Software bugs » Avoiding bugs

Code quality: WTFs per minute

Mary — Wed, 04 Jun 2008 04:10:58 +0000

Jonathan Lange reminds us via Focus Shift that the only measure of code quality is WTFs per minute:

Actually, this reminds me of something I heard a preacher say, “before I give a sermon, I go through it, find everything clever, and take it out” (I paraphrase, not having a reference on hand).

In as much as sermons and code should both be ego-free communications of ideas, I think this is sound advice for hackers.

OpenQA: open source Quality Assurance tools

Mary — Thu, 05 Jul 2007 08:52:38 +0000

OpenQA is the home of several open source testing tools, notably Selenium, for automated testing of web applications in a number of browsers, including the major ones.

Nine Steps to Delivering Defect-Free Software

Mary — Sat, 16 Jun 2007 09:33:18 +0000

Terence M. Colligan writes:

Although I thought I understood the importance of quality, and took pride in the quality of the software we produced, I never believed that delivering defect-free software was possible. After all, everyone knows that all software has lots of bugs, right?

Well, no, not necessarily! Certainly, most experiences with today’s software quality are not encouraging. Although few people can name even one piece of software which they use that has no bugs, defect-free software is possible to create. We know it is possible, because we’re doing it.

It started with a single engineer. This engineer was consistently producing work with a defect rate more than one hundred times smaller than our other engineers. She has done so for us for over three years now. During the same time, she has produced three to five times as much code as any other engineer.

I found this so exciting that I determined to find out how she did it, and to see if we could teach our other engineers to achieve the same quality results.

Via James Gregory, Defect-free code.

Checking for resource pressure bugs in advance

Mary — Sat, 16 Jun 2007 09:30:05 +0000

James Gregory reviews how to check for resource pressure bugs.

A quick one for today, sparked by recent events at work. It can pretty much be summed up in this even quicker question: do you know what your program does when it’s out of resources? Out of RAM, out of disk-space, out of address-space, out of time? Computers are indeed powerful beasts these days, and there’s a bunch of people who would like you to believe that they are effectively infinitely powerful, but observing your code working with limited resources, even if those limitations are artificially imposed, can tell you a lot of things you mightn’t have known previously.

Avoiding security problems

Mary — Tue, 30 Mar 2004 02:20:24 +0000

Michael Bacarella’s Peon’s Guide To Secure System Development lays out basic guidelines for developing secure software including validating user input, and (controversially) avoiding C/C++.

David A. Wheeler has made an entire book on the subject of secure development, the Secure Programming for Linux and Unix HOWTO, available online. (Via Steve Kemp.)