Tips for finding things in your program that are broken that you don't know about?

Question

I was working on something for a client today when I found a way to break some functionality in our program.

(The code is really legacy code, it's been in development for about 10 years and I've only been working here for about a year.)

It didn't cause an error, or cause the program to crash, but if a user was using the program and duplicated the behavior I'm pretty sure they'd be holding up their "WTF?" flag.

In our program we have named fields (textboxes) and static text (labels) that can be linked with the textboxes. When the textbox is not filled in the label(s) that were linked to them disappear.

The functionality that I broke was, when you change the name of a textbox that already has one label or more linked to it, and save the file, without re-associating the one or more labels associated with the textbox, the formerly-associated labels appear when the textbox is blank.

Now my thinking on the matter is that a simple observer pattern could have solved this problem in the first place, but then I didn't write the code.

I was thinking that if I could dig up more situations like this with the guys in my shop, that maybe I could talk them into considering unit testing, decoupling, applying patterns where they are called for and the like.

So for this reason I was wondering if anyone had any tips for finding broken (but not error causing) functionality in any sort of app (web-based, desktop, etc...)

Answer 1

assert() Also unit testing with coverage analysis.

Answer 2

Hire some testers.

Answer 3

Test, test, test.

Do unexpected things. Start doing one task and switch another to see if anything goes haywire. Use the back button when you're not supposed to. Open it in two windows. Let it time out.

Test in all browsers, especially IE.

Answer 4

For an app to fail usability, it has to have a defined set of expected behaviors.

"Is this textbox SUPPOSED to do nothing when the enter key is pressed?" Maybe it is, maybe it isn't. I've seen apps where a tester/reviewer reports something that they ASSUME should work another way, when in actuality the client specifically asked that they DON'T want the form submitted on a return key press, but only a submit button click.

So basically you have to define proper behaviour before you can determine incorrect behavior.

Answer 5

If it has an interface, then one of my favorite unconventional test is putting 5-10 year old children in front of it. You'd be surprised what they can come up with (especially the younger ones). While this may sound like a joke, it isn't -- it really works, because children don't have the mindset of only going through "mindset" paths.

And yeah, children are the experts in "breaking things" xP.

Answer 6

Code inspections, i.e. reading the source code: if you had taken time to read/inspect the source code, looking for "smells" or even just looking for code whose behaviour you don't immediately understand and agree with, you might have been holding up your "WTF?" flag too.

Answer 7

You can find database connections/sessions aren't released by:

• working out the minimum number of connections you need to do something
• setting resource limits to that minimum number
• ensuring one "run" of the scenario that should use exactly that number (and release it afterwards)
• then run it again a few times... do you run out of connections?

I used to work in a company where programmers regularly used to forget to de-allocate db connections. The standard answer was to reduce the resource to a minimum to see if there's a leak - and to try to work out where it is by restarting the system and running different scenarios repeatedly.

Answer 8

This is particular to the Visual Studio IDE, although it probably also applies to others:

During testing, always at some point run in the debugger with "Break when an exception is thrown" turned on.

This can often help expose exceptions which are incorrectly being silently caught and which represent bugs, but otherwise may not be evident.

Answer 9

Code reviews should always also include reviews of the unit test code.

The problem is that with ad-hoc testing it's impossible to know how much or how well a developer has tested their code. So, you're at the mercy of different developers definition of the word "done".

If you include reviews of the unit test code at the same time you review the production code you should have a good idea of whether the code is really complete; in that "complete" includes "tested". Not just "Hey, I'll throw it over the wall to the testers!".

Answer 10

The first hour of code review, with the first reviewer, will do the most to find quality problems. But here's the thing: You don't need to convince people of quality problems. You need to convince them of the value of fixing bugs, and of rewriting only when the present quality absolutely justifies it.

I've dealt with some seriously bad code in my time. But you can't just rewrite. You need a spec before you can even tell if the rewrite is an improvement.

Sometimes, you have to infer the spec from the code and then check it against some human somewhere. But by the time you've done that, you understand the code as written and are now better prepared to repair than to rewrite -- most of the time.

Repair proceeds by a process of small behavior-preserving modifications that render the spec more clear in the code. Then, when you find something that looks wrong, you don't just change it. You ask around until you find the person responsible for that decision, and you get them to show you where in the spec it says that behavior X is correct. (This conversation can take many forms.) If you're lucky, they'll tell you that behavior X is in fact incorrect, and then you've earned your pay.