Nothing can ruin your day like a poorly-written bug report.
I've seen several sets of guidelines for bug reporting in different organizations. In your opinion, what guidelines/steps are most essential for good bug reporting?
Feel free to share complete guideline recommendations from prior/current projects/organizations.
As a developer, this is the information I need to solve a problem:
In that order. Anything less than that results in difficulty in either reproducing the issue or identifying differences in how the requirements are being interpreted. Anything more has the potential to confuse the developer.
Or why I don't like your edit
Steps to reproduce should be a written, ordered list of steps which include as much detail as possible. Be careful when including the following in your report:
Screenshot:
Only include a screenshot if it adds to the explanation of the bug. Do not use a screenshot as a way of proving that a bug exists. If a developer is not able to reproduce the issue then there is something missing from the steps. Work with them to figure out what it is (we don't bite, most of us anyway).
Video:
A video is often more helpful than a screenshot because it will often include details of steps that are not documented but in general the same caution applies.
Notes:
If you use a specific environment/tool to reproduce the bug, setting up this environment/tool should be included in the steps to reproduce.
Issue Reports (Bug Reports) are one of the main communication methods that QAers use. You are creating a statement to your stakeholders - "I have found what I think is a problem, and here's my clear explanation of what it is and how you can see it too. Please look into this".
Understand the Audience for the Report
It's important to know who is going to read your Issue Reports, and what they are expected to do with them.
For some shops, the only readers will be yourself and one or more developers. If that's true, you can use all sorts of jargon and abbreviations that you each understand.
But in many shops, there will be lots of stakeholders who need to read what you write - other QAers, Developers, Support, Product Management, Documentation, Management, etc. It may become more important to use less jargon, and add more details.
There are a few special cases that must be kept in mind as well.
For example, if offshore testers or developers must read your Issue Reports, you'll need to pay special attention not to use confusing jargon or colloquialisms in your writing.
If customers will eventually read your Issue Reports, you'll need to be very, very careful in choosing your words. (By the way, this is not something I'd recommend, without first sending the Issue Reports to a skilled writer for "sanitizing" first.) You may even be better off having two different descriptions of the bug - one for internal consumption, and one for customers.
Choose a Good Summary/Title
Since the one-line Summary or Title is often what prompts someone to decide to read your Issue Report further, and is often the only piece of information about the bug showing up on summary reports, it's important to put some thought into this field.
The title should be short (because it may become truncated) and to-the-point. It's tempting to cut corners and write just a few words here "Program x crashed" - but clearly that's not useful.
Also, you don't need to include the text here that is already included in other fields of the bug tracking system. For most systems, items such as severity/priority, product, component, etc are tracked in their own fields. No use wasting valuable space in the Summary/Title on these.
Describe the problem concisely and effectively
In a paragraph or two, describe the problem. Here you can use more words than the Summary/Title will allow but still avoid wordiness. Include Steps to Reproduce the Problem you are Seeing Not every bug is fully reproducible. But, it's important to try to find out a relatively minimal set of steps to reproduce the problem and to note them in the Issue Report. This gives the developer a fighting chance of seeing what you are seeing and actually getting it fixed quickly.
Avoid steps that don't matter - those which have nothing to do with reproducing the bug. Including too many steps can waste time and lead to confusion.
Include all steps which actually seem to matter. Write them in a clear style, in a manner which avoids guesswork.
It takes a bit longer to narrow down the steps, but it's usually time well spent.
If the bug is not fully reproducible, indicate that clearly in the issue report.
Include the Results you Expected
Often, QAers know what is expected out of a sequence of steps better than Developers.
Sometimes, their expectations are right, sometimes they are wrong. Either way, include what you expected to see.
Include the Results you Actually Observed
Since this an Issue Report, we assume that something unexpected occurred. Note what actually occurred.
If you observed an error message, include that.
If you observed something significant in a log file, include that portion of the log.
Include Enough Details for Searching
Try to think like a Support person, or a Manager, or a new QAer who wasn't familiar with this Issue. What would you search for if you saw these same symptoms happen? If you are lucky enough to have a defect tracking system that includes full-text searching, then make sure to include these important keywords somewhere in the text of your Issue Reports.
If your defect tracking system has a "keywords" field, put them in there.
Explain the Effects on the Customer
Somewhere along the line, your Issue Report will be analyzed for Priority and/or Severity.
If you explain the effects of this problem on the customer, you'll have a better chance that the Issue is properly analyzed. And if the problem makes further testing impossible, make sure to indicate that fact (in this context, you are a customer, too).
Attach Anything Else that Could Help
Attach anything that could help clarify and/or debug the problem.
As they say "a picture is worth 1000 words". So, often attaching a picture of the problem can be very helpful. Log files, test files, etc, can also be attached if they will help reproduce or debug the problem.
Think about whether something is better off being attached (in order to avoid an overly-wordy Issue Report), or included within the body of the Report itself (in order to be useful during a search).
Avoid speculation
Report the facts - what you saw, what you expected to see, and any other symptoms. But in general, avoid speculation as to the root cause of the problem, unless you have sufficient facts to back up your speculation.
Speculation can send the reviewer on a wild goose chase and waste their time. It can also make this bug report appear as a search result for cases where it's not relevant.
Be careful of the tone of your report
Don't use a negative tone in your writing. Remember, your job is to describe the bug so that it can be fixed effectively and efficiently. There's no benefit in criticizing the developer here or the designer - you are their partners, you are both on the same side. Be objective and respectful.
Avoid duplication - search first
You don't want to waste people's time reading issue reports that have already been covered by someone else. And in some shops, you may be penalized for writing such bug reports. So, search first, using the kinds of keywords that you would write into your report if needed.
If the problem has already been written into an issue report, it's sometimes useful to add additional facts if you have them.
A few more bits that may help:
Only one thing i would like to add apart from Joe's contribution.
Don't point out two or more issues in the same bug report. If you feel there appears another different issue when you follow the same steps, raise it separately, otherwise there the chance it get missed.
To expand on the link Phil K mentioned. Cem Kaner published a paper entitled "Bug Advocacy" which you can read about in a 100 page PDF at: http://www.kaner.com/pdfs/bugadvoc.pdf. It also forms the basis for the second BBST course.
Kaner outlines 4 major points of Bug Advocacy: (quoted directly from page 10.)
- The point of testing is to find bugs
- Bug reports are your primary work product. This is what people outside of the testing group will most notice and most remember of your work.
- The best tester isn't the one who finds the most bugs or embarrasses the most programmers. The best tester is the one who gets the most bugs fixed.
- Programmers operate under time constants and competing priorities. For example, outside of the 8-hour workday, some programmers prefer sleeping and watching Star Wars to fixing bugs.
A bug report is a tool that you use to sell the programmer on the idea of spending her time and energy fixing a bug.
I never really thought of it that way - bug reports as our primary work product. Something we can point to and say "this is what I did".
I haven't finished reading it and I'm sure a lot of it applies to the things previously mentioned.
I don't think Kaner mentions this, but I think it's important to remember there is a difference between bugs and issues. Bugs are anything that threatens the value of the product while issues are anything that threatens of the value of testing (or the value of the project and in particular the value of testing). Rapid Software testing teaches us that.
Here are a couple things that I look for in a bug report.
<>". But you can't just say "Go to this function, this order number". Unless it has a problem parsing order numbers that end in 3, giving me order 123 doesn't help. Telling me "an order with multiple back-ordered items", now that's something I can deal with.Some of these might be disguised rants. Well, that's because they are. That's what me, as a developer with no QA team, gets for reports. If people were to boil these down to a simple checklist of 6 items (reproduction steps, desired correct outcome, not actually a feature request, not a duplicate report, is actually not correct behaviour, and properly categorized) I wouldn't mind the reports so much.
Also as a developer, in my organization, I get "specs" from the analysts. They're supposed to go through and define what the correct behaviour is so the reporter doesn't have to. Often times they just send in the report and leave everything to the developer. So if you're putting in guidelines, make sure that the responsibilities are properly defined. Don't make development do everything, don't make the analysts do everything, don't make the QA team do everything, don't make the reporters do everything. Make it clear who is supposed to do what, and hold them accountable. There are dozens of configurations of responsibility you can use, and most of them work as long as you're consistent about who does what.
P.S. Hey analyst guys at my firm. I hope you're reading this! It's not a declaration of war, it's a white flag! :-)
In my company, a good bug report:
Some developers may prefer that the tester attempt to narrow down the problem as much as possible. My developers leave it up to me to decide how much diagnosis to provide.
In my little company, we usually understand each other's abbreviations and assumptions. In larger companies, it may be necessary to use more formal, explicit language.
Finally, I do not recommend blindly following any individual's bug reporting practices. Their circumstances are different from yours. Listen to their advice, then consider how those practices mesh with your own circumstances.
A couple of guidelines in addition to above-listed items
1.Short and meaningful title (which will give the exact problem statement)
2.Repro steps
3.What is the actual result
4.What is the expected result
5.If applicable screenshot/video to get the repro
6.What is the severity of the problem
7.What was the Testing env
8.What was the build no
9.What is the source (Test/PM/Dev/Design etc) of the bug. That means who is logging this bug
10.How found (functional test/performance test/ security test/ design review etc).
11.Assigned to (Triage/Dev/PM)
12.Area/Iteration in source control (where to keep this bug in source control)
Bug reports should have:
Bug reports should contain:
Only publish one bug per report accompanied by:
Please search for duplicates before reporting a bug and ensure summaries are include relevant keywords to make it easier for other users to find duplicates.
Although I am usually against hard coded templates, bug reports are an exception. Depending on the system being used for reporting, I show an empty template when a new bug is created, or add mandatory fields.
Checklist for publishing a good bug report:
More here.
Read Bug Advocacy from Cem Kaner
BBST Bug advocacy course uses RIMGEA acronym that helps you to write and sell effective bug report.
I explained RIMGEA acronym in this blog series.
R stands for Replicate - you need to be able to list a set of steps that will reproduce the bug every time.
I stands for Isolate - eliminate steps that don't impact the bug, so that all you are left with is the shortest possible set of steps to reproduce.
M stands for Maximize - find a way to make the failure happen in the most spectacular way possible.
G stands for Generalize - find a way to take the failure from a corner case to a general problem.
E stands for Externalize - look for consequences to users. Ask yourself who will care about this failure and why?
A stands for Advocate - you need to write a good report that summarizes the results of the previous steps.
The more experienced you are, the less you will need to refer to these steps. They will show in your bug reports.
when you said Guidelines I immediately thought about what we have for a Template of necessary information
most of the answers that I read were very clear about making the report about the issue and not about the people, I totally agree with this and it should be about the facts.
not a long answer but I think keeping the information to the necessary information is key.
I think my previous answer also applies here.
In my opinion, the best possible bug report (assuming that the person that sends the error report does not know the causes of the observed failure) is a bug report with reproducibility information, so that the developers are capable of reproducing the problem.
In several bug tracking sites, for example MySQL, we find literally thousands of bug reports labelled as "can't reproduce" or "can't repeat". Either because the user does not know how a bug should be reported or because the user does not know how to reproduce the error, the issue is the same: reports are sent with little or no historical information on how the error was reached (e.g. a report containing solely the stack trace and/or a memory snapshot and/or a textual description of the event that is both superficial and cumbersome). Sometimes little information is sufficient, but many times it is not, especially in errors that are induced by very specific conditions that take the execution through a very specific path.
Therefore, in short (and in my opinion), a good bug report is one that has sufficient information for the developers to reproduce the observed problem. This is often hard to provide, especially if no logging was performed during the failing execution.
There has been a lot of research in this area in the past decades, but unfortunately, there is no solution that solves all problems. In my case, I believe that record&replay systems (a.k.a. fault-replication systems) are more promising, as they automatically log sources of non-determinism during the user's execution and if/when a failure occurs they create bug-reports capable of deterministic replay. Still, they have problems regarding performance overhead, log size and privacy.
Regarding what makes a good bug report, you may find the following research papers to be interesting:
["What makes a good bug report?", IEEE Transactions on Software Engineering, T. Zimmermann, R. Premraj, N. Bettenburg, J. Sascha, A. Schroter, and C. Weiss]
Presents: i) a survey on how bug reports are used among 2,226 developers and reporters, out of which 466 responded; ii) empirical evidence for a mismatch between what developers expect and what reporters provide; iii) the CUEZILLA tool that measures the quality of bug reports and suggests how reporters could enhance their reports so that their problems get fixed sooner. Publicly available at: http://thomas-zimmermann.com/publications/files/bettenburg-fse-2008.pdf
["Debugging in the (very) large: ten years of implementation and experience", in Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles, K. Glerum, K. Kinshumann, S. Greenberg, G. Aul, V. Orgovan, G. Nichols, D. Grant, G. Loihle, and G. Hunt]
This is a paper from Microsoft regarding ten years of bug report analysis of the Windows Error Reporting System. You can find it publicly available at: http://research.microsoft.com/pubs/81176/sosp153-glerum-web.pdf
["Information needs in bug reports: improving cooperation between developers and users", in Proceedings of the 2010 ACM conference on Computer supported cooperative work, S. Breu, R. Premraj, J. Sillito, and T. Zimmermann]
A paper that analyses the questions asked in a sample of 600 bug reports from the Mozilla and Eclipse projects and also provides some suggestions to improve bug trackers. Link: http://people.ucalgary.ca/~sillito/work/cscw2010.pdf
["Who tested my software? testing as an organizationally cross-cutting activity", 2011 Software Quality Journal, M. Mantyl a, J. Iivonen, and J. Itkonen]
Examines testing activities in different industrial case companies, conducted not only by the specialized testers but also by multiple stakeholders. Link: http://lib.tkk.fi/Diss/2011/isbn9789526043395/article6.pdf
["Survey Reproduction of Defect Reporting in Industrial Software Development", 2011 International Symposium on Empirical Software Engineering and Measurement, Eero I. Laukkanen, Mika V. Mantyla]
Presents a survey of six industrial software development organizations about the defect report information (Seventy-four developers out of 142 completed the survey), from three viewpoints: concerning quality, usefulness and automation possibilities of the information. Link: https://courses.cs.ut.ee/MTAT.03.159/2015_spring/uploads/Main/SWT_bugrep2.pdf
Hope below answer helps:
Bug report provided by QA testing services should be precise so that the developer can understand the issue at once. Therefore, defect description should contain the following information:
a) Summary: The summary should be short and descriptive. It should be created in such a way that the bug base searching can point to the bug efficiently.
b) Pre-requisites: The pre-conditions/ requirements to reproduce the bug should be provided.
c) Steps to Reproduce: Step-wise description to reproduce the defect.
d) Actual Result: A short summary of what is actually happening. It should not be too detailed but should give a clear picture of the defect. It could be extended to 2-3 sentences to describe the observations.
e) Expected Result: The desired behaviour should be described in this section.
f) What's working: In case any workaround is available for the defect or the same functionality is working fine anywhere in the application. Then it should be provided in this section to ease the developer in rectifying the issue on backend.
g) Screen-shot or Video: Attach/Upload the screenshots or video to reproduce and understand the defect.
h) Environment: OS, Browser, Test Application Version details where the defect is occurring
Below is the sample bug report:
Summary: TV is not getting powered on after pressing the 'Power' button from remote.
Pre-requisites: 1) Ensure that TV and remote are available.
Steps to Reproduce: 1) Switch on the TV. 2) Hold the remote. 3) Press 'Power (green)' button from remote. 4) Observe the behaviour.
Actual Result: Power screen flashes for some time and the black screen is displayed.
Expected Result: TV should get started and Home screen should be displayed after clicking the 'Power' button from remote.
What's working: TV is getting started after clicking 'Power' button from TV (button available under TV screen's on border panel).
Environment: TV: Brand/Model
Source: Can you give me sample of bug report you have written?.
I think you must have already got your answer, but if you use a project management tracking tool Like JIRA or TestGear, you have already all these fields just to fill in. So beside that, you need to have excellent communication skills to convey your bug to team in minimum writing effort.
Good Luck
Some great answers already, so just to add a little one:
In a team with any amount of testers greater than one, develop a style guide for bug reporting and stick to it. This will reduce by at least 50% the chance of a coder trying to strangle one of your teammates.
