Showing Revision 3 created 05/25/2016 by Udacity Robot.

1. Title:
   Reporting Bugs - Software Testing
2. Description:

3. 0 0:00 - 0:02
   But now I would like to talk a little bit about the art of reporting bugs.
4. 2000 0:02 - 0:05
   So let's assume that you're successful in creating some sort of really nice
5. 5000 0:05 - 0:07
   random tester that starts crashing utilities.
6. 7000 0:07 - 0:09
   Let's say for example that you want to do your own fuzzing study.
7. 9000 0:09 - 0:13
   So if you recall a fuzzing paper was written in 1990, one was written in 1995,
8. 13000 0:13 - 0:15
   then another in 2000, another in 2006.
9. 15000 0:15 - 0:17
   So now it's 2012 and is basically time for a new one.
10. 17000 0:17 - 0:21
    You do it and so what you do is go take whatever operating system you choose,
11. 21000 0:21 - 0:23
    and you start crashing software and hopefully
12. 23000 0:23 - 0:26
    instead of just being happy about what a successful effort you've had,
13. 26000 0:26 - 0:28
    you'll report the bugs to the maintainers so they can start
14. 28000 0:28 - 0:31
    improving the robustness of the software. Let's talk about how to do that.
15. 31000 0:31 - 0:35
    The first rule and it's really simple is don't report a duplicate bug.
16. 35000 0:35 - 0:39
    To avoid reporting duplicate bugs is to go to a bug reporting systems that most open source projects
17. 39000 0:39 - 0:43
    maintain and search on some symptom of the bug that you've found and see if it's been reported.
18. 43000 0:43 - 0:46
    Let's say we've found a way to get a segmentation fault
19. 46000 0:46 - 0:49
    out of all the m and we'll see if anybody else has that way.
20. 49000 0:49 - 0:52
    Well okay, so we only have one reported here and so it's really nice.
21. 52000 0:52 - 0:55
    What we would do then if we want to report a new segmentation fault to an LVM is
22. 55000 0:55 - 0:58
    we'll go ahead and look at this and see if the new one that we're going to report
23. 58000 0:58 - 1:01
    seems to be sufficiently different and if it is, we'll probably go ahead and report it.
24. 61000 1:01 - 1:06
    The next golden rule for reporting bugs is to respect whatever the local conventions are
25. 66000 1:06 - 1:09
    of the community that you're reporting to and so the best thing to do here is just look for some bugs
26. 69000 1:09 - 1:13
    that have been reported and see what kind of discussions they generate and try to take sort of a
27. 73000 1:13 - 1:15
    similar tone to what people have already done.
28. 75000 1:15 - 1:20
    The third thing is to report a small test case. I'm going to say here a small stand alone test case.
29. 80000 1:20 - 1:25
    The test case manipulation stuff that we have talked about a little bit earlier is really important
30. 85000 1:25 - 1:29
    for purposes of bug reporting and that kind of a process should always be a part of
31. 89000 1:29 - 1:33
    your bug reporting and the second cause here a stand alone test case is also really important.
32. 93000 1:33 - 1:37
    This means for example, don't report a bug that depends on some other file
33. 97000 1:37 - 1:41
    that only exists in your machine because that's not very useful to the people who are going to try to
34. 101000 1:41 - 1:43
    reproduce the bug because of course they don't have the other file.
35. 103000 1:43 - 1:46
    Do what you can to make a bug report stand alone.
36. 106000 1:46 - 1:51
    The next rule is when we report valid test cases and so this referring back
37. 111000 1:51 - 1:54
    exactly to the input validity problem that we've been talking about
38. 114000 1:54 - 1:59
    that I'd talked about a number of times in the material in random testing and if the software
39. 119000 1:59 - 2:03
    to which your reporting bugs isn't supposed to programmatically reject invalid inputs
40. 123000 2:03 - 2:07
    then you shouldn't report any valid inputs and so an example of this system is for example
41. 127000 2:07 - 2:13
    a C compiler isn't suppose to reject invalid inputs and another example might be something like
42. 133000 2:13 - 2:16
    internal communication between the JavaScript engine and a web browser
43. 136000 2:16 - 2:20
    there may not be total input checking on some sort of an internal interface like that,
44. 140000 2:20 - 2:23
    and so basically, we just want to be sensitive to the fact that some systems can't do
45. 143000 2:23 - 2:27
    or aren't equipped to do full validity check of their input and for those systems
46. 147000 2:27 - 2:30
    we often need to make sure the input is valid ourselves by hand.
47. 150000 2:30 - 2:33
    Now of course other systems and we've talked about things like Acrobat reader or whatever.
48. 153000 2:33 - 2:36
    These are suppose to reject invalid input and they are not suppose to crash
49. 156000 2:36 - 2:39
    in some sort a buffer overflow even on invalid inputs.
50. 159000 2:39 - 2:41
    For those kind of programs, this issue doesn't really exist.
51. 161000 2:41 - 2:45
    The next thing you need to do is tell the people who are the recipients for your bug report
52. 165000 2:45 - 2:48
    what the expected output of the system was that is what you hope would happen
53. 168000 2:48 - 2:51
    if the system wasn't buggy and what the actual output was.
54. 171000 2:51 - 2:55
    That is to say what really happen on your system and so the temptation is to not supply these things
55. 175000 2:55 - 2:58
    because you think it was insulting or you think that's really obvious, but in general
56. 178000 2:58 - 3:01
    it's a good idea to err on this side of caution and include these things.
57. 181000 3:01 - 3:05
    So you might include a bug report to the Python maintainers saying that when I added 1 + 1,
58. 185000 3:05 - 3:07
    I was really expected to but then this implementation,
59. 187000 3:07 - 3:10
    this particular version of the implementation printed 3.
60. 190000 3:10 - 3:13
    The next thing you need is to make the failure reproducible because nothing will get a bug report
61. 193000 3:13 - 3:19
    ignored faster than the incompletely irreducible and so you need to include things like platform details.
62. 199000 3:19 - 3:22
    For example this probably crucial information that your running Firefox on windows
63. 202000 3:22 - 3:25
    as oppose to Linux if you are trying to report some sort of Firefox crash.
64. 205000 3:25 - 3:28
    The exact version of the software under test is important
65. 208000 3:28 - 3:31
    and of course, if this is some sort of an open source project where you've hacked yourself
66. 211000 3:31 - 3:35
    before compiling you will definitely need to include details about that in the bug report.
67. 215000 3:35 - 3:39
    But if this little bug is your fault, then you don't want to waste people's time trying to track in down.
68. 219000 3:39 - 3:43
    So in summary, if we're able to come up with good solid answers to all of these requirements,
69. 223000 3:43 - 3:46
    that's a great idea to report a bug and so let's go ahead and do that right now.