Something no one tells you about "bugs" in software



Software industry has its own quirks. What the rest of the world calls "defects", we refer to them as a "bugs".  The word has become so common that it is being used in other contexts as well. For example,  does a car company say that a car model has a "bug" in its transmission? No, but  same car company will use the word "bug" for  any defect caused by a flaw in the software running on the onboard computer of one of its models.  I learnt this recently, as the service agent of my car told me that he had to upgrade the software in the ECU due to a "bug". When I asked him what he meant by "bug"... well,  he couldn't define it.

Computing folklore tells us that the word was first used by engineers,  colleagues of the pioneer Grace Hopper , while working on the early electromechanical computers. It is said that  they had traced a particular  fault in the computer to an actual insect that had lodged itself into one of the relays of the massive Mark II computer.  The word is benign, and maybe even considered friendly, compared to defect" ( which  is harsh as a defect can almost always be traced to a human error).  Programmers have grown up to believe that there will always be bugs, as if they appear in some kind of random manner like Grace Hopper's original (and real) bug.  In general terms, programmers shy away from attributing "bugs" to their own mistakes.

A couple of years ago, I did an analysis of about one thousand "bugs" for one my clients. In many large software services organisations which are seemingly certified for various quality processes  (think ISO,SEI...), such analyses ( which go  by the name of RCA-root cause analysis) are fairly common. Except, in most cases, due to the ritualist nature of these exercises, these tend to be ineffective  and useless.  More often than not, such reviews hardly refer to the actual work product (i.e., the code)- instead relying in input from the developers themselves.

In any case, I went through these bugs, discussed with the developers who fixed these bugs and reviewed each and every piece of the code that was responsible for the malfunction. Nearly 850 bugs tcould be attributed to errors by programmers- logical errors, poor construction and composition of code, usage of shared mutable states and so on.   At little bit of care and most of these could have been avoided. So you see, these "bugs" were not in the same class found by Grace Hopper's team. These are due to defective workmanship, not due to some unknown reason.

The rest of the bugs could mainly be classified into two categories, configuration management- installing wrong versions of  own/third party artefacts and poor documentation- mostly of  third party libraries used in the code.  A small number could be attributed to poor communication of requirements.  To be fair, this system did not require too much of domain-specific knowledge on the part of the developers.

In the software engineering world, the popular view is that most bugs are due to poor definition and  communication of requirements. In this instance that assumption proved to be spectacularly wrong.

Is it really possible to write error free software? In theory, yes. But in the real world , we are writing software on layers upon layers of code ( OS, Browser, frameworks ...) that run on chips that are built using software. Now none of these "other" pieces of software are error free. Therefore, even if one does manage to write error free code, it is possible that the system as a whole might malfunction due to errors is any of the layers below.

Is it possible to prove that a  piece of software is error free?  No, here we reach inherent limits of computer science.  Edward Djikstra, one of the pioneers of computer science observed that  "Program testing can be used to show presence of bugs, but never to show their absence!"  Alas, one can never prove that a program has no errors.


Unfortunately, "bugs will always be there" has become an accepted mantra amongst developers and in many cases it leads to a lack of rigour in approach to writing code.  The engineering process led practices of most software development organisations has moved the focus firmly away from the primary work product, code, to different kinds stuff like methodologies and process improvements to address question of quality ( or lack of quality).

Process improvements, in some cases, have resulted in better practices and led to introduction of automation of error prone tasks such as building and deployment of systems. However, it might be too optimistic to expect that process improvements will have the outcome  of people automatically writing better quality of code.   Programming is a craft and craftsmen must craft their artefacts with pride!!

Eventually, the errors or bugs are traced to  faulty code written by developers. To tackle this one must  bring the focus of the organisations back to the primary work product- the code. People who write good code  must be valued and people who write poor code must be called out.  Developers must  follow the rigorous discipline that is required to master the art of writing and testing code.

Companies must build a culture where developers obsessively avoid writing erroneous code and visibly reward developers who do so. In order to do this, management ,at the highest levels, must bring the focus squarely on  the primary work product - code. For that is what runs your business.



Comments

Post a Comment

Popular posts from this blog

Model correctly and write less code, using Akka Streams

Image
One of my most productive days was throwing away 1000 lines of code. -- Ken Thompson More than two decades of writing software programs to earn some humble money and to keep the home hearth warm, has taught me that writing simple, elegant and readable programs result in much more maintainable and extensible software. Importantly, stakeholders prefer to have maintainable code. One way to ensure that  these properties exist in the code, is to write fewer lines of code , wherever possible. Generations of greats in the world of computer science and programming have been reminding us about this little yet undeniable truth. Yet, it is surprising how often we tend to ignore this, knowingly and to projects’ detriment. If we have to write programs that are simple to understand, we have to understand the problem well, before anything else. If the problem is redefined in simpler and more fundamental terms, then it becomes easier to model the problem in the programming terms. The so
Read more

Your Microservices are asynchronous. Your approach to testing has to change!

Image
Conceptually, the idea of an application being composed of a number of MicroServices is quite self-evident and therefore, quite appealing. A complex solution, which is broken into a number of self-sufficient modules, each running on its own, each capable of responding to messages, each amenable of upgradation/replacement without letting any other know about: sounds too good to be true! The icing on the cake of course, is that each such service can run on its own containers! No wonder then, that senior stakeholders of software projects or initiatives, love to insist that the application be modelled as a bunch of MicroServices. The technology team responds favourably, of course, because everyone wants to be seen among the pack, if not ahead of the pack! Jumping in sounds exciting, even though the swimming may not be, but we don’t really care, do we? The proverbial devil is in the details. In my experience so far, the term Microservice is thrown about without much thought. T
Read more

Who is afraid of immutable data?

Anand Kumar Keshavan   Founder/Partner  Swanspeed Consulting Lately, my LinkedIn feed has been getting posts about events on functional programming with special emphasis on how to deal with immutable data . True, many programmers are puzzled when told that from now onwards you shall not modify the value of a variable once it has been initialised. "But how can I work with  loops? Doesn't incrementing a counter need the value of a counter to be changed?"  This is just the result of doing something  over and over again and can be overcome by learning some programming techniques such as recursion  and map/reduce over collections.  The larger problem, however, lies with the questions of the following nature: "What about real world things like account balances ? How do I change  the account balance of I am not allowed to change the value?".  ( To be fair to programmers who are new to the functional world , such questions have been raised by some eminent though
Read more