Code Quality In Open and Closed Source Kernels

Diomidis Spinellis writes "Earlier today I presented at the 30th International Conference on Software Engineering a research paper comparing the code quality of Linux, Windows (its research kernel distribution), OpenSolaris, and FreeBSD. For the comparison I parsed multiple configurations of these systems (more than ten million lines) and stored the results in four databases, where I could run SQL queries on them. This amounted to 8GB of data, 160 million records. (I've made the databases and the SQL queries available online.) The areas I examined were file organization, code structure, code style, preprocessing, and data organization. To my surprise there was no clear winner or loser, but there were interesting differences in specific areas. As the summary concludes: '..the structure and internal quality attributes of a working, non-trivial software artifact will represent first and foremost the engineering requirements of its construction, with the influence of process being marginal, if any.'"

Is it just me?

[Abreu]

Or the summary is completely incomprehensible?

Of course, I could try to RTFA, but hey, this is Slashdot, after all...

Re:Is it just me?

That is if you can figure out which of the 12 links are the actual FA and which are supporting material.

Re:Is it just me?

[catmandi]

It's just you.

Re:Is it just me?

[Abreu]

Ah, ok... thanks

Re:Is it just me?

[Bazman]

Well, it's not just you, but probably millions like you. Plenty of the summary is comprehensible, but I get the fear that it's really just a slashvertisement for his book (third link in summary).

Re:Is it just me?

[raddan]

It's not a very good summary, but the paper is well-written, which is interesting considering that the author is the one who submitted the summary to Slashdot. I suspect that he assumes we have more familiarity with the subject than we actually do.

Re:Is it just me?

[stavrosg]

TFA is the second link, but yes, the summary does not do much to help you figure it out.

Re:Is it just me?

[DustCollector]

No, it's not just you. Also,

>> To my surprise there was no clear winner or loser, ...

Not sure why it is a *surprise* there was no clear winner or loser. That's what I would expect.

Re:Is it just me?

[smittyoneeach]

I'll attempt a radical paraphrase: "Form follows function, not process."

Re:Is it just me?

[Diomidis+Spinellis]

I didn't write the last part when I submitted the story, and, yes, the summary given here is comprehensible, because it appears out of context. What the sentence '..the structure and internal quality attributes of a working, non-trivial software artifact will represent first and foremost the engineering requirements of its construction, with the influence of process being marginal, if any.' means is that when you build something complex and demanding, say a dam or an operating system kernel, the end result will have a specific level of quality, no matter how you build it. For this reason the differences in the software built with a tightly-controlled proprietary software process and that built using an open-source process are not that big.

Re:Is it just me?

[Diomidis+Spinellis]

It's not a very good summary, but the paper is well-written, which is interesting considering that the author is the one who submitted the summary to Slashdot. I suspect that he assumes we have more familiarity with the subject than we actually do. In my submission I did not include the last sentence with the "summary", which, I agree, is completely incomprehensible in the form it appears.

Re:Is it just me?

[tcopeland]

> the paper is well-written

Yup, and the author of the paper is Diomidis Spinellis, who wrote the excellent book Code Reading. This is a great study of code analysis and familiarization techniques. He also wrote a fine article on C preprocessors... in Dr. Dobb's Journal, I think.

Re:Is it just me?

[legutierr]

How useful is it to write something about computers that needs to be translated for the slashdot audience? Jargon is a great way to provide specialized information to insiders quickly and efficiently, but this is slashdot. If slashdot readers need for you to restate your description of a problem or observation related to the Linux kernel (even if that description is taken out of context), could it be that the paper could be written in a more open manner? The quote you provided from your paper seems to speak to a narrow audience; how narrow must your audience be, however, if it excludes a good portion of slashdot's readers?

If I seem overly critical, I do not mean to, it is only that I hate to see good, useful research made less accessible to non-academics by the use of academic language.

Re:Is it just me?

[thetoadwarrior]

If it doesn't say that then that means it's not accurate.

Re:Is it just me?

[Diomidis+Spinellis]

This is a very good point...

Re:Is it just me?

[utopianfiat]

Well, it's the second link. At any rate, the highlights of the data are that for the most part the kernels are tied in the important material, except:

% style conforming lines: FBSD:77.27 LIN:77.96 SOLARIS:84.32 WIN:33.30
% style conforming typedef identifiers: FBSD:57.1 LIN:59.2 SOLARIS:86.9 WIN:100.0
% style conforming aggregate tags: FBSD:0.0 LIN:0.0 SOLARIS:20.7 WIN:98.2

(I'm far too lazy to clean up the rest)

% of variable declarations with global scope 0.36 0.19 1.02 1.86
% of variable operands with global scope 3.3 0.5 1.3 2.3
% of identifiers with wrongly global scope 0.28 0.17 1.51 3.53

Re:Is it just me?

[Diomidis+Spinellis]

The preprocessor algorithm I described in the Dr. Dobb's article is the one I used for parsing the code of this study. A strange preprocessor construct in the Linux kernel caused the macro-expansion algorithm I used previously to fail.

Re:Is it just me?

[tcopeland]

> The preprocessor algorithm I described in the Dr. Dobb's article
> is the one I used for parsing the code of this study.

That was a great article; it really showed the complexity of handling those macros. Maybe something for "Beautiful Code II"...

Re:Is it just me?

[Abreu]

Just for the record, thanks for coming here to explain

Re:Is it just me?

[CherniyVolk]

... means is that when you build something complex and demanding, say a dam or an operating system kernel, the end result will have a specific level of quality, no matter how you build it.

First, Mr. Spinellis I found the report to be rather intriguing and captivating. I much respect the work put into it, and I think it'll prove valuable resource for study or reference.

With that said, the above quote struck a chord with me.

Let's take fire control systems for weapons of mass destruction. Without going into detail, the basic fact is that if a thermo-nuclear warhead is launched from Russia, France, UK, Isreal, US or any other country, it was and will be a deliberate act. The systems are far too complex and far too reliable for error or mistake. In other words, regardless of political position, no ruling body is going to ignore the possibility of an oopsie launch.

So, I do understand, that certain objectives, though may be approached and implemented vastly differently, will have strong similarities in the end result and with how it was successfully applied.

My problem is with this. What your saying is that there is no quality difference between Windows and Linux, and this is the discordant chord struck.

I can not extrapolate the agreeable portions of your thought to the seemingly obvious short comings of the Windows operating system. On any facet, whether it is security, stability, functionality or reliability. Windows is, far behind on all fronts.... aside from secrecy from a Microsoft point of view.

I once told my boss, who well understood, that he would never get the quality of code from me in the workplace as I might submit for the Open Source realm. It's just painfully obvious, that I will, at some point, hack an improper solution together for his deadline. And the nature of business, after the product is built, no one wants to change it unless they have to. So, while the economics all come into play here, why Microsoft might choose to fix one bug versus the other, the fact is in Open Source a bug will be fix on merit of a fix being available and acknowledgment that the bug is in fact a bug. Regardless if it's economically sound or feasible to fix the bug, in Open Source, it will be fixed.

While the end results that you present are interesting, I can not accept the proposition that the Windows kernel is too similar in quality. All one has to do is actually use the blasted thing, and no amount of numbers can be that convincing to ignore all the pitfalls well perceived from actually using the dreadful software.

I think you have overlooked overwhelming variables that directly effect the quality of software. Or, perhaps, the WRK has been a meticulous focus at Microsoft before it's release... this is likely possible, as it's WIDELY known, from nearly ALL examples of closed source proprietary software being released to the Open Source, that it takes years just to clean up and prepare for the ultra high standards of the OS community.

Re:Is it just me?

[Diomidis+Spinellis]

Please let me clarify here:

I can not extrapolate the agreeable portions of your thought to the seemingly obvious short comings of the Windows operating system. On any facet, whether it is security, stability, functionality or reliability. Windows is, far behind on all fronts.... aside from secrecy from a Microsoft point of view. I'm not claiming anything regarding these external quality attributes of Windows, the metrics I collected just show that there are no vast differences in the code's quality.

Or, perhaps, the WRK has been a meticulous focus at Microsoft before it's release... this is likely possible, as it's WIDELY known, from nearly ALL examples of closed source proprietary software being released to the Open Source, that it takes years just to clean up and prepare for the ultra high standards of the OS community. This is entirely possible. In fact, a README file in the distribution states:

The primary modifications to WRK from the released kernel are related to cleanup and removal of server support, such as code related to the Intel IA64.

Re:Is it just me?

[Allador]

I think you're vastly overestimating the overall knowledge, experience, and education in this context of the /. readership.

Only a small portion of the /. readers are programmers/developers (or in an academic speciality in this field).

Even amongst that population, only a small percentage are qualified in large operating systems development.

Similarly, a small percentage of the programmer subpopulation of /. will be familiar with the various theory, metrics and approaches to measuring and analyzing code quality.

The target population of the paper are people who fit into all three of these groups. Thats not very many people.

I've been doing software development for a living for almost 2 decades, but arent familiar with many of the metrics and approaches used to analyze the source code (of course some, like cyclomatic complexity, line lengths, operands per line, etc etc I am familiar with).

This is incredibly narrowly focused stuff, even for /.

Re:Is it just me?

[Hucko]

It is a good thing, as it may extend the knowledge of some or even perhaps "The One" who will produce the Singularity. On a bad note, it is not me...

Re:Is it just me?

[kitgerrits]

Keep in mind that the article analyzes the style quality of the code, not the functionality the code represents:
- You can write a beautiful piece of code that still fails (improper dimensioning, faulty speficication).
- You can also write downright ugly (Daily-WTF style) code that simply Just Works.

I have known Windows Servers that have run for years one end without rebooting or strange occurrences.
I have also known Linux Servers that simply died after a large file transfer (something about NFS and Gigabit).

Also: Windows' instability is not all caused by the kernel, but also largely by the other software that runs on it.
Because it allows for a lot of backwards compatibility, lots of people will still run stone-age crap on it until it breaks.

Re:Is it just me?

[stsp]

I understood the sentence perfectly while reading the summary, but I guess I could only understand it because I am familiar with the highlighted terms:

'..the structure and internal quality attributes of a working, non-trivial software artifact will represent first and foremost the engineering requirements of its construction, with the influence of process being marginal, if any.'

Both these terms have their origin, as far as I know, in software configuration management. Which itself seems to be a commonly misunderstood term, even by many computer scientists and hackers. I've met a few people who started thinking "managing configuration files" at first.

I don't think it's bad to use these kinds of terms in a paper (not that I knew a lot about scientific writing). As long as their context and origin is made clear it should be fine. As for these terms appearing in a slashdot summary: There are many, many occasions where I don't understand summaries very well either, so I don't think it's too much of an issue. In the end it all depends on which of the many fields of CS people reading the summary dabble in... uhm, we're all computer geeks here, right? :)

BTW, reading Code Quality atm, and liking it. Great book!

It's obvious

[Number6.2]

That you have neither capitalized on your shared synergies, nor have you recovered your cherished paradigms.

Oh. Wait. This is about propeller-head stuff rather than management stuff. Lemme get my "Handbook of postmodern buzz words"...

Closed Source?

Which of the samples were closed source? And........ how did he get a hold of it/them? Open source software is still open even if it came from microsoft.

Re:Closed Source?

[zeromorph]

The WRK is under the Microsoft Windows Research Kernel Source Code License. I'm not sure that this license conforms with anyones definition of open source, but it's reasonably free for reasearch.

But PP addresses a crucial point, if something really is closed source there is no reviewable way to compare and present this code. So if the WRK would be total crap they could always say: yes that's only the WRK, not the real kernel.

Only statements about open source code are directly verifiable/falsifiable. One of the reasons, why the FOSS approach is superior from a scientific as well as technical point of view.

Re:Closed Source?

[Em+Adespoton]

There are a number of companies that provide the source for you to READ, but you have no permission to MODIFY or DISTRIBUTE. I think by "open" he means "free" as in speech.

However, I was wondering how legal his database is; it might skate awfully close to the edge of the licenses he had to sign to get access to some of that code.

Re:Closed Source?

[twizmer]

Glancing at the schema, it's clear that the database, while highly interesting from a structural point of view, doesn't actually contain any of the code or anything like that. I'll bet he was smart enough to get it ok'd and I'll bet Microsoft was fine with it (after all, the paper does conclude that windows is comparable to the open source kernels)

Re:Closed Source?

[X0563511]

That works the other way too... the real windows kernel could be full of shit, and they would look better for the review of the WRK.

Re:Closed Source?

[clampolo]

Notice how the people on that Microsoft site don't look anything like programmers? First of all, there are far more women than men. More than half are black or hispanic. In my life I have only met 1 black guy who programmed. And only 1 asian in the picture. They are also all smiling instead of looking depressed. They are all well dressed and clean looking (not even one of them has a cow lick.)

Re:Closed Source?

[Johnno74]

Yeah, thats a real likely scenario:

The windows kernel is crap, so they write a new one that is better and open(ish) call it the WRK so people can look and see how good it is. But the shipping windows kernel is still crap because they only used the clean new code for the purposes of having clean code to show people, and they never did anything else with the code.

Yeah, that must have been it.

Re:Closed Source?

[X0563511]

No, all I'm saying is this:

If the WRK is the same as the real one, it has most likely had a thorough review and nitpicking before being releases - best not to make yourself look silly.

Having not seen the WRK, I harbor no opinion directly. I was just stating an alternative possibility.

Not that surprising

[abigor]

Final line in the paper: "Therefore, the most we can read from the overall balance of marks is that open source development approaches do not produce software of markedly higher quality than proprietary software development."

Interesting, but not shocking for those who have worked with disciplined commercial teams. I wonder what the results would be in less critical areas than the kernel, say certain types of applications.

Re:Not that surprising

[ivan256]

It's obvious what the results would be.

Half completed, unpolished commercial software usually stays unreleased and safe from this sort of scrutiny. However many of the same types of projects get left out in the open and easily visible to everybody when developed as open source. The low code quality of these projects would drag down the average for open source projects as a whole.

On the lighter side, you could say that you'd only consider software that was "out of beta" or version 1.0 or greater, but that would leave out most open source projects and commercial "Web 2.0" products....

Re:Not that surprising

[indifferent+children]

So open source software is not of 'markedly' higher quality. If it is of even 'slightly' higher quality, or 'exactly the same quality' as closed source software, then the fact that it costs less, and gives users freedoms that they don't have with closed source software, means that closed source is doomed.

Re:Not that surprising

[abigor]

Well, not necessarily. Perhaps for certain types of commodity applications, like office suites, but even then, it's tough to say. That's why I was interested in the comparison. Your assertion is certainly not true for games, for example.

Generally speaking, commercial desktop apps are still way ahead of their open counterparts, with the exception of code development tools and anything that directly implements a standard (browsers, mail clients, etc.)

One reason for this is that code quality as measured in this study may not directly relate to application quality as measured by the typical user. Photoshop is "good" not least because of its well-understood interface and the fact that everyone uses it, regardless of how admirable the code is.

Re:Not that surprising

[jgarra23]

So open source software is not of 'markedly' higher quality. If it is of even 'slightly' higher quality, or 'exactly the same quality' as closed source software, then the fact that it costs less, and gives users freedoms that they don't have with closed source software, means that closed source is doomed.


Please explain how you come to this conclusion. I may not be understanding your argument. I would like to know how factors such as marketing, market penetration, user acceptance, interface quality, support quality (in terms of user-friendliness and customer service), methods of distribution and target audiences apply to both argument and conclusion. I could be wrong but I'm pretty sure those are all of equal weight when determining the overall success or failure of a open/closed source model of software development.

Re:Not that surprising

[fitten]

Very hard to say. If it were a specific project (the release of the code) for a specific goal, then possibly. However, once a project is done, rarely will you find the money/time to revisit past code just to clean it up or merge source trees or whatever.

For example, if there was a business decision to release the code to the public but it had to look beautiful, then it might warrant being a 'real' project and be funded... but it would most likely have to have some gain associated with it (advertising, good-will, whatever) for the company... basically, some way for the company to profit from it.

If you're just wanting to do a general cleanup, you probably won't have time/money allocated for that... particularly when you may impact the stability of the codebase and/or regress or introduce new bugs (which will cost more money to fix).

So yeah, most of the time, you have to have to write it and you can change it when you have to fix a bug or add new features or something, otherwise, what's in the source doesn't change. However, where I work now, we are encouraged to refactor and such when we see good opportunity to do so. We also have some ATPs that we run to detect regression and bug introduction, to keep those issues at a minimum when possible.

Re:Not that surprising

[hey!]

Well, for a certain definition of "quality".

Maybe a better way of saying this is that open source programmers aren't better programmers than closed source ones.

But nobody ever said open source programmers are better. The argument is that open source software gets continually better from a user's perspective. If it doesn't for enough users, somebody else gives them what they want. If you aren't happy with SUSE's direction, you can go to RHEL and vice versa without creating a lot of fuss. Chances are somebody is taking the same basic building blocks and putting them together more like you want them.

In any case, I'm not impressed by including the Widows kernel to Unix kernels. It's not very useful to compare a microkernel to a monolithic kernel without including enough fo the modules that go around it to implement the same functionality. They should compare it to Mach instead.

Re:Not that surprising

[quangdog]

By the same token, based on these results could the last sentence read: "Therefore, the most we can read from the overall balance of marks is that closed source development approaches do not produce software of markedly higher quality than open source software development."

In other words, this study reveals nothing about the relative level of quality of either approach.

Flashbacks to my undergrad work when I had to read Zen...

-- Kimball
www.kimballlarsen.com

Re:Not that surprising

[indifferent+children]

To butcher a phrase from MLK: The arc of history is long, but it bends toward quality.

Putting a fresh coat of paint on a pig will only work for so long (and producing a fatter, less attractive, less useful, more expensive pig after 5 years of effort to produce something other than a pig, is not a win). Marketing and support can only compensate for high cost of low quality for so long; every day, more people realize that software that doesn't crash is better than software that has a 1-800 number that you can call when it crashes.

Re:Not that surprising

[FishWithAHammer]

Generally speaking, commercial desktop apps are still way ahead of their open counterparts, with the exception of code development tools and anything that directly implements a standard (browsers, mail clients, etc.) Code development tools? VS says hi. (And somebody is now going to leap in and say that that monstrosity Eclipse is somehow "better" than VS...this will be amusing.)

Re:Not that surprising

[Mongoose+Disciple]

So open source software is not of 'markedly' higher quality. If it is of even 'slightly' higher quality, or 'exactly the same quality' as closed source software, then the fact that it costs less, and gives users freedoms that they don't have with closed source software, means that closed source is doomed.

The problem with your conclusion is that it assumes that code quality as measured in this sort of way is the only or even the most important thing.

It's like buying clothes. Sure, the quality of the clothes you're buying does matter some in making your choice. So does price (which you mention above.) But, what the clothes look/feel like is also often important, and something like whether or not they actually fit you can trump all of those concerns.

In general I would say the open source world (as represented by the best known / flagship projects) produces higher quality code. It's better at finding and fixing bugs. It's often better at fixing inefficient algorithms and the like.

What it's generally [i]not[/i] as good at are higher-level or market-driven concerns, like if a UI is just bad and needs to be replaced whole-cloth, or if key feature that a developer would never use but that most users will want is present, or if documentation is provided or of sufficient quality.

As long as that's true, both open and closed source projects will continue to exist. They're best at different kinds of things, and I would argue they exist in a kind of symbiosis.

Re:Not that surprising

[samkass]

Yes, but there is absolutely no evidence that open source is any better in this respect than commercial software (in fact the actual evidence points to it being little different in this respect). And when it DOES crash, a 1-800 number is often better than a pile of badly commented code.

It will, in the end, come down to a value proposition. The value proposition of freedom to modify code is very hard to quantify, so that will probably factor into the eventual success of open source not at all. The actual quality, usability, documentation, trainability, ease of install, compatibility with existing infrastructure (usually Microsoft), etc., will probably be the deciding factors, and I don't see open source having a clear-cut advantage in those metrics.

Re:Not that surprising

[raddan]

But the author also points out that his measure of "quality" is limited. From the paper:

Other methodological limitations of this study are the small number of (admittedly large and important) systems studied, the language specificity of the employed metrics, and the coverage of only maintainability and portability from the space of all software quality attributes. This last limitation means that the study fails to take into account the large and important set of quality attributes that are typically determined at runtime: functionality, reliability, usability, and efficiency. However, these missing attributes are affected by configuration, tuning, and workload selection. Studying them would introduce additional subjective criteria. The controversy surrounding studies comparing competing operating systems in areas like security or performance demonstrates the difficulty of such approaches. From the end-user perspective functionality, reliability, usability, and efficiency are pretty much the entire thing. Most users couldn't care less that a piece of software is hard to maintain as long as it does what he wants reliably, consistently, and with a minimal amount of cognitive load. So this paper is aimed more at applying traditional software engineering metrics to four pieces of real-world software. The outcome *should* show little difference, since all four of these pieces of software are used in mission-critical applications. It would be surprising if one or more of them were not at all in the same ballpark, but it is nonetheless interesting that very different software development styles basically create products with roughly the same mesaures, e.g., modularity.

Re:Not that surprising

[wd4fsu]

Final line in the paper: "Therefore, the most we can read from the overall balance of marks is that open source development approaches do not produce software of markedly higher quality than proprietary software development." Interesting, but not shocking for those who have worked with disciplined commercial teams. I wonder what the results would be in less critical areas than the kernel, say certain types of applications. Putting aside for a moment that quality could be subjective, you can have outstanding quality code that misses the business requirements entirely. This study would have more value if it compared the resulting code against the stated business requirements and indicated how close it came. After all, the purpose of (business) code is to meet the requirements, right? :-) Owen

Re:Not that surprising

[abigor]

VS is great, don't get me wrong. I meant sort of in general, beyond just MS development, then the free/open tools are really good. Of course, I am using IDEA at the moment, which is not open, so I guess I'm not exactly practising what I preach.

Re:Not that surprising

[abigor]

Maybe that's why he chose to study kernels? Their requirements are well-known and pretty much the same regardless of implementation. But generally speaking, I agree with you 100%.

Re:Not that surprising

[eu_virtual]

Can I be the one?

Ok, I confess I only used vs up to version 2005, but that is mainly because I can only use it for MS programming. But if I could choose, I'd still choose eclipse over VS. Mylyn is great (if you use one of the supported connectors), and it really does help once you get used to it (which doesn't take very long). Better integration with SVN and most other vcs's. Great diff tool too. Also, source code view expanding when double clicking the tab. Debugging support for PHP, c/c++, python, java, etc.

And last, VS integration with tools that are not MS sucks.

So, when was the last time you used eclipse?

Re:Not that surprising

[QuietLagoon]

I wonder what the results would be...

I wonder what the results would be if a real, commercial Windows kernel were tested instead of a research-oriented one. I doubt if the research kernel was ever subjected to the "have to release it on time" programming deadlines.

Re:Not that surprising

[Diomidis+Spinellis]

I don't think that my results can support us in making arguments regarding 'slightly' higher quality, or 'exactly the same quality'. My figures are based on possibly interdependent, unweighted, and unvalidated metrics. Therefore they only allow us to make conclusions involving large differences.

Re:Not that surprising

[ChaosDiscord]

And when it DOES crash, a 1-800 number is often better than a pile of badly commented code.

Bahahahahahahaha. Hahahahahahaha. Hahahahahaha. Hehehehehe. *snicker*

It's a shame that the "Funny (+1)" rating no longer earns karma, because you deserve it.

Re:Not that surprising

[mikechant]

If you aren't happy with SUSE's direction, you can go to RHEL and vice versa without creating a lot of fuss.

This is one of the real plusses of the FOSS environment. I've gone from RH9 to FC2/4/6/7 and then switched to Ubuntu without much disruption; when Fedora just didn't work out for me on my new PC (Fedora 7 wouldn't recognize my network card;Fedora 8 had a buggy sound setup with pulseaudio), I just switched to Ubuntu (gutsy/7.10) and it worked just fine. If MS's versions of windows doesn't work for you, there's no alternative except buying different hardware.

Re:Not that surprising

[samkass]

(As I've mentioned before, "Funny" is -5 for me.)

And... really. REALLY? You'd rather have the source for Outlook Server than have a 1-800 person tell you "Oh, yeah, just toggle the doohickey and it'll come right back up."

Personally, my understanding of the revenue model for companies like RedHat and other Linux distros was "Let's take the most difficult to install, use, and generally obtuse operating system in common use today, give it away for free, then charge people for support! Brilliant!"

Not that I don't like Linux myself, but I'm a geek. Even Ubuntu doesn't pass the mother test, let alone the grandmother test (she has an iMac).

Re:Not that surprising

[Kalriath]

Can only use it for MS programming? My PHP projects designed and built in Visual Studio disagree with you there.

Re:Not that surprising

[bXTr]

And somebody is now going to leap in and say that that monstrosity Eclipse is somehow "better" than VS

Eclipse is somehow better than VS. I don't know how exactly, but it is, somehow.

Re:Not that surprising

[VGPowerlord]

Not only that, but the release of Visual Studio Shell makes it possible to distribute free editors using VS's Intellisense.

Re:Not that surprising

[phantomfive]

As I take a break from VS to enjoy some time on slashdot, I have no understanding of why people think VS is so amazing.

Is it because of intellisense? That's kind of nice, especially when your code is so disorganized that you don't remember where stuff is defined. Or if you can't open stuff up in two different windows to see where it is defined, like VS prevents you from doing (yeah, you sort of can, but it's stuck in the main VS window).

Is it because of the debugger? Sure, the debugger is nice, and I like it, but it only helps get rid of the easy bugs. The bugs that really eat your development time are the ones that only manifest themselves after the program has been running for a few hours/days, and usually a debugger doesn't help much with that. Besides, every other IDE comes with a debugger, even GDB works fine if you can handle arcane keystroke combinations.

And on top of it, Solutions and projects in VS are horrible. Why does VS try to save the solution every time I quit? Makefiles have some awful syntax, but at least when they change, I know it's because of what I've done, and I know how to fix it.

That said, I don't consider VS to be a bad IDE, it is reasonably decent. I just don't understand the logic of these guys who think that VS is the greatest IDE ever. It's a question, not a flame.

Re:Not that surprising

[Javagator]

I just don't understand the logic of these guys who think that VS is the greatest IDE ever

It has the best Emacs emulation of any IDE that I've used.

Re:Not that surprising

[FishWithAHammer]

[i]I just don't understand the logic of these guys who think that VS is the greatest IDE ever.[/i]

Because, currently, nothing comes close to standing up to it. That's all there is to it, for me. Eclipse is slug-slow. Code::Blocks could be good in another few years, but is much more minimalist (which is fine, don't get me wrong, but right now I wouldn't use it for anything serious). MonoDevelop is getting better, but feels like it's trying to be Visual Studio (no offense meant to mhutch or the other people working on it, it's a great tool).

Re:Not that surprising

[colinrichardday]

What languages does VS support?

Re:Not that surprising

[CrazedWalrus]

Um, yes.

You seem to forget that the Linux forums are generally stellar for resolving HOW-TO questions. Additionally, there are FAQs and instructional blog posts that are readily accessible through Google. In other words, "Toggle That Doohicky" is easily obtained in the FOSS environment as well, and can be done WITHOUT sitting on hold and taking your chances with the quality of the rep who answers.

Additionally, if the source were available, features you want could be added, someone ambitious enough could actually investigate *why* the damn thing works the way it does, and it'd probably have working Linux and Mac versions by now.

Re:Not that surprising

[Blakey+Rat]

It could have all the problems you listed and still be the "greatest IDE ever." The greatest software will have bugs in it, too, you know.

So you really haven't said anything at all. :) If VS isn't it, what do you feel is the "greatest IDE ever?"

Re:Not that surprising

[phantomfive]

Well, since you asked, "I'd crawl over an acre of 'Visual This++' and 'Integrated Development That' to get to gcc, Emacs, and gdb. Thank you." -- Vance Petree, Virginia Power

I concur with that sentiment (though sometimes I've also been known to program in VI).

Re:Not that surprising

[xenocide2]

On the lighter side, you could say that you'd only consider software that was "out of beta" or version 1.0 or greater, but that would leave out most open source projects and commercial "Web 2.0" products....

Then restrain yourself to "what Fedora ships" or "what Canonical supports in main". These are the presumably viable software products with a living upstream.

But you missed an interesting problem: failed commercial programs sometimes convert into open source projects. Its not clear to me whether this is a positive or negative effect. Are there more s out there or Blenders? Is the OpenOffice.org software good or bad?

Re:Not that surprising

[xenocide2]

Windows and computers don't pass the grandmother test. I should know as she just visited today and very nearly the first topic was that her computer was broken and I should look at it later. The conversation goes along on the couch about the new house and the new internet service (ATT u-verse) my mother bought. Grandparents mention a horrible experience switching ISP providers. They switched from DSL to cable a few years back, and decided to switch back yet again. They didn't realize it at the time, but they were a bit screwed -- nobody knew the old password or how to reset it. 1-800 wasn't very helpful here and quite frustrating. Eventually a neighbor who worked for ATT came along and figured it out for em. "Never again will we change ISPs!" she says.

Later on we get to looking at that laptop. First thing I notice is it's quite new, still with stickers on it, yet there's a wifi pcmcia card. I check underneath and clearly see a Wireless MAC [random mac address]. Apparently she had bought a wifi card because she wanted wifi, without knowing that her laptop already had wifi. The problem? A common one to laptops: the kill switch was on. The fun doesn't stop there -- Toshiba value add (more like value subtract) was failing to find the device. A troubleshooting dialog suggests removing and re-adding the device in Device Manager. Fun times, but it worked (?!). Once I finally figure out that nightmare of XP wireless support, it's still not connecting to the shitty 2wire here. No suggestions, just an infinite waiting dialog. We haven't even gotten to her real problem (something online related), since neither wifi device is connecting to 2wire. Calling Microsoft here would be ridiculous, and ATT would be nightmarish. If this were Ubuntu, I'd have a much better shot at debugging this. I could see whether the driver loaded, whether the interface was up, check the logs for wifi status, etc. I also doubt this problem would have happened in the first place with Ubuntu, as MY Toshiba runs fine on this network (hurray Centrino). It could also be the 2wire, who the fuck knows, but we don't have time to debug this, let alone wait on hold.

Here's the crazy thing: thirty years ago, she was an RPG programmer for the State of Kansas, and has basically owned a computer since the Commodore. Lets stop pretending the grandmother test is perfect comprehension / acceptance or failure. What we need isn't a 1-800 line full of failing voice recognition software and foreign accents, we need software and hardware that works right the first time, and the way we expect.

Re:Not that surprising

[totally+bogus+dude]

Well and good, but this particular conclusion was not based on masses of software. It was based only on the operating system kernels, which are likely to be of a higher overall quality than half completed, unpolished software.

Re:Not that surprising

[FishWithAHammer]

Make no mistake, I'm not saying Eclipse is useless. I am saying that it's bloated, slow (it was so bad on Linux that I ended up running Eclipse inside of a Windows virtual machine because that was faster), and what additional features it sports are of relatively questionable utility.

I'm very much not a fan of XAML, and I don't think WPF in its current form is going to be all Microsoft thinks it's going to be.

Re:Not that surprising

[Allador]

I think you're misunderstanding what WRK is. It's not a research kernel, its a snapshot of the 2003-x64/XP-x64 kernel, minus a bunch of hardware layer stuff (HAL, etc) and minus everything from userspace.

The information to inform you is here, which was also linked on the summary to TFA.

Re:Not that surprising

[kitgerrits]

I hate to rain on your parade here, but the HOWTO scene and TLDP seem to have died a slow death the past 3 years...
On one side, this was because of professional-quality white papers and on the other side because good 'starting with Linux' books have become available.

Whilst I know my way around google and can discern good sites from bad ones, this relies on knowledge accumulated in 12 years of systems administration.

Finding answers is still, generally, easier for Windows software than for Un*x software.

Re:Not that surprising

[kitgerrits]

In that case: Get a Mac.

You pay a premium for less functionality, but is Just Works.

*) I don't own one, but a lot of people I know do, even some that work as sysadmin during the day.
**) I own a console for that exact reason. FPS games are a dream on a PC, but all the rest is played on console.

Re:Not that surprising

[Raenex]

I run Eclipse on Linux and it's not slow, except for startup time. It is a memory hog, no doubt about that.

Re:Not that surprising

[xenocide2]

Her laptop cost 400 dollars. You can't buy anything Mac for that, let alone a laptop.

But here's a surprising bigger problem that I've seen a couple times now: for the computer literate elderly, learning a new system might not have a positive ROI. One of my alma mater's retired faculty ran DOS until something like last year, and one reason I've heard is that he didn't think he could port the software he wrote to a new OS before he died. Apparently someone convinced him that Linux fit the bill, perhaps it was DOSbox that set him Free. The same reasoning sadly can apply in the grandmother case. It's a bit weird as a young man to see people apparently planning to die, but it's hard to deny there's a logic to it.

Re:Not that surprising

[kitgerrits]

You do have a point there.
Maybe you can get a power adapter or a used iPod for that kind of money ;-)

About interfaces:
- For those that know what they're doing, a text-based system might be easiest, because -everything- can be looked into, poked at and made visible.
- GUIs tend to hide the 'scary bits' from the user, so they can get on with their lives, as long as everything works the way you expect it to.
I remember reading a paper about how the command-line comtains simple, easy-to-understand metaphors, whilst people keep looking for the right button or tick box in a GUI. (can't find it, though)

Hardware has come a long way the past 10 years.
It's been a while since I had to change the address of my printer port to make my sound card do something.
USB has already standardized a lot of hardware 'classes' (pointer device, mass storage, sound device) and more 'standardization' may still be ahead. Maybe the future of comfortable computing lies in a metaphor that has not been invented yet (or that a PARC employee junked before anyone else stole it).

Oh, and I seriously dislike the way Toshiba laptops need a userland program to change BIOS settings. It's a pain in the behind, especially when you need to change a setting in order to fix the O/S.

Re:Not that surprising

[xenocide2]

Toshiba BIOS settings are weird, but in their defense they have been doing this for longer than anyone else. They did were doing ACPI stuff before it was formalized. We see this over and over again -- someone comes up with an okay idea on their own. Then an industry comittee or Microsoft or someone else defines a standard. Now you have two interfaces and neither party have incentives to resolve the situation. It happened with ACPI and with wireless drivers, probably more. But when you say userland, do you mean "not in kernel" or "not from BIOS itself?" My laptop has a goofy configuration screen that handles most everything I'm aware of. I wouldn't be surprised to hear there's more out there that the boot menu doesn't touch, as the whole thing scares me a bit and I stay away from messing with it when possible.

In Linux, big changes like this mostly only happen when there's universal support. Open Source makes it possible to see how the old stuff worked and incorporate the changes to a new design.

Re:Not that surprising

[kitgerrits]

I meant 'not from the BIOS itself'.
You had to install a special (Windows) HWSETUP program in order to set the more interesting BIOS options.

The BIOS itself is not exactly easily found:
http://support.toshiba-tro.de/kb0/FAQ6401G1000DR01.htm
Esc key method (Toshiba BIOS):
      1. Press and hold the Esc key.
      2. Turn on the notebook.
      3. Press the F1 key when prompted.
      4. The first page of the BIOS Setup screen appears.

Re:Not that surprising

[xenocide2]

At least for my model, the bios is a matter of pressing F1 at the right time. Not an Award though, which people might be familiar with. Linux has similar BIOS tools available. Out of curiousity, which BIOS settings aren't available from the boot menu?

No-one has ever claimed

[wellingtonsteve]

..that Open Source code is of quality, but at least the point of things like the GPL is that you have the power to change that, and improve that code..

Re:No-one has ever claimed

[jedidiah]

I have personally done it myself when the need was present.

With a large userbase, even a large kernel development team is going to represent "no one". This is just the nature of the numbers.

The fact that anyone can be "no one" and that these "no ones" can then benefit everyone one else, is the whole point of Free Software.

The libre kernels undoubtedly have much more diverse and spread out development teams.

They represent more than just one corporate culture or more than just one approach to software.

Re:No-one has ever claimed

[Tubal-Cain]

It's the thought that counts.

Re:No-one has ever claimed

[KutuluWare]

You haven't been paying attention to many Open Source proponents if you haven't ever seen them claim that Open Source code is of vastly superior quality than proprietary. Hell, ESR's claim to fame is a whole paper he wrote on that exact topic. For example, the OSI itself puts this claim at the very top of their advocacy document on selling OSS to your management:

The foundation of the business case for open-source is high reliability. Open-source software is peer-reviewed software; it is more reliable than closed, proprietary software. Mature open-source code is as bulletproof as software ever gets.
  Open Source Case for Business There is a pretty clear divide in the F/OSS community between the OSI-side-people, who view Open Source as a development model that leads to better software with fewer bugs and quicker turnaround; and the FSF-side-people who think of Free Software as a moral imperative that leads to more freedom in addition to better software with fewer bugs and quicker turnaround.

Having worked heavily in both areas of software development, I think this particular article's conclusion was obvious: code quality depends on the people who wrote it, not the process the used to license it. But only people who have done extensive proprietary and open-source development could really see that first-hand, and our opinions are automatically dismissed as being pro-Microsoft shills. Thus, I predict this paper will be roasted over an open flame, crushed into a tiny ball, soaked in gasoline, lit on fire, and ejected into deep space by the most devoted open source proponents in both camps.

CScout Compilation

[allenw]

"The OpenSolaris kernel was a welcomed surprise: it was the only body of source code that did not require any extensions to CScout in order to compile."

Given that the Solaris kernel has been compiled by two very different compilers (Sun Studio, of course, and gcc), it isn't that surprising. Because of the compiler issues, it is likely the most ANSI compliant of the bunch.

statistical wash-out?

[davejenkins]

If I am understanding correctly, you were looking for 'winners' and 'losers' (weasel words in and of themselves, but anyway...) in terms of 'quality' (another semi-subjective term that could make someone go crazy and drive motorcycles across the country for the rest of their lives).

You found that '..the structure and internal quality attributes of a working, non-trivial software artifact will represent first and foremost the engineering requirements of its construction, with the influence of process being marginal, if any.' -- or in plain English: "the app specs had a much bigger influence when compared to internal efficiencies".

I would wonder if you're just seeing a statistical wash-out. Are you dealing with data sets (tens of millions of lines and thousands of functions) that are so large, that patterns simply get washed out in the analysis?

Oh dear, my post is no more clear than the summary...

Re:statistical wash-out?

[Junior+J.+Junior+III]

in plain English: "the app specs had a much bigger influence when compared to internal efficiencies".

It sounds more like they're saying "If someone built it, and someone else is using it, and it's important, then the code quality is going to be pretty good. If it matters, it's going to get attention and be improved."

Of course, I can think of a bunch of counter-examples in Windows where something was important *to me* and mattered *to me* and no one at Microsoft saw fit to do anything about it for decades.

Re:statistical wash-out?

[Ethanol-fueled]

"Oh dear, my post is no more clear than the summary..."
For those of us who have read this, it is ;)

Re:statistical wash-out?

[Diomidis+Spinellis]

I would wonder if you're just seeing a statistical wash-out. Are you dealing with data sets (tens of millions of lines and thousands of functions) that are so large, that patterns simply get washed out in the analysis? I don't think so. I can't now do an analysis for a counterexample, but I am pretty sure that if I run the same metrics on, say, the bottom 20% in terms of downloads, of Sourceforge projects I will very different results.

Re:statistical wash-out?

[raddan]

With regard to the guy who went crazy and drove his motorcycle across the country-- I think the point of the book was to demonstrate that "subjective" and "objective" are specious terms. Science gets all hot and bothered when words like "good" and "bad" are used, but not when words like "point" are used. So if we can make allowances for axiomatic terms, why not so-called "qualitative" terms? After all, the word "axiom" means, according to Wikipedia:

The word "axiom" comes from the Greek word axioma a verbal noun from the verb axioein, meaning "to deem worthy", but also "to require", which in turn comes from axios, meaning "being in balance", and hence "having (the same) value (as)", "worthy", "proper". Among the ancient Greek philosophers an axiom was a claim which could be seen to be true without any need for proof. Indeed, if you look at many of our "quantitative" measures, they are, at their heart, a formalization of "goodness" and "badness". If you're a mathematician, you might argue that this is not true (since there are loads of mathematical constructs whose only requirement is simply self-consistency and not some conformance to any external phenomenon), but if you're an engineer, you're whole career balances on the fine points of "goodness" and "badness". It is an essential concept!

My personal opinion is that if statistics are a wash-out in general, then the researcher is asking the wrong questions. I know that the author pre-defined his metrics in order to avoid bias, but that's not necessarily good science. Scientific questions should be directed toward answering specific questions, and the investigatory process must allow the scientist to ask new questions based on new data.

There is clear non-anecdotal evidence that these operating systems behave differently (and, additionally, we assign a qualitative meaning to this behavior), so the question as I understand it is: is this a result of the development style of the OS programmers? The author should seek to answer that question as unambiguously as possible. If the answer to that question is "it is unclear", then the author should have gone back and asked more questions before he published his paper, because all he has shown is that the investigatory techniques he used are ill-suited to answering the question he posed.

Re:statistical wash-out?

[drsmithy]

Of course, I can think of a bunch of counter-examples in Windows where something was important *to me* and mattered *to me* and no one at Microsoft saw fit to do anything about it for decades.

For example ?

Re:statistical wash-out?

[Junior+J.+Junior+III]

OK, sure that's fair. Here's one:

When copying/move a bunch of files, if Windows encounters an error that prevents a file from being read/written, the entire copy aborts at the point where the problem occurred.

I'd love Windows to automatically fail the problem file while continuing to try to copy/move the remaining files, then present you with some kind of error report at the end saying "These files couldn't be copied for [reason]."

There's file management utilities that you can use to get around this weakness in Explorer's basic file handling, but it's embarrassing enough that I would think MS would want to handle that in a more built-in way. They continue to ignore the issue, though. In Vista, from what I hear, file copy has actually gotten worse.

Re:statistical wash-out?

[edalytical]

I'm just on my lunch break right now, so I've only read the abstract and a few comments. I'm wondering what the results would look like if you feed it particularly bad code. I'd also like to know what would happen if you feed it random pieces of many code bases, etc.

I look forward to reading the article later.

Re:statistical wash-out?

[drsmithy]

I'd love Windows to automatically fail the problem file while continuing to try to copy/move the remaining files, then present you with some kind of error report at the end saying "These files couldn't be copied for [reason]."

Well you may (or may not ;) be happy to know they've fixed that in Vista.

(Good example though.)

Re:statistical wash-out?

[benwaggoner]

'quality' (another semi-subjective term that could make someone go crazy and drive motorcycles across the country for the rest of their lives). And High Kudos for a germane "Zen and the Art of Motorcycle Maintenance" reference on Slashdot!

A book everyone should read, less than for the stated ideas of the author, but for the very useful parable about thinking too hard about unanswerable theoretical questions instead of just getting stuff done.

Re:statistical wash-out?

[Blakey+Rat]

They continue to ignore the issue, though. In Vista, from what I hear, file copy has actually gotten worse.

Ugh! I hate people who haven't even used Vista telling people how crummy Vista is. What city do you live in? I've never been there but I hear it's a giant ball of suck!

Anyway, you'll be happy to hear that whoever told you that is a filthy liar and you should kick them in the shins. Vista fixes the bug you mentioned.

That all said, I've had the same complaint about Windows for a long time. But Windows isn't/wasn't the only OS with the same problem-- I've been a long-time Mac user, and Apple's had the same bug for ages as well. (I think it was finally fixed in OS X, been awhile since I used a Mac though.)

Re:statistical wash-out?

[Junior+J.+Junior+III]

Actually, I have seen and used Vista. And it does suck much. After reading a lot of negative stuff about it, I approached Vista warily and predisposed toward not liking it, but it failed me on its own lack of merit, not because I'm biased.

I've stayed clear of Vista for many reasons. All the promised cool features that ended up getting dropped. The insane hardware requirements. The poorer performance on the same hardware as compared to XP. The 6 different versions to choose from, the most expensive of which are beyond my willingness to pay for, but have features I wouldn't want to do without. The WGA program. DRM. The braindead abortion that is UAC.

I've seen Vista, and used it, albeit only Home Basic and Home Premium, and only for long enough to poke around, image the drive, and put XP back on, and to be completely fair, I did think there were some things about it that were nifty. Offhand, though, the only thing I remember that I really liked was what they did with the System control panel, and maybe the Start menu had some useful ideas.

Everything else I could live without, or hated. I found networking configuration to be a total nightmare, with Windows automatically reconfiguring stuff I had set manually without my asking it to or giving it permission to.

Prior to the release of Vista SP1, there was apparently a bug in the copy routine that caused copies to either go very slowly or else to cause the system to grind to a virtual standstill. Completely unacceptable bug to slip through into in a production release, albeit fixed for what it's worth in SP1.

If a multi-file copy no longer terminates at first error, then great, but my point still stands that this issue was something that went un-addressed for over a decade, back to Win95 (I never used 3.1 or DOS, but I understand those also worked the same way.) Had Windows been open-source, someone might well have reworked the copy/move feature to work better. Clearly once MS had established its OS monopoly, it decided they had other priorities that kept this on the back burner forever.

That other OSes also functioned this way for years is irrelevant; my point wasn't to bash MS (though I'm more than happy to when it's deserved) but to point out an example of a problem in closed source software that went unfixed for ages despite being highly visible.

I'm not sure whether this problem meets to criteria of "code quality" so much as process flow -- single-file copies are generally pretty darn reliable in MS OSes going back as far as you care to look -- but it was a highly visible feature and I'd say an important one due to the frequency with which it gets used, and even if the underlying code wasn't unreliable in the sense that Copy didn't corrupt files or fail without telling you, it was still a shitty implementation.

Likely, MS's code quality is better elsewhere in the OS where performance and stability are even more important (but only after years of DOS/3.1/9x suckage), but again, it's *their* priorities and their values that dictate what gets worked on, not a community of developers and users. Customers of Microsoft generally get to complain without recourse, and Redmond responds if and when it feels like getting around to it, but mostly in response to squashing a competitor that actually innovates, not in true response to customer needs or wants. Look at the stagnation in IE after they knocked off Netscape for an example of how they prioritize issues for their developers to work on when left to their own devices.

I could have pointed to issues with Mac OS X's Finder, if I'd wanted, and made very similar points in support of what I was arguing in the grandparent post: that in any code project, code quality is likely to be high *where it matters* and where it *has to be*, and where it can be "lived with" and where it matters less, it will likely not be as good. Whether the development model is open or closed source, this is still likely to be true, but at least with open sour

Re:statistical wash-out?

[Diomidis+Spinellis]

My personal opinion is that if statistics are a wash-out in general, then the researcher is asking the wrong questions. I know that the author pre-defined his metrics in order to avoid bias, but that's not necessarily good science. Scientific questions should be directed toward answering specific questions, and the investigatory process must allow the scientist to ask new questions based on new data. There is clear non-anecdotal evidence that these operating systems behave differently (and, additionally, we assign a qualitative meaning to this behavior), so the question as I understand it is: is this a result of the development style of the OS programmers? The author should seek to answer that question as unambiguously as possible. If the answer to that question is "it is unclear", then the author should have gone back and asked more questions before he published his paper, because all he has shown is that the investigatory techniques he used are ill-suited to answering the question he posed. Wait a minute here: being unable to prove a hypothesis is a long-established scientific path. Due to the tiny number of samples (four kernels) I could not prove my case with statistical rigor, but still publishing the results that show I could not find a difference is the scientifically honest thing to do. Reformulating the questions until you find an answer that suits you distorts the picture due to the file drawer problem.

Re:statistical wash-out?

[cyborg_zx]

Seems to me that showing that certain questions don't get useful answers is quite useful in and of itself.

Re:statistical wash-out?

[swv3752]

Grandparent is probably referring to the bug where Vista takes extremely long to copy simple files. It has been reported all over, so it should be taken as a widely held fact. It might be fixed now, but that does not men it wasn't a problem. But then again, you were probably trolling.

Re:So....

[ac666]

Um, he already did plenty. I'm sure there's room for a follow-up paper along those lines. Quite possibly by someone else - I'd guess you're up to the task, considering how dismissive you were of his efforts?

Slashbots are teh 13 year olds blah blah blah

[spun]

Well, you lose your bet, been over five minutes and no anti Microsoft screeds let alone spelling it with a $.

Just so everyone understands, the tactic used here is known as "Poisoning the well." The idea is the discredit an argument's source before the argument is presented. Here, our AC friend is trying to ward off criticism of Microsoft by insinuating that anyone who does so is a 13 year old "Slashbot."

The fallacy is in the fact that even someone who is 13 and often goes along with the Slashdot zeitgeist may still have legitimate criticisms of Microsoft, such as the fact that Microsoft sucks giant hairy donkey balls.

Re:Slashbots are teh 13 year olds blah blah blah

[ozmanjusri]

What do they taste like?

Re:Slashbots are teh 13 year olds blah blah blah

[pohl]

What do they taste like?

You'd have to ask Micro$oft.

Really?

[jastus]

I'm sorry, but if this is what passes for serious academic computer-science work, close the schools. This all appears to boil down to: quality code (definition left to the reader) is produced by good programmers (can't define, but I know one when I see his/her code) who are given the time to produce quality code. Rushed projects by teams of average-to-crappy programmers results in low-quality code. All the tools and management theories in the world have little impact on this basic fact of life. My PhD, please?

Re:Really?

[indifferent+children]

Forget the PhD, if you have really learned that lesson, then you need to be made CIO at any one of my former employers.

Re:Really?

[jjohnson]

If you'd RTFA, you'd know that there's a lot more to what the author said than that. He says nothing about a relationship between the quality of programmers and the quality of code; he says nothing about the time taken to develop code, and makes no conclusions about its effect on code quality.

What he says is that a cluster of metrics that collectively say something general about code quality (e.g., better code tends to have smaller files with fewer LOC; worse code has more global functions and namespace pollution) show little difference between four kernels with diverse parentage.

He speculates (and says he is speculating) that obvious differences in process might account for small variances in where each kernel scores well or badly.

The 99% Solution

[SuperKendall]

So while looking at the data collected, I had to wonder if some of the conclusions reached were not something of a matter of weighting - I saw some things pretty troubling about the WRK. Among the top of my list was a 99.8% global function count!!!

This would explain some things like lower LOC count - after all, if you just have a bunch of global functions there's no need for a lot of API wrapping, you just call away.

I do hate to lean on LOC as any kind of metric but - even besides that, the far lower count of Windows made me wonder how much there, is there. Is the Windows kernel so much tighter or is it just doing less? That one metric would seem to make further conclusions hard to reach since it's such a different style.

Also, on a side note I would say another conclusion you could reach is that open source would tend to be more readable, with the WRK having a 33.30% adherence to code style and the others being 77-83%. That meshes with my experience working on corporate code, where over time coding styles change on more of a whim whereas in an open source project, it's more important to keep a common look to the code for maintainability. (That's important for corporate code too - it's just that there's usually no-one assigned to care about that).

Re:The 99% Solution

[Yosi]

The piece of Windows they had did not include drivers. It says:

Excluded from the kernel code are the device drivers, and the plug-and-play, power management, and virtual DOS subsystems. The missing parts explain the large size difference between the WRK and the other three kernels.

Much of the code in Linux, for instance, is drivers.

Re:The 99% Solution

[Diomidis+Spinellis]

So while looking at the data collected, I had to wonder if some of the conclusions reached were not something of a matter of weighting - I saw some things pretty troubling about the WRK. Among the top of my list was a 99.8% global function count!!! I guess Microsoft uses a non-C linker-specific mechanism to isolate their functions, for instance by linking their code into modules. But yes, this is a troubling number.

This would explain some things like lower LOC count - after all, if you just have a bunch of global functions there's no need for a lot of API wrapping, you just call away. The lower LOC comes from the fact that WRK is s subset of Windows. It does not include device drivers, and the plug-and-play, power management, and virtual DOS subsystems.

Also, on a side note I would say another conclusion you could reach is that open source would tend to be more readable, with the WRK having a 33.30% adherence to code style and the others being 77-83%. That meshes with my experience working on corporate code, where over time coding styles change on more of a whim whereas in an open source project, it's more important to keep a common look to the code for maintainability. (That's important for corporate code too - it's just that there's usually no-one assigned to care about that). About 15 years ago I chanced upon code in a device driver that Microsoft distributed with something like a DDK that had comments written in Spanish. The situation in WRK is markedly better, but keep in mind that Microsoft distributes WRK for research and teaching.

Re:The 99% Solution

[mtaht]

I note that I would have been more interested in the analysis had your paper compared to apples to apples - e.g - the linux core vs the wrk core. Linux has a notably lower standard of excellence for device driver code.

Re:The 99% Solution

[Diomidis+Spinellis]

I've put the data and the SQL queries on the web. It is therefore easy for you to do what you suggest, because the filenames are stored in the database. Just perform a cascade delete for the files you think that don't belong to each system's core and rerun the queries. I'd be interested to know the results.

Re:The 99% Solution

[LackThereof]

the WRK having a 33.30% adherence to code style and the others being 77-83%. That meshes with my experience working on corporate code, where over time coding styles change on more of a whim whereas in an open source project, it's more important to keep a common look to the code for maintainability. (That's important for corporate code too - it's just that there's usually no-one assigned to care about that). The fact that this is just a //small chunk// of the Windows kernel makes this even more scary; I imagine the same level of inconsistency is present through the entire mess

Re:The 99% Solution

[JasterBobaMereel]

So when you compare the Linux Kernel (code honed by multiple people over a long period) The Solaris Kernel (ditto) and the Microsoft published Kernel (ditto) all of which *have* to work properly and be extremely reliable, and have to be easily modified by multiple people and so have to be easy to read and understand...... surprise surprise they are of similar style and "quality"

In other news: salt tastes salty ?

What about application software? Drivers? (oh sorry you can't compare because Microsoft won't publish theirs ...)

Re:The 99% Solution

[SuperKendall]

But that's the thing - the Microsoft published kernel varies significantly in terms of apparent maintainability, both from the global function standpoint and from code standard adherence which makes it harder to work on more parts of the code.

This would seem to indicate that Microsoft has to devote more people to working on code than other other open source kernels would, which actually seems like a reasonable guess when you think about how many people Microsoft employs.

Re:windows is teh suck blah blah blah

[Uncle+Focker]

The fact that he said that he couldn't draw any conclusions probably means that the windows code had by far the best quality out of any of them, and that shouldn't surprise anyone. Not quite.

The two systems with a commercial pedigree (Solaris and WRK) have slightly more positive than negative marks. However, WRK also has the largest number of negative marks, while Solaris has the second lowest number of positive marks.

Re:the worst

[rubycodez]

the worst for what applications?

KLOCs?

[Baavgai]

If good code and bad code were a simple automated analysis away, don't you think everyone would be doing it? What methodolgy could possibly give a quantitative weighting for "quality"?

"To my surprise there was no clear winner or loser..." Not really a surprise at all, actually.

Re:KLOCs?

[getto+man+d]

Exactly. Automation excludes creativity. If it were that easy I could just do the following:

writeGoodCode(int numberOfLines, float ouncesOfCoffeeConsumed)

Re:KLOCs?

[Diomidis+Spinellis]

You can automatically recognize some bad smells of poor quality code. However, this will still let through poor quality code that has been explicitly written to guard against the bad smells. So, you can say for sure that some code stinks, but you can't (and I suspect you will never be able to) tell that some code excels.

The winner is still open source

[abolitiontheory]

Does anybody see that these results are in still favor of open source? The fact is, it's actually a beautiful thing that the difference in quality is marginal. This equality then becomes the rubric by which to judge other elements of the design process, and choices about whether to develop and deploy programs with open source or closed source.

People make claims about the need for closed source all the time, usually revolving around the need to a predictable level of quality, or some other factor. The fact is, this results proves that its a wash whether you choose open or closed--so why not choose open?

There's a deep significance here I'm failing to capture completely. Someone else word it better if they can. But there didn't need to be some blow-out victory of open source over closed source for this to be a victory. All open source needed to do was compare--which it did, clearly--with closed source, in terms of value, to secure its worth.

Re:The winner is still open source

[bugs2squash]

I read the article, I understood most of it (I think). I agree, as I read it I was constantly thinking...

1) Closed source does not seem to justify it's price tag based on better quality

2) Windows seemed to be damned by feint praise from time to time (the comments were great - they were spell checked...)

How can I rid myself from the gut feeling that the author had an agenda ?

For all I know this is a scholarly and unbiased report, but it's an article of faith rather than any conviction I got from reading TFA.

What I most liked about it were some of the pointers indicating what to look for in good coding. I hope he never runs this report on any of my code !

Re:The winner is still open source

[Diomidis+Spinellis]

This is a very interesting comment. I had not thought of my results in this light, because, based on my experience as a (minor) FreeBSD committer and as a Windows user, I was expecting to see a large difference in favor of open source code. Yes, in the way you put it, open source is a winner.

Re:The winner is still open source

[Allador]

You're missing a very important point.

For the users of operating systems, the code quality is irrelevant.

Things like features, marketing, packaging, etc are what drives markets, not an academic analysis on source code quality.

This kind of information is only useful or interesting to those of us in the field.

As an analogy to automobiles, consider metrics on the complexity of supply chain dependencies in car manufacturing.

Only interesting to people in the business, not interesting at all to the people who actually buy and drive cars. They only care how cool it looks, mileage, and what colors you can get it in.

This article only speaks to things interesting to those of us who build these things for a living. It says nothing about the market/commercial success.

As a final trivial analogy, the most beautiful code in the world, used to create the perfect OS, doesnt mean squat if it doesnt provide features that its target audience wants.

Re:The winner is still open source

[azgard]

I disagree. You are saying that either quality doesn't matter for the user, or he wants to be tricked.

If the code quality improves quality of the product, it's a good thing. Maybe not all factors that make code "high quality" do this, but some of them do. So it's not irrelevant to users.

Re:The winner is still open source

[Allador]

You are saying that either quality doesn't matter for the user, or he wants to be tricked. I am not saying that.

I am saying that the features/functions the user considers important, or where greater levels of 'quality' are important to them, have little bearing to this article's definition of code quality.

The biggest thing TFA measures is readability, maintainability, etc. This has an indirect effect on the business' ability to change, update, etc.

But these are very indirect sorts of relationships, often through several layers of indirection, and with a delay time between code creation and benefit the user sees in several years or more, if ever.

If the code quality improves quality of the product, it's a good thing. Yep, and thats the whole rub of it.

There is little evidence that code quality improves the quality of the product, from the end user point of view.

You can produce the same features, at the same level of quality, with no connection to code quality (though poorer code quality will likely make the product development more expensive over time).

Code Quality and Product/Feature Quality can be orthogonal. You can have great features, that do exactly what the user wants, and how he/she wants it, but the underlying code is terrible. And vice-versa, you can have the perfect code, beautiful to the eye, and easier to maintain, but doesnt provide the features the customer/market wants.

Businesses fail all the time because of the latter (great technology, poorly thought out product/business-plan), but rarely because of the former.

In the former case, it makes new versions and product enhancements more expensive, so it eats into your margins, and slows you down.

So....

[jellomizer]

The way you choose to license your software doesn't coralate with software quality... Seems logical to me. As how you license your software has very little to do about the code inside the OS.

Closed Source Developer: I will try to do my best job as I possibly can so I can keep my job and make money because that is what I value.

Open Source Developer: I will try to do my best job as I possibly can so I can help the comunity and feel better about myself/get myself noticed in the comunity/Something cool to put on my resume... because that is what I value.

People who choose to license their software OpenSource vs. Closed Source says nothing about their programming ability. There are a bunch of really crappy GNU projects out there as well as a bunch of crappy closed source projects... Yea there is the argument of millions of eyes fixing problems but really when you get millions of people looking at the same thing you will get good and bad ideas so the more good ideas you get the more bad ideas you get and the more people involved the harder it gets to weed out good ones and bad ones. Closed source is effected often by a narrow level of control where bad ideas can be mandated.... All in all everything really ballances out and the effects of the license are negledgeable.

An interesting point..

[SixDimensionalArray]

I haven't seen anybody else comment on the fact that the statement that the quality of the code had more to do with the engineering than the process through which the code was developed is quite interesting.

From my personal experiences, it typically seems code is written to solve a specific need. Said another way, in the pursuit of solving a given problem, whatever engineering is required to solve the problem must be accomplished - if existing solutions to problems can be recognized, they can be used (for example, Gang of Four/GOF patterns), otherwise, the problem must have a new solution engineered.

Seeing as how there are teams successfully developing projects (with both good, and bad code quality) using traditional OO/UML modeling, the software development life-cycle, capability maturity model, scrum, agile, XP/pair programming, and a myriad of other methods, it would seem to be that what the author is saying is, it didn't necessarily matter which method was used, it was how the solution was actually built (the.. robustness of the engineering) that mattered.

Further clarification on the difference between engineering and "process" would strengthen this paper.

I went to a Microsoft user group event some time ago - and the presenter described what they believed the process of development of code quality looked like. They suggested the progression of code quality was something like:
crap -> slightly less crappy -> decent quality -> elegant code.

Sometimes, your first solution at a given problem is elegant.. sometimes, it's just crap.

Anyways, just my two cents. Maybe two cents too many.. ;)

SixD

Re:An interesting point..

[T.E.D.]

crap -> slightly less crappy -> decent quality -> elegant code.

That's only the first half of the life-cycle. The rest would be along the lines of

-> elegant code with a few special case hacks -> special case hacks with a few lines of elegant code -> crap.

Re:the worst

[Abreu]

Don't feed the troll, compadre!

What I took from it was:

[jabjoe]

"Linux excels in various code structure metrics, but lags in code style. This could be attributed to the work of brilliant motivated programmers who aren't however efficiently managed to pay attention to the details of style. In contrast, the high marks of WRK in code style and low marks in code structure could be attributed to the opposite effect: programmers who are efficiently micro-managed to care about the details of style, but are not given sufficient creative freedom to structure their code in an appropriate manner. "

How ever I was left wondering how it was possible to compare fairly? He already stated:

"Excluded from the kernel code are the device drivers, and the plug-and-play, power management, and virtual DOS subsystems. The missing parts explain the large size difference between the WRK and the other three kernels."

and reading I see even more of the drivers aren't there:

"The NT Hardware Abstraction Layer, file systems, network stacks, and device drivers are implemented separately from NTOS and loaded into kernel mode as dynamic libraries. Sources for these dynamic components are not included in the WRK. "

http://www.microsoft.com/resources/sharedsource/licensing/researchkernel.mspx

So it's not like for like. Maybe you would draw different conclusions if it was, maybe the Linux style issue is because of all the drivers the WRK lacks. So even though I think his conclusion sounds probable, I don't feel I can state it as so with any confidence.

Why would that be a surprise?

[HangingChad]

Interesting, but not shocking

Considering that few open source developers are strictly open source, that's hardly a surprise. I'd be willing to bet many open source developers are also part of disciplined commercial teams.

The flip side of that coin is just as intriguing. Open source development models don't produce software of notably inferior quality either. That should send a shivey through Castle Redmondore.

Stupid metrics

[Animats]

The metrics used in this paper are lame. They're things like "number of #define statements outside header files" and such.

Modern code quality evaluation involves running code through something like Purify, which actually has some understanding of C and its bugs. There are many such tools. This paper is way behind current analysis technology.

Re:Stupid metrics

[Diomidis+Spinellis]

It took me about two months of work to collect these metrics. Yes, running in addition the code of the four kernels through a static analysis tool would have been even better, but this would have been considerably more work: You need to adjust each tool to the peculiarities of the code, add annotations in the code, weed out false positives, and then again you only get one aspect of quality, that related with bugs, like deadlocks and null pointer indirections.

Using one of the tools you propose, you will still not obtain results regarding the analysability, changeability or readability of the code.

"Code quality" is bunk

[mlwmohawk]

Sorry, I've been in the business for over 25 years and had to hear one pin head after another spout about code quality or productivity. Its all subjective at best.

The worst looking piece of spaghetti code could have fewer bugs, be more efficient, and be easier to maintain than the most modular object oriented code.

What is the "real" measure of quality or productivity? Is it LOC? No. Is it overall structure? no. Is it the number of "globals?" maybe not.

The only real measure of code is the pure and simple darwinian test of survival. If it lasts and works, its good code. If it is constantly being rewritten or is tossed, it is bad code.

I currently HATE (with a passion) the current interpretation of the bridge design pattern so popular these days. Yea, it means well, but it fails in implementation by making implementation harder and increasing the LOC benchmark. The core idea is correct, but it has been taken to absurd levels.

I have code that is over 15 years old, almost untouched, and still being used in programs today. Is it pretty? Not always. Is it "object oriented" conceptually, yes, but not necessarily. Think the "fopen,"fread," file operations. Conceptually, the FILE pointer is an object, but it is a pure C convention.

In summation:
Code that works -- good.
Code that does not -- bad.

Re:"Code quality" is bunk

[Llywelyn]

There is a company that, at the heart of their business, exists a 6000 line SQL statement that no one understands, no one can modify, and occasionally doesn't work without anyone knowing why but a restart of the program seems to take care of it.

It has lasted that way for a very very long time.

Is it good code simply as function of its survival and (sort of) working?

I tend to think of good code like good engineering or good architecture. Surely you wouldn't define good architecture as "a building that remains standing," would you? The layout of the rooms, how well that space is used, how well it fits the needs of the users, how difficult it is to make modifications, etc all factor in to "good design" and have nothing to do with whether the building "works."

I am not sure you can put a metric to it anymore than I could put a metric to measuring the quality of abstract expressionism or how well a circuit is laid out--there may be metrics to aid in the process, but in the end one can't necessarily assign a numerical rating to the final outcome for the purpose of rating.

That doesn't mean that there isn't such a thing as good quality and bad quality code.

Re:"Code quality" is bunk

[Diomidis+Spinellis]

Coding to achieve some code quality metrics is dangerous, but so is saying that code that works is good. Let me give you two examples of code I've written long time ago, and that still survives on the web.

This example is code that works and also has some nice quality attributes: 96% of the program lines (631 out of the 658) are comment text rendering the program readable and understandable. With the exception of the two include file names (needed for a warning-free compile) the program passes the standard Unix spell checker without any errors.

This example is also code that works, and is quite compact for what it achieves.

I don't consider any of the two examples quality code. And sprucing bad code with object orientation, design patterns, and a layered architecture will not magically increase its quality. On the other hand, you can often (but now always) recognize bad quality code by looking at figures one can obtain automatically. If the code is full of global variables, gotos, huge functions, copy-pasted elements, meaningless identifier names, and automatically generated template comments, you can be pretty sure that its quality is abysmal.

Re:"Code quality" is bunk

[mlwmohawk]

Is it good code simply as function of its survival and (sort of) working?

"sort" of working is not "working."

exists a 6000 line SQL statement that no one understands

This is "bad" code because it needs to be fixed and no one can do it.

Surely you wouldn't define good architecture as "a building that remains standing,"

I'm pretty sure that is one of the prime criterion for a good building.

Your post ignores the "works" aspect of the rule. "Works" is subtly different than "functions." "Works" implies more than merely functioning.

Re:"Code quality" is bunk

[HauntedCrown]

Code that works -- good.
Code that does not -- bad.
James Hetfield can sure summarize his arguments well.

Re:"Code quality" is bunk

[mlwmohawk]

I don't consider any of the two examples quality code.

A philosophical point, if I may. What is the purpose of code?

I think the problem is that many engineers think that code should fit some form of aesthetic that is really irrelevant for the purpose. So far, the attributes that people use for judging software code quality and productivity have almost nothing to do with what the actual code does or how it works.

Algorithms are hard to quantify unless you know about algorithms. Code "hardness," or the ability to resist bogus input is hard to measure without testing, code flexibility -- the ability for it to be adapted to various tasks is impossible to measure without using it.

I submit to you that there is no valid test of code quality that can be done without "using" working code.

I may have been too terse and simplistic in my statement, "if it works - its good code," but that is a much better measure than anything else so far.

Re:"Code quality" is bunk

[Diomidis+Spinellis]

With a liberal reading of "if it works" you're right. You can say that if the code is functional, reliable, usable, efficient, maintainable, and portable, then it is of high quality. But this is a circular definition, because this is how software quality is defined. As somebody else posted earlier, the quest for quality can lead you to an endless motorcycle trip on America's back-roads.

Re:"Code quality" is bunk

[0xABADC0DA]

The only real measure of code is the pure and simple darwinian test of survival. If it lasts and works, its good code. If it is constantly being rewritten or is tossed, it is bad code. For me, good code is really easy to modify and update and fix problems and add to. So people actually do these things, and the result is that good code gets rewritten and 'tossed' a lot.

On the other hand, take things like ld (and friends) which iirc has code in "func(int) int param; { body }" style... which hasn't been used for what 20+ years? There are so many improvements I would like to make to it, but the code is too crusty to easily make them. I'd call that bad code... even though it 'works' just fine and has been around basically since the epoch. No offense to the people who wrote it, and it's very possible for linking there is no such thing as 'good' code ;-P

Yes I'm aware that people are updating these programs... but how many people on earth actually understand ld source? 10? 100?

Re:"Code quality" is bunk

[FormOfActionBanana]

Code that "works" may also do a bunch of extra things that the designed never intended.

Just because it passed the unit tests doesn't mean that it is secure. Spaghetti code has a real disadvantage over well organized code in that a security review has little chance of uncovering the things that a hacker can discover with a lot of cheap hacker time and randomness.

I can't believe that we're reading about KERNEL CODE and almost nobody is thinking in terms of the security of the code.

Re:"Code quality" is bunk

[Llywelyn]

I should point out that the "ability to fix it if something breaks" is not inherent in any definition of "working" I've ever seen, but that aside...

Buildings remaining standing is necessary but not sufficient.

Software "working" is also necessary but not sufficient.

If the software does what it is supposed to then it clearly meets the necessary conditions, but that doesn't mean that it is any good.

Either you need to broaden the definition of 'works' to the point where we get into a circular argument about exactly what 'working' means and how do we measure it, in which case 'working' becomes synonymous with 'code quality' and everything past there is a semantic argument since all of the same debates that go into "code quality" now go into "working," or we accept that "works" is a "necessary but not sufficient" criteria to code quality.

Re:"Code quality" is bunk

[mlwmohawk]

You can say that if the code is functional, reliable, usable, efficient, maintainable, and portable, then it is of high quality.

Not to put too fine a point on it, but this is too much concern over stuff that does not always matter.

I agree "functional" and "reliable" are absolutely important.

"efficient?" Only if efficiency is required or of any concern. How efficient is efficient? It is a balance of efficiency against economy.

"Maintainable?" Sure, most of the time, but not always. Sometimes we toss stuff on purpose. Some good code can be written that is near to impossible to maintain. Some code sacrifices maintainability for performance.

"Portable?" There is little sense in making some code portable. PIC software, for instance, can not be good "PIC" code and portable because the PIC is such an insane type of device.

I think your cute little chart is all well and good for a common segment of software development, but it is hardly an absolute and puts too much emphasis on an arbitrary set of criteria that don't reflect the purpose or economy of software code.

Re:"Code quality" is bunk

[Diomidis+Spinellis]

Economy is an attribute different from quality, and this is where engineering comes in. The engineer has to balance the various demands on quality against factors like cost, time to market, and customer demands. All your arguments are perfectly valid, and they are engineering decisions.

Re:"Code quality" is bunk

[mlwmohawk]

Economy is an attribute different from quality, and this is where engineering comes in. The engineer has to balance the various demands on quality against factors like cost, time to market, and customer demands. All your arguments are perfectly valid, and they are engineering decisions.

When all is said and done, the manufactured "code quality" debate doesn't make sense. You can't evaluate code in an abstract, applying a set of rules that are logically separated from purpose of the code. I won't say that there isn't merit to some of those things you claim are important, but the only truly valid measure for code quality is that it "works," and I'll add a clarification, and does what it is intended to do.

On a professional level, I dislike the sorts of books that claim to define code quality and tend to think the authors should shut up and do a decade more coding for a living, run some more projects, and be a CTO for a while.

Evaluating software, and engineers in general as well, is a harder than you try to make it seem. Engineering has artistic components in it where idealistic goals as defined by your "code quality" chart is attractive, but it is also a form of scientific grunt work where most of those things don't make sense. Sort of the difference between painting the mona lisa vs painting a house. Both are painting, both are valid and useful, but there is a lot more "house painting" in the industry than mono lisas.

The absolute worst part of critiques like yours is the ideas it gives pin headed MBAs who bungee jump into engineering departments, book in hand, with no practical experience. The ideas spouted by the book become the drive, not the product. It is an almost certainty the project will be dreadfully late or never finished.

I am past much of that in my career, and can easily dispense with such idiots, and that is why most of my projects the last decade have been mostly on time, on budget, without long days and weekends, and mostly without drama. The norm, however, in the industry is a tale of disaster and waste.

Re:"Code quality" is bunk

[Diomidis+Spinellis]

A few hours after replying to the "code quality is that it 'works'" comment, I read Joseph Bergin's Do the Right Thing design pattern in an IEEE Software article. I found it quite funny.

The absolute worst part of critiques like yours is the ideas it gives pin headed MBAs who bungee jump into engineering departments, book in hand, with no practical experience. The ideas spouted by the book become the drive, not the product. It is an almost certainty the project will be dreadfully late or never finished. I absolutely agree.

This is virtually baseless

[malevolentjelly]

It's a well known fact that code will always resemble the institution that produced it, to some extent. To describe the Microsoft code as "poorly structured" is likely a bit out of touch.

The absolutely best kernel code is generally extremely beautiful and descriptive when dealing with the system's abstracts (with nice, long descriptive names for each function) and then unbelievably hellish and ugly in the sections that deal with hardware. Kernels represent an intersection between the idealistic system code and the hideously complex and inhuman machine interaction code. For this reason, we gauge the value of the systems based on how cleanly they compile into assembly, their performance, and ideally how well they do what they were written to do.

Kernel code fills such a complex role in the computer science paradigm that it is likely impossible to gauge the value or quality of any of them through any sort of automated means. What we have here is a mess of a research paper that comes to no obvious conclusions because they didn't really discover anything. If it were of any value, its final summary and conclusions wouldn't be so obfuscated. The researcher may or may not have mastered the art of understanding the zeitgeist of kernels but he certainly hasn't mastered the research paper.

Re:So....

[jgarra23]

People who choose to license their software OpenSource vs. Closed Source says nothing about their programming ability. There are a bunch of really crappy GNU projects out there as well as a bunch of crappy closed source projects... Yea there is the argument of millions of eyes fixing problems but


You hit the nail on the head, there are millions of eyes looking at the code but how many of those eyes are in the heads of idiots? Probably more than anyone thinks- how many people still buy Britney Spears albums (or ever have)? There are plenty of idiots in the world and every open source project has the same proportion of them... not saying that closed source is any better but this failed argument of millions of eyes is such propaganda... it does nothing to help OSS by perpetuating that myth :)

Analogy

[TheLink]

By the time you get a car/plane that's accepted by the "market", the insides are going to be of a certain quality, no matter what the process used.

Did I get that right? :)

So now the question is how long did it take to get that level of quality. And maybe there is a difference in quality but the measurement used is not sensitive enough, or not as appropriate or his conclusion isn't quite correct - he measured a difference, just didn't show in his conclusion ;).

No Clear Winner, but...

[rthille]

Statements like this: "Indeed the longest header file (WRK's winerror.h) at 27,000 lines lumps together error messages from 30 different areas; most of which are not related to the Windows kernel." Allow me to feel smug in my anti-Windows bias :-)

Re:No Clear Winner, but...

[Diomidis+Spinellis]

Ten years ago I wrote an article criticizing the Windows API. Most of what I wrote then, continues to be true today. Based on that external view of Windows, and the BSODs I regularly see, I was expecting to find in the kernel many worse things. The header file you mention is a clear manifest of an inappropriate design, and I suspect that at higher levels of system functionality (say OLE or the GDI) there will be more parts of similarly bad quality.

Re:No Clear Winner, but...

[rthille]

Not sure how much work it would be to analyse yet another system, but I'd love to see how NetBSD fares in this comparison...

Too few kernels studied.

[jd]

OpenSolaris is hybrid open/closed. Solaris was originally closed, so the style and quality control will still be at least partially along closed lines, but is now open so will contain some style and quality control aspects of open source. Without knowing the ratio, however, it is not a particularly useful kernel to study. It is most useful as a sanity check, as it must be somewhere between the two styles, but since you cannot define where between, it has no value in the initial analysis.

This leaves just one closed-source kernel and two open source kernels. If you were to perform a comparitive study between drugs on the basis of three subjects, you'd be laughed out of the research field so fast you'd hit escape velocity and be the first human on Mars.

Now, what OS' could potentially be studied? This depends on who can be talked into supplying software source and whether the researchers are willing to sign NDAs. I'd argue that you want at least three OS' in the closed and open categories, and two in the hybrid - one in each direction.

The closed-source OS' you'd want to examine - if you could get the code - would be Windows (as is already the case), LynxOS-178 (a moderately battle-hardened RTOS) and Trusted IRIX (massively hardened secure OS). In principle, the three design methods and requirements are different to such an extreme that this will give you the best possible picture of the range of code development practices. The idea would be to not test code that would have had similar constraints, because that only tells you about one aspect of software design. If, on the other hand, you pick three points that are more-or-less on different extreme points on the boundary of closed source design, you can get a picture of what that boundary might look like. Substituting any RTOS and Trusted OS for LynxOS-178 and Trusted IRIX respectively would work just as well, the idea is to get the extremes, not get specific implementations of those extremes.

The open-source OS' would include Linux and one of the BSDs - but it has to be a BSD that follows a markedly different ideology, so OpenBSD might be a good choice - but would probably also include one of the BeOS clones and/or a research OS like ExoPC. Again, the idea is to mark out the boundary as carefully as possible. The more data points you have, from points as far apart as possible, the better the understanding of that boundary.

What you will end up with is not a handful of values that have no meaningful basis for comparison, but two overlapping shapes. It'll look something like a Venn diagram. Hybrid methodologies will not merely appear somewhere between the two furthest extremes between the two shapes, but must exist only within the intersection between the two groups, and only there. No other midpoints would be valid.

To test this, we'd use a selection of hybrid designs. Plan9 started closed but has been open the longest, so I'd expect that to be in the intersecion but closer to the midpoint of the open source group than the midpoint of the closd source group. OpenSolaris has been open a relatively short time, so I'd expect the converse to be true for that.

This would still not be a great study, but it would increase the number of data points and provide some measure of control over the experimet. Since you cannot sensibly have a control group in this, the only controls you can assert are those of ensuring the samples are representative of the diversity in techniques, ensuring that the software is correctly classified, and ensuring that the results are sanity-checked.

NetBSD is the one to compare here

[Khopesh]

Isn't NetBSD the system filled with academics who insist upon clean, manageable, and portable code above all other standards? Too bad the NetBSD kernel didn't get judged here, I suspect it would have taken the cake.

I still recall this exhaustive report comparing several kernels' performance back in 2003 in which NetBSD pretty much beat the pants off of everybody else (note the two updates with separate graphs). The initial poor performance was due to an old revision, and upon seeing that there were some places in which the newer revision wasn't so hot, the developers fixed them and in only two weeks, NetBSD beat out FreeBSD on every scalability test. Their pragmatism and insistence on quality code finally paid off.

Ever since seeing those charts, I've been waiting for Debian/NetBSD to come out...

Re: my kernel comparison link

[Khopesh]

Oops, it needs a trailing slash: http://bulk.fefe.de/scalability/

Weird logic

[BokLM]

"An earlier study on the distribution of the maintainability index [4] across various FreeBSD modules [35,Figure 7.3] showed that their maintainability was evenly distributed, with few outliers at each end. This makes me believe that the WRK code examined can be treated as a representative subset of the complete Windows operating system kernel." How are FreeBSD and Windows related ? You conclude something about Windows source code based on things you saw in FreeBSD source code ?

Re:Weird logic

[Diomidis+Spinellis]

What I'm saying is that when we're looking at maintainability of a large operating system (FreeBSD) there are few outliers. Therefore, one can make the case that in another similarly large operating system we can get a representative picture of its maintainability by looking at a subset of its code. My conclusion is related to the Law of large numbers, nothing deeper or more complex.

Think of my argument as looking at the people living in China and seeing that there are no areas occupied by giants or dwarfs. I then say that based on that fact, I can obtain the average height of people living in America, by looking at the people living in California.

It is not a water-tight argument, but it is the best argument I could make. I really wish Microsoft would supply me with more code (and ideally also process data) to study, but this is the best I could do with the available code.

Re:Makes no sense anyway.

[daedae]

You: "There's obviously a problem with a study that takes 8GB of data and concludes that there's no difference in quality between kernels with legendary uptimes and those that can't manage memory well enough to stay up more than a few weeks." From the summary: "The areas I examined were file organization, code structure, code style, preprocessing, and data organization." These have no direct correlation to uptime. Yes, indirect, perhaps, as in "a better-organized kernel is easier to understand, debug, and reason about", but not direct as in "implementing the scheduler in 3 files instead of one guarantees stability." That said, what defines this as an interesting but impractical study? Doesn't it say something that there's something more fundamental than just high-level software engineering principles at work in the relative qualities of kernels?

Re:So....

[Diomidis+Spinellis]

The way you license code can't directly affect its quality, but the way you develop it can. Here are some possible ways in which a company can affect (positively or negatively) the quality of the software:

• Have managers and an oversight group control quality (+)
• Through its bureaucracy remove incentives to find creative solutions to quality problems (-)
• Pay for developers to attend training courses (+)
• Provide a nice environment free of distractions that allows developers to focus on developing quality software (+)
• Buy expensive tools that can detect quality problems (+)
• Developers take their paycheck for granted and loose interest in what they are doing (-)
• Developers write obfuscated code for job security (-)

And here are some possible ways in which an open source development effort can affect (positively or negatively) the quality of the software:

• Volunteers are more motivated than paid employees (+)
• Nobody takes responsibility for the overall quality of the code; responsibility is diffused (-)
• Working conditions can be suboptimal (-)
• Developers work part-time (-)
• Developers eat their own dog food and therefore care about their code (+)
• There are many eyeballs to spot code problems (+)
• There are no marketing pressures to deliver substandard work (+)
• Developers are geographically dispersed and can't communicate easily (-)

Both lists can be expanded, and many of the arguments can be refuted. Still you get the idea: the inputs to the two development processes differ substantially and this could affect quality.

Simplistic approach

Most of the criterions used in this paper are syntactic and/or not clearly related with the actual quality of the code.

E.g., measuring the average length of the files or the average number of files in a directory reflects an underlying assumption: software quality is better when granularity is higher. But it is not true.

The reality is that you need an *appropriate* level of granularity in your software, and this also depends on your overall design. It's a little bit nonsense to try measuring such properties of the code as if they were somehow absolute and context-free !

Such criterions and the related underlying assumptions seem very debatable: thus its no wonder that no significant difference can be extracted out of these measurements.

Preprocessing: here we go again

[ThePhilips]

The high marks of Solaris and WRK in preprocessing could also be attributed to programming discipline. The problems from the use of the preprocessor are well-known, but its allure is seductive. It is often tempting to use the preprocessor in order to create elaborate domain-specific programming constructs. It is also often easy to fix a portability problem by means of conditional compilation directives. However, both approaches can be problematic in the long run, and we can hypothesize that in an organization like Sun or Microsoft programmers are discouraged from relying on the preprocessor.

That subjective conclusion is precise effect reading too much into the metrics.

Sun or Microsoft programmers need to support 2 and 2 platforms respectively. (Sun: SPARC and AMD64; M$: IA32 and AMD64). All portability are of boolean complexity.

But FreeBSD and Linux run on dozen of platforms. I do not know how it is in BSD land, but in Linux first and foremost requirement for platform support, is that it has no negative side-effects on other platforms. Consequently, for example, under Linux most (all? - all!!) locking is still implemented as macros: on uni-processor system with preemptive kernel feature disabled all in-kernel synchronization would miraculously (thanks to preprocessor) disappear from the whole code base. To make sure that on such platform, kernel would run as efficiently as possible - without any locking overhead, because all the locking is not needed anymore.

And that's single example. There are many macros for special CPU features: depending on platform it would be nop or asm statement or function call. No way around using macros.

I think one of the points the author needed to factor in, is portability of OS. Without that, most metrics are skewed too much.

P.S. Actually, Linux affinity to macros is often (at least from words of kernel developers) stems from poor optimization of inlined functions in GCC. Many macros can be converted to functions - but that would damage overall level of performance. In many places significantly.

Re:Preprocessing: here we go again

[Diomidis+Spinellis]

This is a very perceptive comment. It goes deeper: Linux and FreeBSD can be (and often are) configured by end-users. These can tailor the kernel in hundreds of ways. In FreeBSD 6.2 I measure more than 340 kernel options. These are mostly handled by the preprocessor.

Thanks for pointing this out.

Re:windows is teh suck blah blah blah

[rehtonAesoohC]

That would be Linux for Canucks.

Re:Makes no sense anyway.

[Kalriath]

Don't even try. That's twitter you're arguing with, and all he cares about is bashing Microsoft, not about the engineering principles applied within the respective kernels.

Re:Makes no sense anyway.

[daedae]

Ahh... yeah, I did look at his profile and notice pretty much all of his replies were scored -1.

Re:some functions missing,

[Kalriath]

Not relevant. The NT kernel itself rarely ever crashes (if the kernel crashes, is it even capable of displaying the blue screen?!?) so the crash count of it would be roughly the same as Linux (uncertain about BSD). It's when you add drivers that it starts to destabilise (much like Linux).

question

[goarilla]

what was the most foul comment you encountered :D ? and where did it reside

Re:question

[Diomidis+Spinellis]

what was the most foul comment you encountered :D ? and where did it reside Decency laws in various parts of the world, do not allow me to answer this question. However, I can say that in total the four kernels contain in C files 18389 comments marked XXX. The most famous Unix comment is of course the well-known "You are not expected to understand this". See dmr's page for more details. This is also an interesting comment, especially considering the current troubles of the person who wrote it.

conclusion?

[SykeZareason]

Therefore, the most we can read from the overall balance of marks is that open source development approaches do not produce software of markedly higher quality than proprietary software development. I don't think you can support such a conclusion when comparing systems with an order of magnitude difference in size. Linux at 1,772,000 statements vs. WRK at 192,000 statements.

Re:So....

[heffrey]

Volunteers are more motivated than paid employees You need to find a better employer.

There are many eyeballs to spot code problems There can be, or in the case of Debian OpenSSL for example there may not be. Open Source does not automatically imply many eyeballs.

There are no marketing pressures to deliver substandard work Open source has no marketing pressures? Ubuntu fixed release dates are just one obvious example to counter that.

Developers are geographically dispersed and can't communicate easily Well, lots of commercial development is switching to offshore developers so I don't see this problem being the preserve of open source.

Ultimately, I don't believe in the religious wars over commercial vs open source. My guess is that good software is developed by clever people in environments that allow them to thrive. That be just as easily be commercial or open source. It's probably easier for the clever people if they get paid since that does grease the skids, but being paid or otherwise is not the key point.

pointless handwaving

[nguy]

Those statistics are useless; nobody has any idea how these measures translate into correctness, robustness, or performance.

Re:Two people?

[ColdWetDog]

Twitter - YOU said this? You really should be ashamed of yourselves.

Code quality != reliability

[Pausanias]

ESR is talking about reliable and bulletproof code. Submitter is talking about code quality and stylistics.

You could have horribly written code that is reliable and bulletproof. OpenSSH comes to mind (unmodded by Debian).

Or you could have beautifully written code that is useless and full of holes. Handed-in college CS homework assignments come to mind.

You haven't been paying attention to many Open Source proponents if you haven't ever seen them claim that Open Source code is of vastly superior quality than proprietary. Hell, ESR's claim to fame is a whole paper he wrote on that exact topic. For example, the OSI itself puts this claim at the very top of their advocacy document on selling OSS to your management:

The foundation of the business case for open-source is high reliability. Open-source software is peer-reviewed software; it is more reliable than closed, proprietary software. Mature open-source code is as bulletproof as software ever gets. Open Source Case for Business

The data measured is just noise

[1+a+bee]

To my surprise there was no clear winner or loser..

Forget what you *think* you're measuring (code quality). Instead, consider whether you're measuring anything at all. That is, is there any information in the data you've measured?

Now given your sample space, it is highly unlikely that you'd measure something (anything!) and the measurement comes out more or less the same for every sample. The more likely conclusion, is that you haven't measured *anything*.

Re:The data measured is just noise

[Diomidis+Spinellis]

To my surprise there was no clear winner or loser..

Forget what you *think* you're measuring (code quality). Instead, consider whether you're measuring anything at all. That is, is there any information in the data you've measured?

In the past other researchers have used a few of the metrics I used to measure what they called a system's maintainability, and they were able to match this with the subjective perceptions of developers at HP regarding the code's quality. So these measures are not just noise.

For another indication, consider this figure, showing a trend that matches our expectations: how the maintainability of the FreeBSD system is, in general, falling over time. Again, this is derived from some of the metrics I used to compare the four kernels. These metrics do not yield noise.

Requirements are the most important part

[gr8dude]

The summary means that getting your requirements right is the most important part of the project's life. How you implement those requirements is less important.

Of course, this is just my interpretation; and the meaning of "requirements" is quite fuzzy. For example, if my specs go beyond the scope of a "usual" SRS, and include programming style guidelines, there will also be an impact on how code is written.

--
SRS = Software Requirements Specifications

Not for lack of data

[tgv]

If you've got so much data and still can't find differences, it's because your measurements are not informative enough. The only thing the author can conclude is that his way of measuring code quality cannot pick up differences in the part he has labeled "process".

Visual Studio

[Per+Abrahamsen]

Well, Visual Studio is nice minimalistic development environment. Using it doesn't make my cry out loud in frustration, unlike what happens with most of its commercial competitors. Microsoft can be proud of it.

But of course, for doing real work there is still no alternative to Emacs.

Re:I disagree.

[Hucko]

No, not at all. The only modification would be :

BSD Software promotes Competition.

GPL Software promotes Competition & Collusion.

Closed Source Software promotes Collusion.

ObCarAnalogy

[Zero__Kelvin]

"To my surprise there was no clear winner or loser, but there were interesting differences in specific areas. As the summary concludes: '..the structure and internal quality attributes of a working, non-trivial software artifact will represent first and foremost the engineering requirements of its construction, with the influence of process being marginal, if any."

I did a similar study to determine if Porsche or Ford makes better cars. To my surprise there was no clear winner. Both had steering wheels, four tires, an exhaust pipe, and a gas pedal. In both cases the material used was similar as well.

Recommendation to guy who wasted his time on a study of quality, without having any idea what quality actually is:

Read "Zen and the Art of Motorcycle Maintenance ."

Further advice:

When your analysis of the geometry of the planet concludes that the Earth is conical, despite obvious prima facie evidence to the contrary, don't announce your discovery that the Earth isn't spherical after all to the world; take another look at your method of analysis.

Re:the worst

[rubycodez]

the question is not a troll, though I'm a Linux server and desktop advocate there are applications for which it's the very worst choice. Like serious CADD / CAM, on Linux or BSD? forget about it.....

Re:So....

[jgrahn]

Closed Source Developer: I will try to do my best job as I possibly can so I can keep my job and make money because that is what I value.

Open Source Developer: I will try to do my best job as I possibly can so I can help the comunity and feel better about myself/get myself noticed in the comunity/Something cool to put on my resume... because that is what I value.

I think you've missed something. Many (most?) good programmers have a drive to write elegant and correct code. It doesn't matter who pays them, or if they meet their peers by the corporate coffee machine or on a mailing list.

What's specific to corporate code ("open source" or propietary) is at least one thing: a manager can come up to you and say "you will code feature Foo and be done on date Bar", and the programmer will kludge it, even if he knows Foo cannot be done in a robust way, and the best option would be not to try at all.

Re: winerror.h

[Foolhardy]

winerror.h is also shipped with the WDK. It contains all the error codes for the Win32 environment subsystem, which isn't implemented by the kernel. Win32 exists mostly in user mode: although a sizable chunk of the Win32 server process was moved from winsrv.dll into win32k.sys in NT4, which does run in kernel mode, Win32 really isn't part of the kernel. They did that to cut down on IPC overhead, not to integrate it into lower layers. Win32 services can only be used by user mode processes.

ntstatus.h is the header that contains the kernel's error codes. That file is 16272 lines in the WDK 6000 (with 8 comment lines to every code), and contains few codes not relevant to the kernel.

It's not surprising that winerror.h contains messages not related to the kernel because it's not what I'd consider part of the kernel. AFAICT, this file is included only to support win32k.sys, and possibly display drivers. I'd be interested to know how many of the kernel source files actually include winerror.h.

i know how

[spongman]

the layout of the bottom half of Eclipse's 'About' dialog is slightly better than the one in VS. apart from that it's a steaming pile of crap. i curse every time i have to use it, which is far too often these days.