Slashdot Mirror

← Back to Stories (view on slashdot.org)

Why Buggy Software Gets Shipped

Posted by ryuzaki0 on from the life-is-pain-princess dept.

astonishedelf writes to mention an article in the Guardian about the hard reality of why buggy code is sold on retail shelves. From the article: "The world's six billion people can be divided into two groups: group one, who know why every good software company ships products with known bugs; and group two, who don't. Those in group 1 tend to forget what life was like before our youthful optimism was spoiled by reality. Sometimes we encounter a person in group two, a new hire on the team or a customer, who is shocked that any software company would ship a product before every last bug is fixed. Every time Microsoft releases a version of Windows, stories are written about how the open bug count is a five-digit number. People in group two find that interesting. But if you are a software developer, you need to get into group one, where I am."

20 of 422 comments (clear)

  1. Windows Software Shop :-) by Whiney+Mac+Fanboy · · Score: 4, Insightful
    Typical Windows Software house:
    Vault's backend makes extensive use of features specific to Microsoft SQL Server. Contrary to popular belief, SQL isn't portable.
    *shakes head* and then this:
    Linux and MacOS users have problems over how end-of-line terminators show up.
    Ouch!

    Anyway, I do agree with the author for the most part (its all pretty 101 risk assessment stuff). It is inevitable that software will have bugs in it (especially commercial software shipped to a schedule). This is not really news tho'.

    What I would like to see is some vendor honesty. How about making a list of known bugs available to your customer prior to purchase? (I know, I know, fairly warning a customer is madness, etc etc).
    --
    There are shills on slashdot. Apparently, I'm one of them.
    1. Re:Windows Software Shop :-) by Whiney+Mac+Fanboy · · Score: 4, Insightful

      By your reasoning, it is inevitable that bridges have design defects in them, and that at some point (in their usable specified lifetime), will collapse.

      I didn't say all software will have major bugs that lead inevitabley to the collapse of the software. Just that all software will have bugs.

      All bridges have defects too you know - the suspension cables will be slightly uneven, or some features of the fascade will be unsymetrical. Bridge engineers make damn sure there are no structual problems that will lead to collapse (but even they fail sometimes).

      I wish software engineers would be more like bridge engineers as well, but the cost of failure (and the cost of fixing in the event of a failure) are so different between bridges & software that its not likely to change.

      --
      There are shills on slashdot. Apparently, I'm one of them.
    2. Re:Windows Software Shop :-) by Loki_1929 · · Score: 5, Insightful

      "How about making a list of known bugs available to your customer prior to purchase?"

      There are several reasons not to do this. Not the least of which is simply that most customers don't want to know what's going on inside the application. They want to click "Button A" and have "Box X" pop up and start flashing - or whatever. They don't know that 300 lines of code went into making that happen and they're fine with not knowing that. They certainly don't want to be forced to actually understand what each of those 300 lines of code are doing. Try to explain it to them and watch their eyes glaze over in a hurry. You can try to simplify the explanation for them, but it'll never be enough because they can't grasp the problem without understanding what goes in to making it work; a necessity in understanding why it doesn't.

      The point is that when you get into listing bugs, you have a number of caveats. First of all, in their eyes, you're telling them that the application you're selling them is broken. Sure, those bugs may never actually affect them. They may even be in parts of the code that aren't even used yet because it's part of a feature not currectly activated. But hey, you're selling them a broken program. Remember the Pentium floating point fiasco Intel had to suffer through? What was wrong with their processor? Nothing that isn't wrong with anything ever manufaturered: minor defects that rarely or never manifest under normal operating conditions. What happened when the news got out about the floating point bug that didn't affect more than a hundreth of a percent of buyers - if that? The 'public' went ballistic about it and Intel was eventually forced to do a recall of CPUs that were perfectly functional. Nevermind the fact that AMD and Intel routinely publish a long (and growing) list of 'errata' for their processors that are chock full of bugs. The moment the public got news of a single errata (which, again, didn't even affect them), they demanded replacement "working" products. Are you, as a company, going to expose yourself to that kind of liability?

      Basically, the customer doesn't understand the inner workings of your application, doesn't want to understand the inner workings of your application, and if you try to make them understand anyway, bad things will likely happen to you. People can handle unexpected behaviors (bugs) when they're discovered and a promise is made to make it right (patch, updates, etc). But if/when they get wind that you knew the bug was there, and that there were others? That's a receipe for disaster.

      What geeks/coders need to understand is that we make up a vastly small minority of software users. Unless and until a vendor is selling products to, and only to those who are informed, knowledgable, and intelligent about computer code, you will never see a list of known bugs right on the box. If it's there at all, it'll be made as obscure as possible so that your average Joe can't find it. Why? Because average Joe will go nuts regardless of how inconsequential the bug is, or how much it would push back the release of the product to stamp out all the (known) bugs.

      Personally, I don't blame developers and vendors one bit for obscuring the known problems. When I run into a bug in something like MySQL or PHP, I can find out about it, whereas slightly-above-average Joe (beginner PHP page creator) would have a heck of a time. I find that to be ideal, as I can find the information I need and Joe's not taking up the vendor/developer's valuable time whining about 10,000 bugs he'll never see in his life.

      --
      -- "Government is the great fiction through which everybody endeavors to live at the expense of everybody else."
    3. Re:Windows Software Shop :-) by colmore · · Score: 4, Insightful

      Reading this made me cringe:

      "All the reasons are tied up in one truth: every time you fix a bug, you risk introducing another. Don't we all start out with the belief that software only gets better as we work on it?"

      Holy shit! I can't imagine being on a team with that attitude? Do you people write tests? There are dependable ways of insuring that changes don't re-introduce old bugs, and if you can't fix one thing without causing a seemingly unrelated problem, you're working with some pretty smelly code.

      There's definitely truth in the statement that the need to use software and the need to eliminate bugs can be at odds with each other once the bugcount is low enough that the product is usable. But... isn't that obvious? How many open source projects out there (without version numbers approaching a known irrational number that is...) can really brag of being bug free?

      BUT this article is a good reminder of why I'm glad the boxed-software days are coming to a close. Software should either be written with a client present or by people who intend on using the product themselves. Trying to come up with a featureset for some vague "target market" is a horrbile way to write software. Software is unique because it is both engineering and design at every phase of its creation... and without set feature requirements and feedback, there's really no way to know if what you're making is well engineered or not. Anyway, don't work in a closedsource / many customers environment... it's bad for the brain.

      --
      In Capitalist America, bank robs you!
  2. A separate question by Southpaw018 · · Score: 4, Insightful

    The argument about the enormous bug count in Windows isn't really about every last bug being fixed. The article fails to address a separate question: whether you're allowing the public to do your beta testing for you.

    The idea of QC/testing/beta/whatever the heck you want to call it is that you get as many bugs as you can fix while accepting the ones that will remain behind. That's absolutely correct. However, there are companies - like Microsoft - that are notorious for either being sloppy and not getting bugs they should have, or just straight up not caring at all and rushing a product to market that legitimately shouldn't be there.

    The argument can even be extended to good coding practices, like worrying about security fron start to finish rather than after you've entered beta (another well known Microsoft flaw, though they're getting better at it). That reduces the number of bugs to begin with, which in turn gives a better product.

    --
    ACs are modded -6. I don't read you, I don't mod you, I don't see you. Don't like it? Don't be a coward.
  3. No idea by Unski · · Score: 4, Funny

    ..why buggy $oftware is $hipped. Can anyone help me with thi$?

  4. The Reason: PHBs by koweja · · Score: 4, Interesting

    99% of the time it's because upper managment either promised the customers features that could not be implemented or gave the programmers too little time and/or resources to finish the job. While not software development, I am having to deal with a similar problem right now. We are moving our website to a new CMS system. So we have to move all of the content from our old pages to the new system using a slow, buggy, web based system. In the beginning we were told by IT that we had until June 5 to complete the move, so we scheduled our time accordingly. Things progressed slowly but in time to meet the deadline. Then Tuesday morning we get a call from the assholes in PR that we have to have everything done by this Friday. We just had our remaining time cut in less than half. There is no way we can get done, so the site will be incomplete. PR gets no blame and we look bad.

  5. Nature of Competition by DuSTman31 · · Score: 4, Insightful

    Regardless of the nature of the software development team, the nature of competition remains the same.

    Stagnation is costly - delaying a product launch drives people to the alternatives (both due to the alternatives updating faster, and due to the lack of progress seen by the outside world).

    Of course, buggy software is costly in terms of reputation, as well, so the end question becomes at what point will the delaying of the release cost us more market share then the remaining bugs will.

    Unfortunate from a purists eyes, but it's just the way things go.

  6. Real reason by gowen · · Score: 5, Insightful

    Because, by and large, no one gets killed when commercial software crashes.

    In those cases where it does; e.g. medical/aviation software, usually embedded people take the time. If aviation software designers cut the same corners (w.r.t. bugs vs. features) that office software designers do, planes would fall out of the air and people would die. So they write well engineered software, in well engineered, fault tolerant languages (lika Ada). (Yes, yes, Ariane, but thats the exception that proves the rule)

    The real reason buggy software is shipped, is because buggy software is accepted by the market, and people will keep buying it, and continue to roll their eyes when it crashes, because they're completely inured to it, and many of them have reached the conclusion that its literally impossible to write robust, stable software.

    It's not, but the profit margins are narrow, and no-one seems to mind (or rather they mind, but keep forking over their money anyway). So no-one bothers to.

    Face if folks, we're enablers.

    --
    Athletic Scholarships to universities make as much sense as academic scholarships to sports teams.
  7. Re:Welcome to Group One by jizmonkey · · Score: 4, Insightful

    The article was about why known bugs ("thousands of bugs") aren't fixed before ship, not why all bugs aren't found.

    --
    With great power comes great fan noise.
  8. because we want it NOW! by LWATCDR · · Score: 4, Insightful

    Look at Vista. Everyone is complaining about it not shipping on time. I have yet to hear anyone say. It is a good thing that Microsoft is fixing all those bugs.
    Product ships late because of bug fixes. Why is it taking so long.
    Product ships on time with bugs. Why didn't you fix the bugs before shipping.
    You just can't win

    --
    See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
  9. Re:bugs, so what? by tbone1 · · Score: 4, Interesting
    I work for a company that does medical publishing. Our data is used by many medical professionals in highly-stressful, quick-paced environments. If we mess something up, it can kill people.

    And if our IT staff had the same intelligence, competence, and vision as our management team, we'd kill over 10,000 people a week.

    --

    The Independent: Reverend Spooner Arrested in Friar Tuck Incident - ISIHAC, Historical Headlines
  10. Re:Welcome to Group One by exp(pi*sqrt(163)) · · Score: 5, Informative
    Theoretically, there is no language that is more or less prone to bugs than any other language as understood in Turing Completeness
    Frankly, this is complete garbage. Try writing an application in the Turing complete language Brainfuck or 6502 assembler and compare that with writing in the Turing complete language Haskell. Turing completeness is completely irrelevant and you're simply quoting CS 101 to give your comments an air of authority.
    --
    Doesn't it make you feel good to know that our freedoms are protected by politicans, lawyers and journalists.
  11. Re: Vendor honesty by Medievalist · · Score: 5, Funny
    What I would like to see is some vendor honesty. How about making a list of known bugs available to your customer prior to purchase?
    Good idea! You go first.

  12. My experience by bbroerman · · Score: 4, Insightful
    I work for a large software shop. In my experience it boils down to:

    1. Accellerated schedules created by management / client without development buy-in.
    2. Management cutting development phases in order to get things done faster to meet dates from #1. (i.e. design reviews, code reviews, phases of testing, etc)
    3. Shipping portions of the development off to India teams (in order to save money) who are under trained, and can't speak the same language as the other developers, and who won't ask questions when they don't understand.
    4. Giving development / design tasks to people with no experience in the subsystem that they are being assigned to, because management believes that one developer is as good as any other... we're just bodies...
    5. Churn in employees... Better / more experienced people leaving for better jobs, and noobs coming in to replace them. After a while, you have too many noobs, and not enough older, more experienced folks.
    6. Colleges not training people on common coding errors, proper design principles, good design patterns, proper testing and documentation strategies, etc.
    7. The old addage: Too many cooks spoil the broth. Some times, there are too many senior developers, architects, etc. workign on a design, an they all have their favorite ways of doing things. Many times, even within a single subsystem, one senior person will move to a new project and a new one will come in, and want to change the process / design to fit his style... and usually at the last minute...

    Now, as to why bugs don't get quashed quickly:

    1. Lack of enough informatin from the person experiencing the problem to allow development to recreate the problem.
    2. High complexity of the systems involved.
    3. Bad library design / separation of concerns / encapsulation, etc. means that a small bug in some unrelated libarary can cause problems where you never expected them.
    4. Developers who aren't experienced enough with the code / subsystem to be able to find said small bugs. (i.e. see number 4 and 5 from last list).
    5. Developers who aren't given training and experience in the proper use of debuggers, memory checkers, etc. (how many college hires out there really know how to use dbx to track down a bad pointer in the free list?)
    6. Too small a staff, too much to do.

    I see each of these every day!
    --
    Logic is the beginning of reason, not the end of it.
  13. Re:Buggy code is sold because it is demanded by drooling-dog · · Score: 4, Informative
    I'm surprised I had to read so far down to find this, the real reason. Stuff gets shipped because somebody needs to make their numbers, now. Sometimes the survival of the company is at stake, and sometimes it's just an individual climbing the career ladder.

    In a previous life I was in charge of software development for a smallish company whose business was scientific software and systems. To my repeated horror, the CEO and the Sales & Marketing VP would get together and decree - perhaps for reasons that were very compelling to them - that major software packages would be released to customers with no testing whatsoever. Stuff went straight from the compiler to the customer, sometimes even without a cursory walkthrough of functionality. For objecting, we, the software people, were branded as troublemakers and criticized for not being "team players". Once labeled in that way, I would be pretty much ignored any time I had to report that a new product or an update was not ready to ship. Needless to say, I left that company in a hail of bullets.

    To this day, I still laugh when I hear people say that Open Source software can never measure up to "commercial standards". Depends on whose commercial standards you're talking about...

  14. Foolishness by daVinci1980 · · Score: 5, Insightful

    That's foolish. There are bugs in every project of every size. Including bridges. And skyscrapers. Remember the Tacoma Narrows Bridge?

    Normally, those bugs have low Severity or Frequency (or both). Sometimes they have catastrophic severity.

    Did you know that the twin towers were built to withstand a direct impact from a 707?

    Bugs are a fact of life. They follow from the mantra 'nothing is perfect.'

    --
    I currently have no clever signature witicism to add here.
  15. Re:I Thought It Was Relevant by colmore · · Score: 4, Insightful

    No dude, you're wrong. I suppose you can believe that with sufficient abstraction, you're right, but you're not. All that formal systems theory and Turing business is great talking about abstract systems running abstract algorithms, but such discussions have zero to say about anything having to do with HUMAN error, which is what we're talking about here.

    I've probably spent about equal time writing C and writing in higher level languages, and I can promise that I make fewer errors in higher level languages, doing equal tasks. I think anyone with a lot of code under their belts can make similar statements. The closer to the machine a language makes you work, the harder it is to keep higher level details in the back of your head. In a high-level language, you're much less likely to make a low-level error (and any you make will almost certainly be caught by a warnings mode on the compiler, and this leaves you to keep more of your neurons working on, for instance, keeping your database and its wrapper classes working together correctly -- a task that is, perhaps, a simple afternoon's work in Python, Perl, Ruby etc. two days in C# or Java, and a week of hair-pulling in C... and well... I doubt such a thing has ever been done in assembler.

    Anyway, drop the semantic B.S. this is a debate about practicalities.

    --
    In Capitalist America, bank robs you!
  16. Re:I Thought It Was Relevant by aramael · · Score: 4, Insightful
    I thought it to be completely relevant in order to dismiss people complaining that one language is more error prone than another.

    Why do you dismiss a complaint which speaks to the very heart of the problem? A large class of bugs simply would not exist were a different language used. This is not pie in the sky stuff; it's a real phenomenon.

    If one language is less error-prone than another, then an application written in that language will have less bugs.

    If an error-prone language is being used to write software, then this surely has to be a reason why buggy software gets shipped. Why are you dismissing people who complain about error-prone languages?

    --
    Be true and faithful like your dog; but don't eat vomit like your dog
  17. Re:MS Word Easter Egg by hobbesx · · Score: 5, Funny

    Think of it this way:
    At least that Nigerian scammer doesn't have your address anymore...

    --
    This rating is Unfair ( ) ( ) Fair (*) Funny
    Sigh... If only. Modding would be so much more fun.