Software bugs

Jonathan Lange reminds us via Focus Shift that the only measure of code quality is WTFs per minute:

Actually, this reminds me of something I heard a preacher say, “before I give a sermon, I go through it, find everything clever, and take it out” (I paraphrase, not having a reference on hand).

In as much as sermons and code should both be ego-free communications of ideas, I think this is sound advice for hackers.

Popularity: 44% [?]

OpenQA is the home of several open source testing tools, notably Selenium, for automated testing of web applications in a number of browsers, including the major ones.

Popularity: 95% [?]

Terence M. Colligan writes:

Although I thought I understood the importance of quality, and took pride in the quality of the software we produced, I never believed that delivering defect-free software was possible. After all, everyone knows that all software has lots of bugs, right?

Well, no, not necessarily! Certainly, most experiences with today’s software quality are not encouraging. Although few people can name even one piece of software which they use that has no bugs, defect-free software is possible to create. We know it is possible, because we’re doing it.

It started with a single engineer. This engineer was consistently producing work with a defect rate more than one hundred times smaller than our other engineers. She has done so for us for over three years now. During the same time, she has produced three to five times as much code as any other engineer.

I found this so exciting that I determined to find out how she did it, and to see if we could teach our other engineers to achieve the same quality results.

Via James Gregory, Defect-free code.

Popularity: 86% [?]

James Gregory reviews how to check for resource pressure bugs.

A quick one for today, sparked by recent events at work. It can pretty much be summed up in this even quicker question: do you know what your program does when it’s out of resources? Out of RAM, out of disk-space, out of address-space, out of time? Computers are indeed powerful beasts these days, and there’s a bunch of people who would like you to believe that they are effectively infinitely powerful, but observing your code working with limited resources, even if those limitations are artificially imposed, can tell you a lot of things you mightn’t have known previously.

Popularity: 74% [?]

Michael Bacarella’s Peon’s Guide To Secure System Development lays out basic guidelines for developing secure software including validating user input, and (controversially) avoiding C/C++.

David A. Wheeler has made an entire book on the subject of secure development, the Secure Programming for Linux and Unix HOWTO, available online. (Via Steve Kemp.)

Popularity: 43% [?]