a program was to make code that can be used in many different places from within the program. Routines that are similar would be considered a bad thing, so you make routines that are designed to handle the differet situations that need similar code.

The problem with Microsoft is that they have forgotten or never learned how to design a program before their people have started to write anything. As a result, we see 384k patches from Microsoft that take several minutes to install on some systems.

Another problem is that there is a LOT of duplicate code that is in use even within common libraries.

The people who suggest that there are too many features are almost correct, but the problem isn't with the number of features, it's the way those features are added to programs.

Also, there is only so far you can take a given design while you add features before things start to break due to design. If you start with a good DESIGN, then implement that design in code, it becomes a LOT easier to debug.

Microsoft needs to come up with a NEW OS that isn't an extension of Windows NT or Windows 3.0(95/98/ME are still based on that old code in many ways). Windows NT was the right idea back when it was first developed. Toss the old design, start from scratch, and you end up with a better product. The only problem that Windows NT really had was that compatability wasn't written into the core design of the OS, it was a layer added on top, which means you need a "translator" to handle that. If it's in the design, then you figure out how to do the emulation of the old system in a way that is compatable with the "new" way of doing things. Today, it's not as difficult as it used to be back in those early days of Windows NT. We have enough processing power to make virtual machines that can handle just about anything if they are coded properly. The only problem is that the emulation of the old DOS environment or Windows environment hasn't been implemented by Microsoft.

But I've gone off topic a bit. The key to easily debugged code is to design in a way to make things properly modular. Almost all features within Windows should be TIGHT code. To open a file probably has 200 different versions of that code within the Windows XP code base scattered through all the programs that come with Windows XP or 2003. Think about that, and wonder why it's hard to debug.

I wonder what the IRS would say...

[ebuck]

If you claimed an income tax return too big to audit for accuracy, or better yet, too big to file.

The problem

[Hobadee]

The problem is that you aren't supposed to test huge chunks of software all at once. This is insanity! You will never be able to write an OS and then test it all after it's done. What you do is write the program piece by piece, then test every individual function independantly of the rest of the program. Give the function hell! Send it bad data, wierd data, data out of it's range, etc. Once it's fireproof, move on to the next function and continue. Sure, this will take a while with a big program, but you will get a really stable program. A company as big as Microsoft surely has the resources to do this.

Re:The problem

[pfdietz]

Of course you're supposed to test huge chunks of software all at once. There are interaction bugs that come up only when you do that.

What you are trying to say, I think, is that that isn't the only kind of testing you should do, particularly to the exclusion of unit testing. That's a special case of a more general statement: you should do many different kinds of testing, because different strategies find different kinds of bugs, and the combination is often more powerful than any one approach.

What's wrong with unit testing?

[Jerk+City+Troll]

Instead of trying to test huge code bases, why not write decoupled systems and test small pieces of code? Oh wait, that requires effort.

I've worked on a number of projects (that borderline on huge) which have a thorough set of unit tests. Each test sets up pre and post conditions and checks the output against what we expect. (Duh!) It's not difficult, it just requires planning and careful attention to detail.

If you've ever built Perl from source, you'll notice that the entire code base gets tested during the process.

I have to say that it's not about theory or speculation, it's just about hankering down and doing it.

Testing, fundamentally is not that hard. I think the real problem is developers often trying to find excuses to either put it off or worse yet, not do it at all. Added to the problem are badly designed architectures where most components have tight dependencies with others. This prohibits running them in isolation and hence limits testability. Naturally, it's always more complicated than this (budges on time and money) but the root of the problem is lack of motivation or ignorance to the benefits of having easily and hence well tested code.

Re:What's wrong with unit testing?

[Trillan]

Yes. Humans really only have one way of solving large problems: Divide and conquer.

Re:What's wrong with unit testing?

[Jerk+City+Troll]

Windows is also in fact an extremely modular OS and your comments about modules being tightly coupled togeather is pure speclative BS (And completely wrong).

The reality is either one of us can only speculate all day about whether or not Windows is all that modular. Based on reports from both family and friends who have worked on Microsoft products, I would disagree with you. This is besides the point. My original post was written in the general case.

On the matter of tightly coupled systems being difficult to test, yes, that does make unit testing more difficult. For example, say I am building a Java web application. If I have code in the back-end which depends on objects provided by my servlet container, that means I have to have a servlet container available in order to test the component. I cannot simply stand it up in a completely isolated environment and test it. So, not only are there practical issues that make unit testing difficult, I am also trying to quantify the behavior of a much larger system (and one I specifically do not want to test).

The problem with unit testing (or ONLY doing unit testing) is that it does not test system interactions. A very large number of IE flaws that allow things like installing tool bars or other trojans were interactive flaws that involved multiple systems. Each system worked independantly as expected, but hook them up and the true behavior of the complex system become much harder to test.

Unit testing will find buffer overflows and such, but not worm holes through complex system interactions.

If I define the model by which pieces of my system interact, I should know how those pieces cannot (are forbidden to) interact. My unit tests, therefore, should include tests I expect to fail, not just tests I expect to succeed. I should test functionality in both the context in which it is permissible (verify it works) and in contexts where it should be hidden (verify my security model works). So yes, unit testing can be applied to test system interactions as well which can help reduce security holes. As for trojans and the like, I agree. Unit testing is not the end-all-be-all of security analysis, but it can take a fairly large chunk out of it.

In fact, modularizing actually makes the situation worse, since it presents many more opportunities for module combinations.

Your statement just about leaves me speechless. How can you tell me I am coming up with bullshit and yet write something like this? I am not going to go into depth about why modularity in software architecture is good (that is a topic for freshman) but I will tell you that your statement is flat out wrong. Try reading up on the subject some time, okay?

The real world is a hell of a lot more complex than you seem to be thinking it is having not done any of it.

And you base this statement on...? My point was that well designed software architectures can be broken down into very small pieces that are easy to unit test and that unit testing can be applied across an architecture. I find you've hardly done any work in refuting my claim.

And finally, never mind that Open Source does virtually no testing of any kind. FF is STILL full of invalid memory access bugs when http data is garbage that simple unit testing would have found...

I don't know how you manage to extrapolate a flaw of a Mozilla browser sub-project to encompass all open source development. This is somewhat ironic considering some of the big name unit test frameworks come from the open source community.

Yup.

[hot_Karls_bad_cavern]

i worked for an HP lab that was designing a rather large ASIC that was previously a large chipset used for coherency control between the four procs on a cellboard and the other cellboards as well. We had one hallway of design engineers pounding out the code/layout/etc for the chip and an *entire* other hallway of guys writing test fixtures (unit and system) at the same time. My task at the time was to write an in-house, unit testing language translator to fit with the system testing language and engine. We had 20 guys working on perfecting the tests and catching chip problems way before the chip ever thought about making it to tapeout.

So yeah, tons of resources went into just testing the damn thing ... and there still remained the real-world testing when the chip would finally make it back to the fab in hardware form. Interesting process, i'll tell you that much.

Re:Yup.

[cpeterso]

So do you think the hardware guys spent more time up-front creating a better design/spec? Or that the design was just given more testers and scheduled test time? I think software teams aren't as carry (with designs or testing) because they don't have to be. Yes, software engineers are lazy, but most software can be patched (which is difficult for buggy hardware). Contrast the software development processes of VB developers writing Windows desktop apps with embedded software developers. I think the later has a more "hardware-like" development process.

The Waterfall that wasn't

[willCode4Beer.com]

In the original paper, "Managing the Development of Large Software Systems" by Winston Royce, describing the waterfall model, Royce actually points to the flaws of that process. He actually says that it "is risky and invites failure".
It appears that at some point some PHB's saw the paper, looked at the pictures (instead of reading) and decided "we should all use the waterfall development process".
As for iterative development, I couldn't agree with you more. And its also what Royce was really at where each "phase" provides a feedback to the one before it. And if a project follows the steps you outlined for each iteration, as well as doing some refactoring for leasoned learned, you will generally see the bugs go down and the code quality steadily increase.
OTH, trying to suddenly apply a test scafolding around an existing large codebase can be a very painful process. Many time its actually easier to just rebuild using the original app as the basis for the new test cases. And the NIH syndrome weighs heavily.

a better question

[willCode4Beer.com]

You actually bring up a better question. How do we deal with big pieces of steaming ****, I mean spaghetti that get handed to us to maintain.

There are all kinds of processes and theories that if you religiously follow you can be sure to prevent a project from becoming crap. But, always in the life of a project there comes a PHB determined to turn the code bad.

I think we need a lot more attention on how to deal with code thats already in bad shape. We've got refactoring and Code Reading but, little else on the subject of improving existing code bases. A result of this, most dev's tasked with maintenance simply do as little as possible when modifying the code from fear of unwanted consequences. Thus, code rot sets in.

Re:Too costly to test would be the real meaning of

[willCode4Beer.com]

The article just says what everyone knew ..

What every devloper know.

Now you've got a paper to send your boss to reinforce what you've been telling him for years. Ever notice how things seem more authoritative if they come from outside the company walls.

Noones done this yet?

[Mercano]

In Soviet Russia, software tests you.

But why would they do that for free?

[mosel-saar-ruwer]

The trick for beta Testing is to get as many eyes on it as possible who know that this isn't a completed or stable product. and are able to try funky things to break it.

I agree with that statement.

However, what you've described takes an enormous amount of time and effort and [background] knowledge, to the extent that "try(ing) funky things to break it" could very well become a full time job. Hell, just spending the time necessary to read the documentation [and surf the web looking for "gotchas"], solely for the purpose of figuring out how to INSTALL a piece of software, is d@mned near a full time job.

But in the real world, people get paid to do full time jobs - in fact, they even get paid to do part-time jobs. And if their job title is something like "Senior Testing Engineer for Quality Control", then they get paid sh1tl0ads of money.

You were more intelligent than your developers...

[mosel-saar-ruwer]

When I did software testing (a task that I hated), I quickly broke an RDBMS application with just a simple series of adding and removing items from a user-manipulable working set of data objects. Moreover, I even broke the UI layer and dumped myself into a lower level of the RDBMS shell that was supposedly inaccessible to users. The developers grew to hate me so much for finding bugs in their code and the RDBMS vendor's code that I was moved to another job (YAY!).

The fundamental problem here is that you were more intelligent than your developers [which, in turn, seems to have been because your developers were morons].

Re:Not true

[plague3106]

1. We can't test all the inputs to the program.

Nor is it necessary to; testing 'usual' data and boundry data should be sufficient.

2. We can't test all the combinations of
inputs to the program.

Isn't this the same as 1?

3. We can't test all the paths through the
program.

This is wrong. You shouldn't have too many code paths at all...if you do, then perhaps its time to re-evaluate the design to split more functionality into smaller pieces and properly test those.

4. We can't test for all of the other potential failures, such as those caused by user interface design errors or incomplete requirements analyses.

User interface design error? That sounds like it'd make it difficult for the end user to understand your UI. But your UI should be testable too..simulate button clicks etc.

Incompletes requirements gathering will always sink the ship. Therefore its important to make sure your requirements are complete as possible.

Automatted testing can solve alot of problems. When a new bug is discovered, SOP should be to write a unit test that verifies the bug exists, fix the bug, then rerun ALL existing tests. If they pass, its reasonable to assume things are fine again.

The reason certain bugs slip through is because many software development houses AND their clients don't believe building software is engineering.

It is, and all engineering is expensive. Until both sides agree on this (and more money is put into development) we'll continue to have rushed products and shoddy software. Add more time to properly engineer (which also means adding more cost) and we'll have quality software.

Microsoft test ratios

[bananahead]

Microsoft is very concerned about its ratio of developers to test engineers, and is doing what it can to REDUCE the number of test people on any specific project. The ratio was two test to one dev, and the project over the last 18 months has been to reduce that ratio to about 1.2 test to one developer.

So, we can see, Microsoft is creating yet more complex untestable software while at the same time reducing the amount of testing they can actually do.

The 'theory' is that they can automate a lot of the testing. The practice seems to be to push the release button and call it good.

Or to paraphrase...

[Reziac]

Bug free, cheap, on time, works. Pick two.

(BTW thanks for the informative viewpoint.)

Retooled Software

[fair_n_hite_451]

If the user base has all the features they want in those mature apps, why would they buy the new "elegant/Perfect" software design?

You're not giving them anything new, so economically, you will fail since you won't attract enough interest.

Re:Retooled Software

[starseeker]

Security, and stability. Not just "mature" stability and security, but those qualities backed by proof logic.

Security IS a very important quality for software to have. Nowadays, in many cases it can make or break software, as attacks get worse over time.

Yes, normal commercial economics would fail. Hence, open source is the place to look, where economics are not the limiting factor.

Re:test every square root?

That's exactly how Intel ended up with a FP bug in one of their processors...

So much for your theory on testing.

Random sampling testing is only good for the testing of identiacal product production to test for trends in product manufacturing. It is absolutlely NOT the way to test the function of software, well except that it can become impossible to exhaustively test as the paper mentions.

That is why we have the theorum that states that it is impossible to completely test any software greater than a given size. And that size it amazingly small.

Frankly, "Common Sense" is more frequently than not "No sense at all". It betrays a complete lack of understanding of the real-world which is infinately more complex than "Common Sense" ever gives it credit for.

Large Developers?

[MonkeyCookie]

The title to this story on the main page, "Developers: Too Darned Big to Test?" seems to imply that developers are too corpulent to test. For a little while, I though I was about to read a story about developer obesity.

I had a good laugh at that one. Anyone else misinterpret that as well?

Problem with code coverage

[Tired+and+Emotional]

The article correctly states that code coverage by itself is not a good indicator of testing quality but then gives a specious reason.

The given reason is that you have to check the result or its no use, but that applies to any form of testing.

The real problem with using code coverage as an indicator is that a given line of code can be executed with many states and what you need is coverage of the cartesian product of statements and states.

A good example is an optimization in a compiler where you may spend many lines of code checking if it is possible and only 1 or 2 actually doing the optimization. So if you never do the optimization you could easily have close to 100% code coverage but you have 0% testing of the optimization.

So as a measurement it is falacious, as there is no correlation between percentage tested and percentage covered for less than 100% coverage but you can see that you can even have 100% code coverage and still miss bugs from the following statement:

if (size > limit) size = limit - 1;

which fails if size == limit (you intended to write >=) - i.e. there is one value of the state that fails.

If they are too LARGE...

[DavidHumus]

you should just get a bigger scale.

Oh wait, they mean the code, not the developers themselves.

MS grade school

[Tablizer]

"Teacher, I can't fit in the exam chair. I'm too obese to test. Can I be excused?"

Testing Large Code Bases...

[MacDaffy]

Just takes the will to do it. It means getting quality personnel involved from the beginning--in the design phase of the project.

It means allocating resources to each project module (and if the project isn't modular, it's crap). The quality people don't have to be geeks, in most cases. But they do have to be smart, diligent and detail-oriented.

It means adopting a professional testing approach and sticking with it.

It means demanding that programmers do their own unit testing before submitting their work to the code base and having acceptance testers who confirm that before a build is released into the general quality process.

I was a white-box tester because I had a programming background. I would generate a list of test cases from the code for which I was responsible, but I also believe that testing a product means using it as it is intended to be used, if possible.

There's no excuse for not expending the time, money and effort on assuring a quality product. Better not to do a project at all than to do it badly.

Re:Too costly to test would be the real meaning of

[ajv]

Essentially apologetic about the lack of testing. Test driven development is not a philosophy, it's a way of doing. In a perfect company environment, you'll never be blamed for breaking someone's code - but in most places the idea is "he made me look bad". Peer reviews never work out properly. This is why FOSS is turning out more secure and clean code.

Absolute rubbish. Not testing != good, clean code. I spoke on this topic at linux.conf.au a few years ago. I noted then, and I'll note it now, that OSS authors are better than average coders, but awful testers. Do this exercise:

1. Grab any C or C++ foundry tarball from Sourceforge.
2. Type

make check

What happens? I reckon in more than 99% of occasions, absolutely nothing. Not testing is not good enough.

For a good example of this in action, phpBB is free and open source software, licensed under the GPL. It has security bugs coming out of its ears. What it needs is a good quality code review.

I do these for a living, and they are definitely worthwhile. The software I help maintain (XMB) used to be like phpBB - buggy, insecure, and slow. Now it's just somewhat buggy and a bit slow.

Code Reviews and testing make all the difference.

open-source testing

[xgamer04]

Maybe this is why OSS is generally good? Instead of one giant monolithic codebase (ex: Windows), we have hundreds of little packages where people actually know WTF all the code does, or at least have a team of people who can cover the entire codebase in terms of knowledge.

In a word: Yes

[anno1602]

Two groups:

1. Linux distributors (defined loosely): IBM, Novell, RedHat, ...

2. IT Security companies that actually make money by finding security bugs (e.g. Secunia)