The two sides of testing team lead Jonathan Patchell.

At daily standup meetings, they eye each other from opposite sides of the room. Sitting on the same side of the cubicle wall is unthinkable.

They’re united only by their desire to produce quality software products and their appreciation for coffee and energy drinks. What’s good to one side can be anathema to the other when it comes to code.

I’m talking, of course, about testing and development teams. In the interests of generating more comments improving dialogue between two very important functions in a software organization, our marketing director asked me to interview our testing team lead, Jonathan Patchell, about the ways in which developers drive his team nuts.

Patchell, a computer systems engineer, has been with Klocwork for five years and a team lead for two. He struck a fairly conciliatory tone for this interview, which sorta ruins the adversarial approach, but don’t let his diplomacy fool you. I’ve seen him suffering as the release date approaches and his demeanour changes completely.

Here are Patchell’s top dev peeves:

As a product manager, the only backlog I typically care about is my product backlog. Do I have the right stories in there? Do the stories have enough detail? Are they properly prioritized? You know, that kind of stuff. Today, however, I’m going to write about a very different backlog, that is the static analysis defect backlog.

A static analysis backlog is created when you run a static analysis product on your code base for the very first time. Chances are pretty good that the first analysis is going to list a large number of defects, some that are without question real, and some that perhaps are not. Do not freak out! This is the first time that analysis engine has ‘laid eyes’ upon your code and it is going to flex its muscles and show you any weaknesses it believes exist. So how does one deal with this? Here are a few strategies to help you:

1) Don’t boil the ocean. Before you even run that first analysis, don’t have a “wouldn’t it be cool” moment, where you decide to turn on every single rule the analysis engine has. There is a reason why static analysis tools haven’t turned on everything.  They are showing the most accurate and critical issues first.  So unless you have unlimited time and resources, your best bet is to start with a core set of rules and run the analysis based on that set. This core set of rules should include things such as memory/resource leaks, buffer overruns, null pointer dereferences, uninitialized variables, and so on. Add other rules once you have this core set under control.

Is your issue backlog making you cross eyed? Try these coping strategies.

2) Baseline your defects. Consider that first analysis your baseline and choose to ‘park’ them for the time being. Chances are the product that the analysis was run on is one that has already been released to the public, and in good working order. Zero out these defects for now, and start to triage them, which leads into strategy #3.

3) This is going to sound pretty obvious, but when it comes to managing your issue backlog start looking at the most critical issues first. These are the ones that are most likely to cause a failure of some sort, so determine if these issues are real, and if so, fix them immediately. Once you’re done with the most critical issues, move to the next level of severity, and continue on that way.

4) Finally, tune your analysis. Any good vendor will allow you to tune your analysis. The benefits of tuning are twofold; 1) you can find code issues that would otherwise go undetected and, 2) reduce the number of issues that the engine reports incorrectly in the context of your source code. You should think of ways to give the tool more context about your code base to increase accuracy.

If you follow these suggestions, you’ll definitely have a better grasp of your bug backlog, and you’ll be able to execute on reducing that backlog quickly and efficiently. If you don’t, then at some point, you may feel a little like the critter pictured here.

If there are any other strategies you’ve tried to deal with your bug backlog, leave a comment or two. I’d love to hear about them.

The year 2008 was a key year for mobile applications. In that year, Apple released its iOS SDK in March and launched the App Store with the release of iOS 2.0 in July. Let’s call it the start of the Mobile Gold Rush. Now in this mobile gold rush, there are hundreds of thousands of applications and amongst them many are bound to have the same idea and the same purpose. How does one app shine, while others won’t even get visits to their description pages?

Let me tell you about an experience I had. I used to own a smartphone running Windows Mobile 6.1. I loved the phone when I only used it as a phone, but simply hated it when it came to applications. There were thousands of issues I could have pointed out. The end result is that I am not going to purchase another Windows smartphone. Do you see where I am going with this?

Consumers always rely on their memory associations, whether conscious or unconscious, when it comes to purchasing new products. I would say almost everyone would not go back to using a product they’ve had a bad experience with when there are so many other options around. This goes the same for mobile application developers and development firms. I have uninstalled so many applications from my Nexus One within the first few minutes of their lives. It wasn’t because of the features they didn’t have or how horrid the GUI was. The main reason was they weren’t working the way they were expected to. Some users even kiss applications goodbye altogether according to this survey based on such experiences. Let me put it this way:

“If your code is not flawless, you will lose your market share and never be able to recover it.”

Application developers strive to develop new features giving them the competitive advantage or as my friend and mentor, Bruce Firestone, calls it “Pixie Dust”. This is completely the right thing to do; however, they should focus more on their apps’ perfect functional execution. Having a limited number of features that work exactly as the user expects is better than having more numerous, but buggy features. I know it sounds like a no brainer, but the success of a small number of apps as opposed to the thousand other ones doing the same thing should serve as sufficient evidence that it is easier said than done.

Buggy code hurts the application and the developing company’s brand. Making sure your code is near perfect would be a strategy I would like to call the Pre-Branding Protection Plan. With the abundance of competitors in the mobile gold rush, bad apps will almost permanently prevent market recovery and destroy sales.

One method I use to make sure my brand would be protected is using J2ME static analysis tools. There are various paid and free tools, but I am very happy with the Klocwork Solo, which is geared for J2ME developers. I had never used such tools and only started using them when I joined the company. I don’t know what I would do without them now. In my next posts, I will discuss some of the issues the tool caught that improved my productivity and the efficiency of my code.