October, November the Worst Months For Writing Buggy Code

← Back to Stories (view on slashdot.org)

October, November the Worst Months For Writing Buggy Code

Posted by Soulskill on Tuesday December 20, 2011 @09:35AM from the blame-the-halloween-candy-coma dept.

chicksdaddy writes "Data from application testing firm Veracode suggests that the quality of application code submitted for auditing is pretty much constant throughout the year — except for the months of October and November, when the average density of vulnerabilities in the code jumps considerably. But why? Is it the pressure of deadlines? The stress of developers' lives (kids back to school, etc.)?"

31 of 136 comments (clear)

Min score:

Reason:

Sort:

A little late? by Anonymous Coward · 2011-12-20 09:37 · Score: 5, Funny

Why do they warn us in December?
1. Re:A little late? by M.+Baranczak · 2011-12-20 09:44 · Score: 5, Funny
  
  So you have ten months to prepare.
  I bet if we all work hard, we can produce even more bugs next October.
2. Re:A little late? by Laz10 · 2011-12-20 10:17 · Score: 4, Insightful
  
  Looking back at my invoices, I can see that I usually work more hours those two months than any other months of the year.
  I also get depressed from lack of sunlight in the dark Scandinavian autumn days.
  On the other hand a total of one (and that was some trivial layout) bug was reported on the code I coded and shipped in that period this year.
  Maybe the bugs are only found later?
  That also suggests that the bugs found in October and November was introduced by the interns during the summer vacation?
3. Re:A little late? by gstrickler · 2011-12-20 14:14 · Score: 2
  
  Or maybe that's when more newly hired programmers (from last spring's graduating class) are first allowed to put code into the repository (or production).
  
  --
  make imaginary.friends COUNT=100 VISIBLE=false
4. Re:A little late? by tlhIngan · 2011-12-20 19:38 · Score: 4, Insightful
  
  Or the group is tackling more complex things in those months.
  Easy - it's the holiday season.
  Or you have to realize that October is Ship Month(tm). If it's a physical product that goes in stores, it means the product is sitting in the factory waiting for the software to go on them (it takes many months to get stuff manufactured from component ordering and lead times to physical assembly, so it happens during software development). The code has to be shipped by end of October so the factory has November to program and ship the product to the distributors and then to retailers by December to be on the shelf.
  And that's if they're fast at doing so - most of the time, the product can't be assembled and shipped because all factories are busy, which means what goes on them is a test firmware that downloads the latest on bootup. (Ever notice how many things do a firmware update when you first turn them on? That's why). In which case the deal is to have it ready by shipment in November.
  If your product is software, but has a physical element (like a disc) then your timelines are still short as you have to ship *something* by October to the presses, and then you patch it during October/November while you wait for the discs to come back so you can ship for the holidays. And the goal is to have something
  If your product is purely Internet download, then you need to compete with approvals and all that but that means you have all through October and November to squash bugs. But with any fixed ship date, well, squahing one bug can introduce two more.
  It's because of the holiday seasons that people are furiously fixing and finishing software. No wonder that there's more bugs - people are doing more "quick fixes" that may not be properly tested in order to ship.
Whoa whoa whoa by DJ+Jones · 2011-12-20 09:39 · Score: 4, Funny

You guys have kids?
1. Re:Whoa whoa whoa by Anonymous Coward · 2011-12-20 10:17 · Score: 4, Funny
  
  Seriously? You haven't forked off a child and dealt with real process management issues or handled dirty log files until you've installed mini_me 0.2. And don't even get me started on working out the upgrade path to teenager 0.8. I'll guess you haven't even upgraded your personal operating system to the point where it's compatible with wife 1.0, heck you probably haven't even found a place to download girlfriend 0.3 let alone figured out the sweet_love module. Revoke my geek cred? Yeah right.
Is there ever a good month? by Anonymous Coward · 2011-12-20 09:39 · Score: 4, Funny

Okay like so many other Slashdot readers, I only read the headline...so what month is a GOOD month in which to write buggy code?
1. Re:Is there ever a good month? by anonymov · 2011-12-20 10:11 · Score: 4, Funny
  
  Weeks 0-4 of PLACEHOLDER STRING - DO NOT USE are best for writing buggy code.
Useless information - currently by willaien · 2011-12-20 09:40 · Score: 5, Interesting

Are there other jobs that have their job performance drop considerably during these two months?
If not, what can be used to explain this anomaly? Bogus study? Something unique to programmers?
Is it consistent throughout IT? Are there more reliability issues that can be traced to those months?
1. Re:Useless information - currently by janeuner · 2011-12-20 09:44 · Score: 2
  
  Oktoberfest?
2. Re:Useless information - currently by Moryath · 2011-12-20 09:45 · Score: 2
  
  Maybe it's the rush of deadlines to get product out for the holidays?
  For instance, Bethesda. Skyrim comes out, they obviously should have taken a couple more months to bug-test given everything that's being found in the game constantly breaking - but they wanted it out early November so they could get the holiday sales.
3. Re:Useless information - currently by Moryath · 2011-12-20 10:04 · Score: 2
  
  Whats broke?
  Obviously you haven't been to the Bethesda forums lately.
  Seems like half the quests have quest-breaking bugs in them, the quest-givers are randomly killed off by rampaging dragons in the middle of missions or are killed by "other" quests that pop enemies up near quest givers (one of them comes to mind during the mage's guild story arc in nearby Winterhold). There are a whole host of quests that get un-droppable items "stuck" in inventory permanently, using up precious carrying capacity.
  And then there are the plethora of graphical and major AI glitches that have plagued the Xbox360 and PS3 ports - Dragons flying backwards, getting stuck in mountains, causing bugs all over. Or, required-pickup quest items that get knocked around during boss fights by "explosions" (spells, dead summons, the breath weapon, etc) and fall through the game's geometry, thus breaking the quests in that way.
  Sure, on the PC you can just "cheat" your way in using console commands to fix it. But you have no luck on the consoles that way, for console players the game is just fucking buggy as hell and broken.
4. Re:Useless information - currently by Anonymous Coward · 2011-12-20 10:14 · Score: 2, Informative
  
  I work for a large utility company. We see a significant increase in injuries and accidents during these months as well. I don't have the numbers and graphs with me, but it's been notably consistent over the past 8 years.
5. Re:Useless information - currently by Anonymous Coward · 2011-12-20 10:15 · Score: 5, Funny
  
  Real programmers get confused.
  Remember, OCT31 = DEC25
Don't get me started on this one ... by Grindalf · 2011-12-20 09:46 · Score: 5, Funny

I've studied this stuff, it's down to STUPID programmers. Hire people that can type properly. This was everybody wins ...

--
The purpose of existence is to make money.
The pedant in me shouts by slowLearner · 2011-12-20 09:48 · Score: 3, Funny

don't you mean "Oct, Nov. best months for writing buggy code"? I would think it would be the "Oct, Nov. worst months for writing non-buggy code".
Budgets, schedules by br00tus · 2011-12-20 09:49 · Score: 5, Informative

Most businesses I've seen, a list of things to do is drawn up in the beginning of the year and set as a goal. Achieving those goals goes into consideration for how one did in a year, bonus, next year's budget etc. The list is usually unrealistic due to pressure from above (or other executives whose title may be the same level as the CTO/CIO, but who are for all intents and purposes, at a higher level due to being so-called "profit centers"). The code base being built on is usually old and broken, the equipment it runs on not the best, the team so-so with a few bright people, and a lot of dumb managers. Things not counted in the schedule are long-time experienced employees getting fed up and leaving, equipment breakdowns, bugs and emergencies that have to be dealt with, or business units who change what they want all year long from the original specification. Plus other things - a third party product is bought, and is very difficult to integrate in the existing system, with more time than initially planned for. By October not many things on the year-end checklist are done and the CTO starts having meetings and banging on the table that he needs checks on the lists to show the CEO what his team has done this year. So people stop writing good, long-term code and start writing crap, so they can check off the list for the end of the year. Things slow down by the end of December, that a few things on the list won't get done becomes accepted, people go on Christmas vacation. That's why bugs go in in October/November.
1. Re:Budgets, schedules by Megahard · 2011-12-20 09:56 · Score: 2
  
  I agree, for additional reasons. Large software projects generally have an end-of-year goal, because of both year-end financial goals and spending habits of customers - money that needs to be spent by the end of the year. Coding needs to be finished in time for QA and config to do their work. Thus, Oct and Nov.
  
  --
  I eat only the real part of complex carbohydrates.
From experience by james_van · 2011-12-20 09:50 · Score: 4, Interesting

Couple of reasons from the office I work at - end of year deadlines means code gets rushed in Oct/Nov in order for testing and review before Christmas. Also, those of us who haven't taken all of our vacation time yet are forced to take time off, disrupting projects. Last minute client changes (to the projects due at the end of the year) add to the pile. And, the stress of the holidays plays a part as well (mostly because we're asocial geeks who are dreading the onslaught of family get-togethers and forced social situations). Usually by December, we've got our projects off for review and testing so there isn't much code being written, and the code that is being written is in response to problems and is a chance to take rushed, bad code and make it a little bit less bad. That's my little piece of anecdotal evidence.
Re:what? by ackthpt · 2011-12-20 09:51 · Score: 2

Worst month for writing buggy code? What's worse about writing buggy code in those months versus writing buggy code in any other month?
It's a good question. Distraction of holidays, travel, stress, Greg Bell and his festival of tired and oft-repeated Christmas Specials on Sirius/XM,
with possibly a little monetary discomfort as coders discover there's no bonus (for them like the other of the 99%), possibly also being dragged from your work, constantly for work parties so you lose track of those little things you needed to address before rolling out the final code.
I generally find Winter (northern hemisphere) is great for coding, while heat and humidity of Summer are a real drag.

--

A feeling of having made the same mistake before: Deja Foobar
Buggy code is pretty basic stuff... by mark-t · 2011-12-20 09:55 · Score: 5, Funny

All you need to do is simulate the four wheels, and add a rigid body that can be approximated to a box for the main chasis. If you want to get fancy, you can use a polygonal mesh. Then you can use any old physics engine, and presto... you have a buggy.
It's writing the code for the horses that's a real bitch. There's AI and stuff, and figuring out how the horse should react emotionally to various situations... THAT'S one hell of a challenge.

--
File under 'M' for 'Manic ranting'
1. Re:Buggy code is pretty basic stuff... by lennier · 2011-12-20 10:47 · Score: 2
  
  All you need to do is simulate the four wheels, and add a rigid body that can be approximated to a box for the main chasis. If you want to get fancy, you can use a polygonal mesh. Then you can use any old physics engine, and presto... you have a buggy.
  Yes, but getting buggy whips right seems to be are whole lot harder, since all the vendors keep going out of business.
  
  --
  You are not a brain: http://books.google.com/books?id=2oV61CeDx-YC
code freeze?? by mrmtampa · 2011-12-20 10:09 · Score: 2

Many shops have a code freeze prior to the new year so there's a big push to get things in. SQA falters.

--
"There are more things in heaven and earth, Horatio, than are dreamt of in your philosophy." Hamlet (I, v, 166-167)
Re:Lost incentives by viperidaenz · 2011-12-20 10:11 · Score: 2

and what better way to make those rumours come true by slacking off!
bad heading by roc97007 · 2011-12-20 12:46 · Score: 4, Informative

Should read "October, November are the *best* days for writing buggy code." They're the worst days, apparently, for writing bug-free code.

--
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
Re:Strange Statistics by mbkennel · 2011-12-20 13:38 · Score: 2

actually fortran 95 and 2003 are very good programming languages, not at all like F77.
And in fact, large Fortran codebases are often remarkably un-buggy.
Fresh grads... by Bananana · 2011-12-20 15:09 · Score: 2

... join the companies and start to write codes?
Change programming language by syousef · 2011-12-20 18:41 · Score: 3, Funny

I've studied this stuff, it's down to STUPID programmers. Hire people that can type properly. This was everybody wins ...
Easily avoided then. Stop programming in STUPID.

--
These posts express my own personal views, not those of my employer
1. Re:Change programming language by schroedingers_hat · 2011-12-21 06:14 · Score: 2
  
  But it's such an improvement over javascript.
Re:what? by mwvdlee · 2011-12-20 20:19 · Score: 2

According to http://en.wikipedia.org/wiki/Insect_winter_ecology, many bugs either migrate or hibernate during winter.
With less bugs available, incorporating them into your code is much harder.
A corollary of this is that the harder it becomes to find bugs, the less bugs there will be in your code.
I wonder what months would be worst for writing buggy code in the southern hemisphere.

--
Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?