Please note that my original post talked about “preventing most bugs”. There are two things to notice here:

1. Most is not all. True, as the product becomes larger and more complex, zero bugs is harder to achieve. But I still argue most current bugs are preventable.

2. Prevent doesn’t mean identify and fix. It means prevent. By increasing professionalism and using techniques such as professional code reviews, most bugs are preventable and at a reasonable cost. As a matter of fact, most chances are that with these preventable bugs in your product your development cost will be higher.

Lidor

I suspect bug-free is in the context of a simple product, or an overly narrow interpretation of the word bug and/or controlled environment.

Personally, I tend to be of the school that you can take steps to reduce bugs, but you can’t completely prevent bugs.

There also no account in the article about time to market, money, or diminishing returns,

What I mean by this, is reducing some bugs can be done with improved methodology and little or no additional cost. Reducing more bugs then starts to cost money and increase time to market. Reducing still more bugs costs still more time and still more time to market. At a certain point it becomes prohibitive (unless you’re NASA or something developing space shuttle software), to reduce still more bugs. Eventually it becomes prohibitive expensive to fix more bugs.

When dealing with unknown at release bugs, you can’t even precisely tell where you are on this curve, but you have to make an estimate.

As far as I remember the word flawless wasn’t mentioned in my writings. I never claimed I had a method for creating bug-free software, although (as I’ve mentioned) I know products that are still considered bug-free.

All I said that with the help of some techniques, and extensive professional code and design review among them, you get prevent most bugs.

Think for example of TDD. Can it prevent many bugs? Yes. Does it eliminate Eric’s argument regarding the bugs it prevents? Yes! If developers are not testing their code from day one, you will end up with a list of bugs you have to decide whether to fix or not. With TDD you just have fewer bugs to consider before release.

The same happens with professional code reviews.

I guess the only way to really be convinced is to try it (as well as other techniques of course). I don’t know what’s your bug rate today, and it will probably not be 0 after applying these techniques. But I can assure you it will significantly drop.

I can’t disclose “my secret” because there isn’t any secret. It’s all there: professioalism, awareness, reviews, testing, vision, good project managment. All these concepts/tools (and probably a few others) will make your software better. I don’t have a magic formula, but I know (as I said above) that we all can do A LOT better.

Lidor

I wrote earlier that you were claiming to be able to get rid of all bugs with a code reviewer. Maybe I jumped to a conclusion there. The reason I suggested that is that the first commenter asked how you propose to prevent most bugs, and you responded with a link to your code reviewing post, and two links to things you’re trying to sell. I didn’t (and still don’t) see how you propose to achieve flawless computer programming.

I would like to know your secret to bug-free software, and I hope you’ll disclose it on your blog. Until you do, I’m not going to believe it.

Thanks but no thanks for the offer of free consulting.

What Eric says is true, but it applies only to some of the bugs. Many other bugs are not known at delivery time (although they could have been). I argue that we sell buggy software mainly due to these bugs, and not because we performed a real cost vs. risk analysis.

Lidor

That’s where you begin talking about something else and yet come to the conclusion Eric is wrong. (?)

This article says nothing about who reads the code, under what contract does he work, and how many hours a week he reads code. Some of the references talk about the idea of professional reviews and mentoring, but all of your assumptions are just assumptions.

Mainly, there is no single person responsible for the quality of the code. This is the joint responsibility of all developers. The question is how to realize this responsibility in the best possible manner. Of course no single person can prevent all bugs. There isn’t any single method of achieving this. But bug prevention is possible using a combination of techniques and the awareness and professioanlism of developers. 

Bugs are avoidable! Most of them anyway. Buggy software is not a force of nature. If other industries can create quality products, so can we. The fact that YOU can’t think of a high quality commercial product does NOT suggest that this is not possible.

Unless of course you have already gave up. From your tone (both in this comment and in others) I sense a lot of frustration. Suggesting that professional developers like yourself cannot create software with a much lower bug rate than we are accustomed to is just sad.

Every professional should aspire to create high quality products. That’s true for every craft. Ours is not different.

But don’t take my word for it. Read Steve McConell’s book: Professional Software Development (or any other book on the subject). I guess there are many "naïve people" like myself who believe we (as an industry) can still do a lot better…

And just for the record, I personally know a number of software products which were shipped on time and on budget without a single open bug, and which are still considered bugless at this point of time. Was this achieved by one person? Of course not! This was a joint effort involving effective professional reviews, extensive unit testing, great QC, and of course great developers!

Unfortunately, I can’t provide you with names and references for obvious legal reasons. So instead, I’ll throw in a challenge. If you will contact me personally, I would be happy to discuss this issue with you, and maybe even work with you for a couple of days on your project (free of charge). Maybe we can both learn something from each other.

Waiting for your mail….

Lidor

What?!? Are you trying to say you can prevent most bugs just buy hiring a full-time code reviewer? That’s ridiculous. Could you point out any successful software products, whose quality was all based on one dude reading code, that have shipped with only a couple of bugs? Not simple stuff like Tetris games. Real software that’s novel or useful.

-TimK

You are right. Thanks for pointing that out.

Please see the update to the post above with the links to other articles.

Lidor