Archive for the ‘Software Quality’ category

Putting the pieces together

September 1st, 2010

My last two posts (one on Tester DNA, and the most recent on worries about the future) were written in isolation. The started the DNA post many months ago, and the future at least a year ago. I started and stopped completing the posts several times since their inception before finally completing them. For a bit of perspective, I currently have nine blog posts in my draft folder. Sometimes I think of something I want to write about, but realize that I don’t know what to say. When this happens, I start writing anyway – no matter what comes out. When I feel like I’ve written enough to dump my thoughts and save a draft. Then, I take a look at my drafts folder every week or so and see if there’s anything I want to finish – most just sit there until I give up and delete them. Overall, though, I would guess that a tenth or so of my posts, at most, sit in the draft folder before being posted – for blog posts, I favor much more of a stream of consciousness approach over heavy editing (which is easier for me, but I imagine it can be difficult for my readers).

Anyway…I ended up posting two random articles in a row from my drafts folder backlog. I didn’t mean for the posts to be related, but they are – I guess – or maybe I’m stretching things. At any rate, in response to my “the future is bleak” post Rikard Edgen asked which types of bugs I thought testers would miss. I thought I’d (kind of) answer that, and also explain why systems thinking is so important for testers.

Let’s start small – so small that we may not even need testers! Here’s a bug free program**.

void main()
{
    printf("Hello World");
}

Not very exciting – it doesn’t really do anything (**and it can’t be localized). Overall, it’s pretty useless, so for example’s sake, let’s expand our view of small to a small class or unit of functionality – you know, about the size you’d write unit tests for. You may have a bit of functionality – for example, selecting a book from a database. I like to picture a unit of functionality like this:

The unit is much bigger than the “hello world” example above, but with good design and good unit testing, it’s quite possible to write an entire unit that’s nearly bug free (from a functional level at least). In fact – I often speak of a dream of mine where testers never find unit level functional bugs, and that developer tools and approaches eradicate these types of errors in software forever…but I dream a lot.

People expect software do be useful, and an application that does nothing but select a book from a database wouldn’t be very useful at all– people probably want to add or read reviews, see publisher information, sort book lists, or add the book to a shopping cart for purchase. By the time the software ends up being usable (or marketable), it has a lot of units.

Now – even if all of the units are well designed and well unit tested, I would bet money and stock options that the application has plenty of bugs. This is because many bugs will occur where these units connect into larger pieces of functionality. In 1999, NASA lost $125 million because of a metric mismatch between two units (I bet the units functioned perfectly in isolation). These “connection points” (or dependencies) are a pretty common place for bugs to occur. The good esters understand where the pieces connect and “see the big picture” of the application in order to guide their testing. The testers with the systems thinking bit in their DNA, do pretty well at this, but it can be challenging for even the best of testers as applications get larger. At some point testers will need to use analysis tools to help them understand the connection points and dependencies, but their brain is still valuable in understanding the big picture of how the bits work together.

Now – as applications get bigger, this get’s harder. It’s impossible for a single tester to keep the big picture of something like SQL Server or Excel in their head – even a “trivial” application like the authoring client I’m using to write this post has a lot of moving parts and can be difficult to keep track of from a systems view.

One of my worries about the future is that trivial applications won’t exist anymore – ok – they’ll exist, but they’ll be part of much larger systems. In the examples above, those units that connected together into functional pieces became functional pieces that connect together into applications. Now, envision a world where applications (including services and devices) connect into mega-applications,services, and a world of interconnected deices.

If you believe my theory about bugs occurring at connection points, and that hugely interconnected software systems of the (near) future will look like this, you should realize that this is going to be just a bit more difficult to test. My stance is that you just can’t test a system such as this the same way you test a simple application. Sure, we’ll need to design the software so there are fewer connection points – or that the connection points are well managed and tested (you know – better than they did on the orbiter team). That also means that it would be beneficial if testers could test the design of the software (and that the design is testable). I expect testers will use sophisticated tools to help target their testing and recognize where error prone areas exist (and be able to run the right types of tests to reduce risk). An exploratory approach will still be prominent, but the challenge is where to look first, and what to do when you get there. This is where I think the tester DNA – problem solving, quick learning, and big picture thinking will be critical. And it will still be extremely difficult to test such a system.

Of course, it’s a valid argument to just build a system first then wait for test to catch up. That’s pretty much what’s occurred in software engineering up to today, and software is still advancing (although software quality, arguably, is not). My worry is that gigantic software systems are even more prone to critical errors due to an exponential number of code paths as well as the “death by a thousand cuts” effect of thousands of components – each containing “only a few” bugs.

My opinion is that we actually need to improve the way we do testing (actually, the way we create software from beginning to end) before we can pull off building a system like this. There’s a good chance I’m completely wrong…but maybe I’m right.

5 comments »

Posted in Software Quality, Software Testing, Test Careers

Will we survive the future of software?

August 29th, 2010

I’ve been thinking about writing this post for years, but have had it floating around between my head and a draft for the last few months. I’ve held on to the post because even though it’s not my intent, I’m probably going to piss off someone who takes my points the wrong way or misinterprets what I say.I’m still not sure where I’m going with it, but I need to try to get these thoughts out sometime, and now is as good of a time as any.

I’m worried about the future of software testing. To be fair, I’m probably as much to blame as others, but I’m so bothered about this that I’m actually beginning to get a bit depressed. But I suppose I should explain myself before I rant any more – so let’s start with the current state of software testing.

But before that (and in the hope of diffusing the hard message a bit), let me say that I’m quite happy with what’s been happening in software testing recently. The “voice” of software testing is gaining momentum, and there are many active participants in discussing the basics of software testing so that the new crop of testers has a strong base of knowledge for the future. We have brilliant people emerging in the world of software testing, and I love the passion they have for the craft. It’s great to see so many testers online discussing their experiences and working hard to hone their skills. But we’re still talking about the same stuff testers were talking about ten years ago. The testing community is abuzz with discussions about basic tester skills, basic automation approaches and basic approaches to measurement. The discussions are lively, and people are learning – but they’re learning the same things testers were learning last year, the year before that, and the year before that. I like presenting and attending conferences like STAR and other similar conferences – but those conferences are targeted at new testers, and talk topics are dominated by the same things topics that have been around for years. I checked out the STAR conference proceedings from ten years ago (you can look too), and it looks remarkably similar to this years conference. In some cases, the arguments and points are more refined than ten years ago, but a remarkable number of those talks could just as easily show up on any conference program this year.

The state of the art in software testing will go nowhere if we never look beyond the basics. Highlighting flaws in simple applications written by the IT department of a small company (or parking garage) is interesting, and it develops basic skills, but it does nothing to help us understand better ways to test huge interconnected systems or services under constant load. The future software systems shown in many science fiction movies may never come to light – and it won’t be because of technology or cost factors – it will be because we won’t know how to test these systems adequately.

One way to view the current body of knowledge in software testing something like the triangle below. At the bottom of the triangle is the “101” level of software testing. This is important stuff. It’s the basis of the skills, approaches, and techniques that are the core of software testing. My triangle is disproportionate, as his is probably where 99% of the software testers spend their time (ok – to be fair, some never even make it on to the triangle). The big problem here, as I said above, is that this enables the advancement of our future, but does little to nothing to help the future.

testing triangle

The middle section of the triangle – new ideas and approaches do occur semi-frequently, but we more often than not view them as game-changers when the impact on the future is relatively minimal. Like the bottom section of the triangle, we need thinking in this area, but it’s not going to take us where we need to go. The top section of the triangle contains the true game changers. The new thoughts (or more likely, thoughts and ideas from some other area applied to testing) that will bring us into a new era.

Let me return to my worry (and a problem I mentioned above). My fear is this: The software testing we are doing today will be inadequate for the software of tomorrow. It doesn’t matter how good we are at the basic skills, it won’t be enough. What I fear is going to happen is that we will go ahead and create the software of tomorrow but we’ll try to test it like we test software today. For example’s sake, envision the systems of “Minority Report” – most of the pieces of technology in this movie have been demonstrated, but never with the flawless interconnection that Hollywood showed us, Do we have the skills and tools (and people) to test such a system today? Not. Even. Close.

What I’m afraid will happen, is that we’ll eventually build a similar system, and we will try to test it with the tools, approaches, processes (and many of the people) who are testing software today.

And there will be massive software failure, and very bad things will happen. At least then we may find enough motivation to advance the state of the art in testing.

But we don’t have to wait. If you’ve take a reasonably close look at the software of today you know that we could use some innovation and advancement now. The right thing to do is to start moving beyond the basics and figure out how we can do better testing today. How do we test massively complex systems? How do we do so efficiently? Are the software testers of today the right people to test the software of the future?

Moving up the triangle is a hard move to make. Testing consultants make their money in the bottom of the triangle, so why would they have any motivation to make a move outside of the cash flow? But it’s not the consultant’s fault either. The testing profession has a high enough turnover that there are a huge number of new testers every year looking to get their foothold in the bottom rung of that triangle. Also consider that most of the testers today aren’t testing huge systems used by millions of users – they’re testing one-off IT apps used by hundreds (or dozens) of people who don’t care if the software has a few minor issues. There’s no need (or time) for most of these testers to ever get out of the bottom rung of the triangle.

It’s vicious circle, but we have to find a way out.The future depends on it.

I wish I could say that my next blog post will have all the answers. (it won’t). Instead, I’m going to continue to study, learn, and experiment. Somewhere out there is the knowledge that we’ll need to survive the software of the future, and I want to be part of making that future software successful. I hope that some of you can help make it happen as well.

2 comments »

Posted in Software Quality, Software Testing, Test Careers

Code Coverage with Manual Testing

August 11th, 2010

Here’s a tip. Want me to write about something in particular? Ask me a question. It’s that easy. Tim Coulter had a question about my last blog post. He asked:

Would love to hear how you check code coverage of manual testing, actually. Is that just “feature coverage” (break it up into logical blocks and test those)?

I realized that a lot of people may not be measuring code coverage during manual testing – but it’s quite valuable to do so, as measuring code coverage still helps you find missing tests.

Let’s consider a silly command line app that does math operations. It takes 3 parameters, the first two are the values to operate on, and the third parameter is the operator to execute. For example, a command line of 2 3 + would return a value of 5. Let’s test it (manually).

c:\example>calul8r.exe
Usage:
calcul8r [value] [value] [operation]
for example:
  calcul8r 4 2 +

c:\example>calul8r.exe 2 3 +
The result of 2 + 3 is 5

c:\example>calul8r.exe 4 2 -
The result of 4 - 2 is 2

c:\example>calul8r.exe 5 5 *
The result of 5 * 5 is 25

c:\example>calul8r.exe 15 3 /
The result of 15 / 3 is 5

OK – looks like it sort of works. But are there test cases we forgot? Let’s look at what code coverage tells us.

1 int DoMath(int val1, int val2, int valOperator)

2 {

3 int result = 0xbaadf00d;

4 switch (valOperator)

5 {

6 case ‘+’:

7 result = val1 + val2;

8 break;

9 case ‘x’:

10 case ‘*’:

11 result = val1 * val2;

12 break;

14 case ‘/’:

15 case ‘\\’:

16 if (val2 ==0)

17 {

18 printf("Invalid input. Cannot divide by zreo");

19 }

20 else

21 {

22 result = val1 / val2;

23 }

24 break;

26 case ‘-’:

27 result = val1 – val2;

28 break;

30 default:

31 printf("Unknown oprator – %d\n");

32 break;

33 }

34 return result;

35 }

The “meat” of this app is in the DoMath function, and the results show that I missed a few lines of code in my first round of tests. The first two lines I missed (lines 9 and 15) are a bit of discovery. It looks like the app can take the letter x as well as an * (asterisk) for multiplication, and a backslash (\) as well as a forward slash (/) for division. The functionality is the same, but it’s interesting nonetheless.

Oh – but I was stupid and forgot to test for divide by zero. It’s nice that there is some error handling for that, but if you look closer, you’ll see that executing this particular test would reveal a typo in the output string.

I also forgot to test with an invalid operator – and wouldn’t you know it, there’s another typo there. What I’ve done is used the code coverage data to guide my design for new tests. This app is simple, but the idea works on a larger scale too. I’ve known testers to discover large areas of functionality they weren’t aware of before, or (more often) hidden functionality within the areas they had tested extensively.

An important thing to remember is that once I’ve added those test cases (and reported those bugs), is that I’ll have 100% code coverage. Remember though, that 100% code coverage doesn’t mean bug free. In fact, this app doesn’t check for integer overflow. Sure enough, check this out:

c:\example>calul8r.exe 2147483647 1 +
The result of 2147483647 + 1 is -2147483648

Oops! Remember – just because the code is “covered”, it doesn’t mean it’s tested. Please don’t forget that (and don’t let your managers forget either).

Thanks Tim, for prompting this post – I hope you (and others) find it helpful.

1 comment »

Posted in Software Quality, Software Testing

An Approach to Code Coverage

August 9th, 2010

My team at Microsoft is starting to use code coverage a little more diligently. Code coverage has been used for some time on the team, but we’re just now getting to a common approach and recording mechanism. There are a few things about our approach that are a bit different than I’ve seen most other people use, so I thought I’d share it here.

As a quick aside, we measure code coverage using block coverage (block coverage is similar to line coverage except that it groups continuous non-branching statements into a block for counting purposes). I’ve found that bullseye has a very good primer on code coverage measurement for those who are interested in more than I feel like writing about today.

A small group of us worked on the toolset, process and strategy for our team’s use of code coverage. One topic that came up was what target percentage of code coverage we should set as a goal. Years ago, when I was on the CE team, I helped build and deploy our code coverage toolset. Once our tools were working and we measured coverage, we set a goal for the next release (65% if I remember correctly). We cranked up the number a few percentage points each release, and I think we were approaching 80% by the time I left the team. As I type this, I remember something about making a promise to shave my head if we got higher than 80%. That’s only funny because about a year ago, I did shave my head (it’s since grown back).

That history is interesting, because I had been anticipating the question (target for code coverage percentage), and I was (and am) adamant about the code coverage goal I would like our team to shoot for.

I’m adamant that we have no goal for code coverage.

The problem of having a target goal for code coverage is that code coverage will improve – i.e. you get what you measure. Wait a minute – shouldn’t improving code coverage be a good thing? It is (for reasons I’ll explain lower), but here’s what usually happens in practice.

Let’s say I own three features – one major feature with high customer impact, one area with low customer impact, and one that’s somewhere in the middle. Now, let’s assume that my team has a goal of 70% code coverage (measured as an average across the components I own). I measure code coverage, and here are my results.

	Feature 1 – High Impact	Feature 2 – Medium Impact	Feature 3 – Low Impact
Code Coverage	70%	60%	50%

Now, if your goal is to get your average to 70% (or even if your goal is a minimum of 70%), you are going to put your testing efforts into testing medium and low impact areas. Shooting for a code coverage goal can convince testers to throw out their prior knowledge of risk and impact, and instead focus on “improving the number” – by testing stuff that probably doesn’t need more testing, while ignoring potentially important stuff. If you never measured code coverage in the first place, would you really spend time doing additional testing on the medium and low impact areas of the product (with more effort needed for the low impact area)?

It’s time to discuss the goal of measuring code coverage. It’s foolish to think that higher code coverage has anything at all to do with product quality. It only measures whether code is executed on at least one path. One of my common “Alan-isms” is this:

The only thing that 80% code coverage tells you is that 20% of your code is completely untested

What code coverage does do is point you to holes in your testing. The goal of measuring code coverage is helping you (as a tester) understand what is not being tested. Once you discover what’s not being tested, you can make a choice based on risk and impact on whether you need to add additional tests – or if your time is better spent elsewhere. By not having a percentage goal for code coverage, I hope the team can focus on improving tests and testing rather than improving a number.

By the way – you can replace the words “code coverage” with “test automation” above and tell a pretty similar story.

Another thing we’re starting to do is measuring code coverage on check-ins. We’re fairly late in the cycle now, so we want to be careful of regressions and ensure that all of the code coming into the product is well tested. What we do is filter our code coverage view to only look at changed lines of code in the changed list. Say we have a binary that has 10k blocks of code, but the latest checkin only changed (or added) 25 blocks. We can filter our testing and coverage on just those 25 blocks and ensure that we’ve at a minimum executed each line at least once during our initial testing. This helps a lot with regressions, as we can ensure that we look at error cases and other little used paths very close to the checkin rather than waiting until those errors pop up at a much later date.

This gives us the potential for 100% code coverage on every changed line of code.

But I would never make that a goal :}

5 comments »

Posted in Communicator, Software Quality, Software Testing

Taking a break

July 19th, 2010

I’m taking a vacation. usually people say a “much needed vacation”, or a “long overdue vacation”, but in my case it’s just a vacation. My new job is keeping me interested, engaged and I’m having fun – truthfully, I can’t wait to get back, but it will be nice to spend some time with the family for a few weeks.

I do think that I need a break from the blogosphere and twittterville. I’m immensely excited about the number of new test blogs and test tweeters appearing these days, but I’m sort of bothered by the lack of advancement in testing ideas – it seems that people just keep on talking about the same things over and over, and keep on rehashing old arguments or statements rather than exploring new test ideas. I get it – if you do stuff wrong, it doesn’t work. There are no silver bullets. Testing is hard. Don’t insult my intelligence by telling me those things again. Even if you use all caps or new metaphors, it’s the same statements again and again and I’m getting bored.

I’ve (almost) always taken a high road with my community participation. I sometimes see popular testers tell half-truths or exaggerate their accomplishments in their diatribes to the masses, but it doesn’t seem right for me to call them out and set the record straight (even if I frequently wish someone else would). I’m not about to make every post a rant, but may not bother to try to appeal to a wide part of the testing population either. I guess the point is that I’m not seeing what I want out of the community or my own blogging, so I’m hoping that by not reading or writing blogs or tweeting for the next few weeks that I’ll figure out what I want. If not, I’ll just take more time off until I figure it out.

Feel free to leave comments – if you haven’t commented on this blog before, comments may sit in the moderation queue for a while. The rest will go through unedited until I get around to playing with the internet again.

Edit – 3:00pm, July 19

It doesn’t matter who I’m referring to above – if you think I’m talking about you, I probably am not talking about you – unless you’re sure I’m talking about you, then you’re only probably wrong.

Also – I’d like to point out that I’m a huge fan of all testers actively engaging and learning about the craft. Groups like weekend testers and individuals who explore new approaches are high on my “love” list. Also note that many who think they are actively learning and engaging actually aren’t doing either. If this statement bothers you, please refer to the above paragraph.

4 comments »

Posted in Me, Software Quality, Software Testing

Thinking about bugs

July 13th, 2010

I probably haven’t mentioned in a while how nice it is to be back on a product team. The complexity and dynamic nature of software development is something I missed more than I knew, and I’m having fun being back in the flow of shipping a product for a million or so users. One thing that I never got a chance to think about while I was in EE was bugs. To be clear, I got to think about the concept of bugs, but not about real live bugs. Bugs are a big byproduct of the testing process, and like it or not, they help dictate some part of the flow of software development. At the very least, they give us something to think about.

So let me share what I’ve been thinking about…

Every bug is more difficult to find than the previously found bug. There will be little hops off the axis, but in general, I believe this to be true. Imagine if the opposite were true – if every bug were easier to find than the previous bug, we’d find more bugs every day and eventually have a product consisting entirely of bugs (insert joke about your least favorite product here).

As bug discovery decreases, product quality improves. There are plenty of reasons where this may not be true, but if few bugs are being discovered, it probably means that product quality is improving (or that all of the testers went on vacation) – but …

Tester skill and knowledge increases with each found bug. When a tester finds a bug, they also acquire knowledge. They learn something about the product, or a technique or behavior that they can use to find bugs in the future.

Tester skill can’t grow as fast as bug discovery difficulty decreases. If tester skill improved faster than the difficulty of finding the next bug increased, we’d find more bugs over time until we had a product with more bugs than …yes – you see where I’m going.

<some made up line charts would do well here, but I’m feeling lazy>

What I’m struggling with is coming up with a better understanding of how these statements interact. In more concrete terms, if the number of bugs discovered in a product or feature area isn’t tapering off at “an expected rate”, does that mean that product quality isn’t improving as much as expected, or that tester skill is improving more than expected? Since the answer is (you guessed it) “it depends”, how do you dig deeper? How do you know the right answer with some degree of confidence?

I have answers for this that satisfy me (customer data is a big part of this), as well correlating a bunch of other measurements, but I wonder if anyone else thinks about stuff like this and has other thoughts or ideas or experiences to share.

2 comments »

Posted in Software Quality, Software Testing

It must be simple

May 31st, 2010

Many of you know that I’m a big fan of the five orders of ignorance (link is to my interpretation – the author’s original paper is here). I especially like the concept of “unknown unknowns” those bits of knowledge that are critical – despite the fact that we didn’t recognize those bits until they fell onto our laps.

I’ve been pondering over an interesting fuzzy line between Armour’s second level of ignorance (you know you don’t know something), and his third level of ignorance (you don’t know you don’t know). I’ve noticed that often, when you know nothing about a subject, you perceive it as simple. Then, as you learn more, it seems impossibly difficult; and then, as you master it, it become’s easier to manage (but probably never as simple as you imagined in the first place). The second and third levels of ignorance seem to play with each other as you try to move knowledge into the first level of ignorance (you know what you know)

An example would probably help here. Many years ago, I knew nothing about recording music, but I wanted to be able to record my own stuff, overdub, mix, edit, etc. Since I had never done it before, I was convinced it was easy, and that anyone with a brain and a halfway working set of ears should be able to do it.Within a few weeks of attempting to pick up this “easy task”, I realized it was extremely complicated and required a lot of meticulous work (this was pre-digital, so within a few weeks I was fixing timing issues with a razor blade). I didn’t think I’d ever get a handle on it, but eventually I figured enough stuff out for my own purposes, and to this day I still uncover areas of complexity I never imagined.

There’s another great example of this from my list of favorite movies that came out when I was 19 – Better off Dead. There’s a scene where John Cusack’s character is on top of a mountain ready to ski down and his friend gives him this advice:

Go that way, really fast. If something gets in your way, turn

That’s exactly the “expert” advice someone who doesn’t know the subject would give. Steve Martin used to tell a similar joke about skiing – I don’t remember it exactly, but it went something like this:

Skiing – you go to the top of a mountain with slippery things on each foot and go down. Try not to – that would be a sport!

Perhaps a better example for testers is Jerry Weinberg’s Perfect Software book. To me, it’s not so much a testing book, but it’s a wonderful book to give to people who don’t know anything about testing – mainly because most people who don’t know about testing often think it’s a simple activity that has something to do with banging on keys or pushing buttons. Once you learn a bit about software testing, you of course realize that it’s far more complex than you ever could imagine. Eventually (if you’re lucky), you fall in love with the challenge and never look back.

I see at least a few examples of this phenomenon every day. I have lost track of the times I’ve heard people critiquing the efforts to plug the oil leak in the Gulf and offering their own advice. However, the fact that they haven’t been able to solve it, and have tried to fix it several ways must mean it’s probably a more complex problem than most of us understand (or that the efforts are run by aliens from the planet Stupid).

I suppose the moral of all this is that nothing is as simple as it appears – especially with knowledge acquisition. Keep it in mind the next time you think you know something …

4 comments »

Posted in General, Quality, Software Quality, Software Testing

Don’t forget the checklist

May 6th, 2010

I recently read The Checklist Manifesto: How To Get Things Right by Atul Gawande. This is yet another book not about testing that testers should read. Gawande is a surgeon and relates his experiences from the field of medicine throughout the book. )ne of the first chapters goes into depth on the growing complexity and body of knowledge in medicine, and how difficult it is to keep many of the important details of the practice in mind consistently. Sound Familiar?

In Gawande’s experiments, he looked at areas where there were “bugs” (“bugs” in his case were complications or death), and created short, simple checklists that could be used by the medical staff to reduce risk – and the checklists worked wonderfully – fore example, reducing infection in central line procedures by over 60%. He also points out the cause of error (I’m a huge fan of Reason’s Human Error) usually breaks down to errors of ignorance (not knowing the right thing to do), and errors of ineptitude (not knowing how to apply what we know).

Checklists aren’t new to testing. Kaner talks about checklists, and testers at Microsoft have been using “am I done” type checklists for at least 15 years (Michael Hunter has a great list here). Checklists are good tools for testers to use and probably worth looking at more closely.

But building a checklist is probably harder than you think. In my experience (Gawande saw the same thing), most checklists are too long and contain too much detail. They get in the way! To make matters worse, as you learn more, you will likely add additional items to your checklist. The solution is simple enough – start with the smallest possible checklist you think you can get away with (and then see if there’s anything else you can remove). Realize that your checklist can change over time as you learn more about your processes and the types of errors your team makes. Try it – I think you’ll find that checklists are a great help.

Remember - don’t forget to use a checklist (you can always use another checklist as a reminder)

2 comments »

Posted in Quality, Software Quality, Software Testing

Peering into the white box

May 5th, 2010

In a conversation last week at STAR, someone was talking about how far testers should debug an issue. Personally, I don’t like it when testers only report the surface of the bug, and I think good testers always dig a little deeper to see what other more interesting issues may be lurking a layer or two below. It can certainly be a bit of a time sink, however, if testers investigate every single bug to the line of code causing the problem. The interesting comment I heard in this particular conversation was the statement that “testers should never look at the code”. The points I heard in defense were all in line with the cons of white box testing – e.g. “testers need to focus on the customer experience, and looking at code ‘taints’ this focus”, or “it moves tester focus to non-essential testing”, etc. I, for the most part, agree, but I think there’s a hidden (but real) value in applying the tester mind to looking at product source code.

In my experience, testers are excellent code reviewers, and think testers should be involved in code reviews much more often than they are today. If you think about it for a moment, it makes a lot of sense. It seems that every week, I read another article or blog post explaining why developers aren’t good testers (“they only focus on the happy path”, “they don’t think of negative conditions”, etc.). There are also numerous articles and experience reports about the value of code reviews for finding bugs earlier.

Now, if you put 2 and 2 together, testers reviewing code must be a great way to find bugs early. When developers review code (and I’ve watched them), they look for the basic general programming errors, but mostly verify that the code does what it’s supposed to do. Testers, on the other hand, question the code – they ask “under what circumstance would this line of code fail?”, or what-if questions like “what if the input values were unexpectedly large?”. Testers also think about how they would test the code – simply asking “how would I test this” often unveils more problems.

I imagine that for some testers, finding bugs in code isn’t as fun as spotting real product failures, but it sure seems to me that some testers reviewing some portion of the product code is a pretty darn good idea.

I’ll tell you how to get started next time.

No comments »

Posted in Software Quality, Software Testing

Stop Guessing about my STAR presentation

May 3rd, 2010

For anyone who recently attended STAR East and saw my presentation, thank you for attending, and for reading my blog. Some of you have viewed the slides on the proceedings CD and noticed that it’s not really like what I presented. I tend to change quite a bit of material between the date the slides are due and the actual presentation (In fact, I added a new slide about an hour before the conference).

Here are the slides I presented last week. Stop Guessing How Customers Use Your Software

And here is the video I showed about what happens with Windows error reports.

7 comments »

Posted in Music, Software Quality, Software Testing

« Older Entries