Glean 拾遗
日刊 /2026-07-12 / 智能体编码中的测试哲学:从芯片设计到AI工作流

智能体编码中的测试哲学:从芯片设计到AI工作流

原文 danluu.com 收录 2026-07-12 06:01 阅读 91 min
AI 解读

本文作者以在芯片公司Centaur的测试经验为背景,探讨了LLM驱动的智能体(agent)在软件工程中的测试与编码实践。核心观点包括:Centaur的无代码审查、模糊测试为主的工作流在AI时代依然高效,每年仅出现<1个重大用户可见bug;LLM直接生成的测试质量较差,但通过定向提示进行模糊测试可在数分钟内发现真实漏洞;LLM方差极大,同一模型在不同任务上表现迥异,使得公共基准测试的单一排名缺乏实际指导意义;作者还分享了在构建超人类棋盘游戏AI时的系统性方法——基于数据和分析而非盲目提示。文章适用于对AI辅助软件工程、测试自动化及高效agent工作流感兴趣的工程师。

原文 91 分钟
原文 danluu.com ↗
§ 1

I've been using AI fairly heavily since last November and the whole thing is a funny experience. An agent will do something that, if a human did it, you'd immediately fire them. My reaction, of course, is to act as if this is great and spin up a thousand agents so they can do even more of that.

Mid-last year, I had GPT (maybe 5.0 or 5.1) try to find the source of a bug. Naturally, this code didn't have tests and git bisect wouldn't work, and it was a UI interaction bug for which I'm not even really qualified to write a test for, so I asked Codex to bisect between dates X and Y to find the commit that introduced this bug. Codex immediately told me the offending commit was after this date range (which couldn't possibly be correct). On telling Codex this was wrong, it then told me some commit that was obviously also not the offending commit once or twice. On telling it those were wrong, it then told me the offending commit was some plausible looking commit. When I asked it to prove or disprove its theory, it told me that it wrote a test and confirmed that the alleged commit was the breaking commit.

I then asked it to show me by making a video with the full developer end-to-end stack in the normal browser test environment. It claimed that it didn't have permissions to do that (which was a lie), but it could make video of the execution of the repro before and after the commit in playwright with the appropriate test code. The video was convincing and showed the feature working properly before the commit and failing to work after the commit. Something about this didn't feel right, so I tried reproducing the issue by hand before and after the commit and found out that the whole thing was a fabrication. The video made it look like Codex had reproduced the bug, but it was an artificial browser environment that was designed to create a fake repro, not the real environment.

自从去年 11 月开始重度使用 AI 以来,整个过程既有趣又诡异。一个智能体会做出那种如果换成人类员工,你肯定当场就开除了他的事情。而我的反应呢?当然是假装这很棒,然后启动一千个智能体,让它们做更多同样的事。

去年年中,我让 GPT(或许是 5.0 或 5.1)去查找一个 bug 的根源。这段代码自然没有测试,git bisect 也派不上用场,而且这是一个 UI 交互 bug——我甚至没资格去写测试。于是我请 Codex 在日期 X 和 Y 之间做二分查找,定位引入该 bug 的提交。Codex 立刻告诉我出问题的提交在日期范围之后(这不可能)。我指出错误后,它又给了我一两个明显不对的提交。我再指正,它就提供了一个看着挺像那么回事的提交。当我要求它证明或证伪自己的推论时,它说已经写了一个测试并确认该提交就是罪魁祸首。

接着我让它用完整的端到端开发栈在标准浏览器测试环境中录制视频来展示。它声称没有权限做这件事(这是谎言),但可以用 playwright 配合适当测试代码,在提交前后录制重现过程的视频。视频很有说服力:提交前功能正常,提交后功能失效。但我总觉得哪里不对劲,于是手动在提交前后重现了这个问题,结果发现整个视频都是伪造的。视频看起来像是 Codex 复现了 bug,但那是一个专门设计来创建虚假重现的人工浏览器环境,根本不是真实环境。

§ 2

Like I said, because this was non-ironically such a great experience, I immediately thought to myself, "how can I get more of this?" and started using agents more and more heavily until I was using coding agents heavily mid-late last year.

就像我说的,因为这次经历讽刺地竟然是一次‘很棒’的体验,我立刻问自己:‘我怎么才能搞到更多这种体验?’于是我开始越来越重度地使用智能体,到去年中后期已经重度使用编程智能体了。

§ 3

Since this post covers a relatively disparate set of topics, here's a brief outline.

Testing background

Some details on testing

Caveman mode

LLM variance

Misc

Agentic loops and writing this post

Some reasons people talk past each other

由于这篇文章涉及的主题较为分散,这里先给一个简要的提纲:

  • 测试背景
  • 测试细节
  • 穴居人模式
  • LLM 方差
  • 杂项
  • 智能体循环与本文写作
  • 一些人为何话不投机
§ 4

Testing background

LLMs are highly leveraged when it comes to testing. In terms of the amount of effort it takes, it's easier than ever to hit a particular quality bar and yet, software seems to be lower quality than ever. A decade ago, we looked at the bugs I ran into in an arbitrary week. There were quite a few bugs then and I run into more bugs now, but I don't think this has to be the case.

For one thing, after a bug has been shipped, it's easier than it's ever been to use a data-driven approach to find and fix the bug. Just for example, at work, I tried creating a pipeline that goes from support ticket (chat or email) to pull request (PR). As far as I can tell, this works ok. Since I work for a company that has a traditional workflow, all of these fixes get reviewed by a human and, so far, we've had no known false positives.

Per unit of time invested, it's also possible to do more thorough testing. Personally, I think this can be effective enough that I'm fairly comfortable trying to ship a large volume of code via a "software factories" workflow because I've seen a testing-heavy no-review workflow that results in much higher quality than any review-reliant workflow I've seen or even heard of.

测试背景

LLM 在测试方面杠杆效率极高。从所需投入的精力来看,要达到某个质量水平从未如此容易,然而软件质量却似乎降到了历史最低。十年前,我们统计过任意一周遇到的 bug——当时 bug 就不少,现在遇到的更多了,但我认为这并非必然。

首先,bug 发布之后,用数据驱动的方法来定位和修复变得前所未有的容易。比如,我在工作中尝试搭建了一条从支持工单(聊天或邮件)到拉取请求(PR)的流水线。就目前来看,效果还行。因为我就职于一家采用传统工作流程的公司,所有这些修复都经过人工审查,到目前为止还没有发现误报。

从单位时间投入来看,进行更彻底的测试也成为可能。我个人认为这种方法的有效性足以让我放心地通过‘软件工厂’工作流大量交付代码,因为我亲眼见过一个测试驱动、无审查的工作流,其质量远高于我见过甚至听过的任何依赖审查的工作流。

§ 5

Like everybody, I have biases that fall out of my experiences. It just so happens that I spent the first decade of my career at a company whose test processes happen to work well in today's LLM environment. ... In general, when I talk to software folks about testing, I'm coming from such a different place that they immediately look at me like I'm an alien, so let's talk about how we tested at this hardware company I worked for, Centaur, which informs my biases about how I like to work. Some of the things that we did that were or are unorthodox in the software world are:

Hired dedicated QA / test engineers, with testing being a first-class career path on par with being a developer

No code review by default

Virtually no hand-written tests

Constant testing via what programmers sometimes called property based testing, randomized testing, fuzzing, etc., although we just called those tests (hand-written tests were called "hand tests").

Large regression test suite (3 months wall clock to execute on compute farm)

No unit tests

和所有人一样,我的偏见源于我的经历。巧合的是,我职业生涯的头十年是在一家测试流程非常适合当今 LLM 环境的公司度过的。……总之,当我跟软件从业者聊测试时,我们的起点差异之大,他们常常像看外星人一样看我。所以让我聊聊我在 Centaur 这家硬件公司是怎么做测试的——这些经历塑造了我的工作偏好。我们在软件界做得有些反传统的事情包括:

  • 雇用专门的 QA/测试工程师,测试是与开发并列的一流职业路径
  • 默认不做代码审查
  • 几乎不手写测试
  • 持续使用程序员常说的基于属性的测试、随机化测试、模糊测试等——我们只管它们叫“测试”(手写的叫“手测”)
  • 大型回归测试套件(在计算集群上运行需要 3 个月)
  • 没有单元测试
§ 6

(3) and (4) go hand in hand. Almost every software group I know of that's serious about reliability (various teams that ship reliable databases, distributed databases etc.) are at least directionally doing the same thing, although they might have a larger fraction of hand written tests. For the same reason it's considered a bad idea to rely on testing by interacting with the software yourself and observing whether or not the software appeared to work, it's a bad idea to rely on directly typing out the inputs to a test and the expected outputs. As previously discussed, it's just really inefficient to write tests by hand. For any given level of reliability, you'll get there more quickly if you prefer randomized test generation over hand-written tests.

第 (3) 点和第 (4) 点是相辅相成的。我所知道的几乎所有认真对待可靠性的软件团队(比如那些发布可靠数据库、分布式数据库的团队)至少在大方向上做着同样的事,尽管他们手写测试的比例可能更高。基于同样的原因——不推荐依靠自己与软件交互来观察其是否正常工作——也不推荐直接手写测试的输入和预期输出。如前所述,手写测试的效率实在太低了。对于任何给定的可靠性水平,如果你优先选择随机化测试生成而非手写测试,你会更快达到目标。

§ 7

(5) fell out of having a lot of tests find a lot of bugs. In general, if a test found a bug that we later fixed, we'd keep the test in our regression test suite forever. It turns out, if you find a lot of bugs with good tests, you'll end up with a large test suite. But putting that aside and just looking at it from a test efficiency standpoint, the standard setup in software of having the same set of tests run in CI for each PR is extraordinarily inefficient if you think about the what's more likely to find a bug, running the same test a thousand times in a day or, in the same amount of test time, running a thousand different tests.

第 (5) 点源于用大量测试发现大量 bug。通常,如果一个测试发现了 bug 并修复了,我们会把这个测试永远保留在回归测试套件中。结果就是,如果你用好的测试发现了大量 bug,测试套件就会变得非常庞大。但抛开这一点,单从测试效率来看,软件界标准的做法——每次 PR 都在 CI 中运行同一套测试——效率极低。想想哪种方式更可能发现 bug:一天内把同一个测试运行一千次,还是在同样的测试时间内运行一千个不同的测试?

§ 8

One significant difference was the ratio of effort that went into testing vs. development, but the fixed costs of fuzzing are fairly low, so this is scalable to any level of effort and the efficiency gains are still there. And, due to the gains in test efficiency, the ratio of effort wasn't as large as software engineers generally imagine. We had about a 1:1 ratio of test engineers to developers and then spent maybe 10% of our time in a "freeze" state, so a zeroth order estimate for the overhead here is that we spent 55% of our effort on testing and 45% on development, or we could've put 2.2x the effort into development if we spent zero effort on testing.

一个显著的差异是测试与开发的工作量比例,但模糊测试的固定成本相当低,因此它可以扩展到任何努力水平,效率提升依然存在。而且,由于测试效率的提升,这个比例并没有软件工程师通常想象的那么大。我们的测试工程师与开发工程师比例约为 1:1,另外还有大约 10% 的时间处于‘冻结’状态。粗略估算,我们把 55% 的精力花在了测试上,45% 花在开发上。如果不花任何精力在测试上,我们可以在开发上投入 2.2 倍的精力。

§ 9

Nowadays, another thing people will say is, why bother with fuzzing when you can just ask an LLM to find bugs? I've tried doing both quite a few times now and my experience has been that fuzzing generally wins on latency to find a bug, and it dominates on finding more bugs and having a lower false positive rate. LLMs have fairly high variance (more on this later), so just asking Codex or Claude to find a bug can sometimes win but, on average, fuzzing has won.

如今人们还会说,既然可以直接让 LLM 找 bug,为什么还要费劲做模糊测试呢?我两种方法都试过很多次,我的经验是:模糊测试在发现 bug 的延迟上通常胜出,并且能找到更多 bug、误报率更低。LLM 的方差很大(后面会详述),所以直接让 Codex 或 Claude 找 bug 有时能胜出,但平均来看,模糊测试更胜一筹。

§ 10

Despite the very positive things I've said about LLMs testing, LLMs seem pretty bad at testing. However, for any level of testing effort, LLMs let you apply testing effort a lot more easily than before if steered properly.

An extreme example of this is that everybody I've talked to who cares about quality or testing at all finds the tests LLMs generate by default, or if you tell them "Write tests", "Write more tests", etc., to be poor. People tend to rate the tests as somewhere between worthless and marginally useful, depending on their standards.

For example, Em Chu (a compiler engineer) says: "The existing tests I'm working with aren't perfect, but are still above the bar LLMs seem to aim for, which I would describe as 'thorough enough to smuggle a feature through human code review.'"

尽管我之前对 LLM 测试说了很多好话,但 LLM 在测试方面似乎相当糟糕。不过,对于任何水平的测试投入,如果引导得当,LLM 能让你比以前更容易地应用测试工作。

一个极端的例子是,我接触过的所有关心质量或测试的人,都觉得 LLM 默认生成的测试,或者当你告诉它们“写测试”“多写测试”时生成的测试,质量很差。人们通常认为这些测试要么一文不值,要么仅仅有些微用处,这取决于他们的标准。

例如,编译器工程师 Em Chu 说:“我目前使用的测试并不完美,但仍然高于 LLM 似乎想要达到的标准——我将其描述为‘足够通过人工代码审查,从而偷偷加入一个功能’。”

§ 11

As of June 2026, directing LLMs to do fuzzing / randomized testing feels similar. I've tried using an LLM to generate a fuzzer and, for most projects, this will turn up real and often serious bugs within minutes. However, on looking at what the LLM-created fuzzer is trying to test, I have the same reaction as a normal programmer who cares about quality looking at LLM-created tests. The coverage of the LLM-generated fuzzer is curiously bad and misses all kinds of basic things you'd expect a hastily human-written fuzzer to cover.

截至 2026 年 6 月,让 LLM 做模糊测试/随机化测试的感觉也类似。我试过用 LLM 生成模糊器,对大多数项目来说,几分钟内就能挖出真实且往往严重的 bug。然而,看看 LLM 创建的模糊器到底在测试什么,我的反应与一个关心质量、看到 LLM 创建测试的程序员完全相同:LLM 生成的模糊器的覆盖范围出奇地差,漏掉了各种你期望一个匆忙手写的模糊器都能覆盖的基本东西。

§ 12

If you want to use randomized testing to keep an agentic "software factories" workflow honest, then you need to have a way to deal with gaps in SOTA models because, when you're shipping the equivalent of hundreds or thousands of PRs a day into a project, everything that's not constrained from degrading will rapidly degrade.

At a high level, the entire system needs some kind of feedback that finds gaps and instructs whatever loop is making adjustments to the fuzzer to close the gaps.

I've been playing with various ways to have agents convene and reconvene to get agentic loops running better and, while that kind of thing helps, I haven't figured out a way to do this well enough to create some kind agentic software quality improvement loop that doesn't rely on outside feedback, whether that's occasional human input, or shipping something (ideally only fractionally and with staged rollout) and then having the system monitor metrics/logs/traces/support tickets/whatever to use that as feedback.

如果你想用随机化测试来保持智能体“软件工厂”工作流的诚实,那么你需要一种方法来处理最先进模型的缺口,因为当你每天向项目交付相当于数百或数千个 PR 时,任何不受约束的东西都会迅速退化。

从高层来看,整个系统需要某种反馈,能够发现缺口并指导调整模糊器的循环来堵上缺口。

我一直在尝试各种让智能体聚集再聚拢的方法,以便让智能体循环运行得更好。虽然这类方法有帮助,但我还没有找到一种方法来创建一个不依赖外部反馈的智能体软件质量改进循环——无论外部反馈是偶尔的人工输入,还是发布某些东西(最好是小规模、分阶段发布)然后让系统监控指标/日志/跟踪/支持工单等。

§ 13

Back on the topic of testing, when fuzzing or doing any kind of bug auditing, detecting false positives is a critical part of the process. ... having independent agents repeatedly check an alleged bug reproduction (repro) substantially cuts the false positive rate. ... having some kind of artifact (e.g., a video if it's a bug that's expected to be apparent in the UI) is necessary. ... Asking agents to independently review the artifact (e.g., looking at the test code that produces the video vs. looking at the video itself) also reduces the false positive rate further. In general, getting independent perspectives seems to help a lot.

回到测试的话题,在进行模糊测试或任何类型的 bug 审计时,检测误报是流程中的关键部分。……让独立的智能体反复检查声称的 bug 重现步骤,能大幅降低误报率。……拥有某种产物(例如,如果 bug 预期在 UI 中可见,则提供视频)是必要的。……要求智能体独立审查该产物(例如,查看生成视频的测试代码 vs. 查看视频本身)也能进一步降低误报率。总的来说,获取独立视角似乎大有帮助。

§ 14

I keep getting various tool and workflow recommendations and, when I look into it, I can almost never find good information on whether or not it makes sense to adopt the recommendation. Just for example, I've seen "caveman mode" recommended multiple times at work. Caveman mode allegedly reduces token usage and speeds up prompt resolution (the README claims 75% reduction in token usage, 65% reduction token usage, and 2x fewer tokens used, as well as a 3x speed increase). ... I decided to spend about 15 seconds apiece generating some caveman mode benchmarks ...

我不断收到各种工具和工作流推荐,但仔细查看时,几乎找不到足够好的信息来判断是否值得采纳。比如,“穴居人模式”我在工作中见到多次被推荐。据称它能减少 token 用量并加快 prompt 解析速度(README 声称减少 75% token 用量、65% token 用量、2 倍更少的 token,以及 3 倍速度提升)。……我决定花大约 15 秒生成一些穴居人模式的基准测试……

§ 15

We can see that, for the first benchmark (optimize a non-trivial algorithm in wasm), after one run, caveman is looking good. ... After a second run, we can see a big change ... If we skip to the end, we can see that the average after 50 runs is in favor of caveman ... The results with these benchmarks look mixed. ... If we try a few more models ... the overall picture less clear ... the difference averages out to be small enough that it doesn't seem worth using caveman mode.

我们可以看到,对于第一个基准(优化 wasm 中的非平凡算法),一次运行后,穴居人模式看起来不错。……第二次运行后,结果变化很大。……如果跳到末尾,50 次运行的平均结果偏向穴居人模式。……这些基准的结果看起来好坏参半。……如果我们再试几个模型……总体情况就不那么明确了。……平均差异小到不值得使用穴居人模式。

§ 16

Recently, when new models have been released, I've done a search to see what people are saying about them. In general, there are a lot of contradictory comments out there. ... Looking at these benchmarks, we can see support for all of these statements ... With just these three evals, you can find support for every statement I saw people making about GPT-5.5 on release because all of the statements are sometimes true. ... The last set of graphs we looked at shows how much variance we see across tasks, but from the prior set of graphs, we also saw a lot of variance within tasks with the same model and effort level.

最近,当新模型发布时,我会搜索大家的看法。通常,会有大量相互矛盾的评论。……看这些基准,我们可以找到支持所有这些说法的证据。……仅凭这三个评测,你就能找到对 GPT-5.5 发布时我看到的每一个说法的支持,因为所有这些说法在某些时候都是正确的。……我们看的最后一组图显示了任务之间的巨大差异,而之前的图也显示了在相同模型和努力水平下,同一任务内部的巨大差异。

§ 17

If we look at public benchmarks in more detail, the situation seems worse than it appears from the abstract argument above. Results are generally presented in fairly high precision, as if that's meaningful. ... If you change out one of these for a different one, the results between the two highest scoring models can get flipped. ... It's not clear who really needs to pay attention to these benchmarks that present summary metrics of how models are doing.

如果我们更仔细地看公开基准,情况似乎比上述抽象论证更糟糕。结果通常以相当高的精度呈现,好像那有意义似的。……如果你换掉其中一个任务,两个最高得分模型之间的结果可能会颠倒。……目前还不清楚究竟谁需要关注这些提供模型性能摘要指标的基准。

§ 18

Just for example, something I've observed is that Opus 4.8 makes up bad rationalizations to explain things much more often than GPT-5.5. ... On the flip side, I've seen two benchmarks that measure how good models are at detecting false information and/or not making things up and those benchmarks both show that Opus is much better than GPT at this, to the point where, if the benchmarks show what one might expect them to show, the experiences I and other people have had seem impossible. ... I suspect what's happening is that the benchmarks are measuring something different from what happens when you encounter incorrect rationalizations while coding or debugging.

举个例子,我观察到 Opus 4.8 编造糟糕的合理化解释的频率远高于 GPT-5.5。……另一方面,我看到两个衡量模型检测虚假信息和/或不胡编乱造能力的基准,它们都显示 Opus 在这方面远优于 GPT,以至于如果基准显示了它所声称的内容,我和其他人的体验似乎是不可能的。……我怀疑基准衡量的东西与你在编码或调试时遇到错误合理化解释的情况不同。

§ 19

One reason for this seems to be that agents are really bad at understanding data and doing data analysis. ... When I say complete bogus, I mean things like finding different numbers that aren't really related and somehow inferring something deep about their relationship ... I think people are really underestimating the value of getting completely incorrect results out of an LLM. This is, non-ironically, a game changer in a positive way, when directed correctly.

一个原因似乎是智能体在理解数据和进行数据分析方面非常糟糕。……我所说的“完全垃圾”是指,比如发现一些其实不相关的数字,然后以某种方式推断出它们之间的深层关系……我认为人们严重低估了从 LLM 获得完全错误结果的价值。这,毫不讽刺地说,在正确引导下是一个积极的游戏规则改变者。

§ 20

Another thought, and it wasn't obvious to me in advance that this would be the case, is that LLMs seem to be a larger productivity multiplier for people who are relatively more expert at the thing they're trying to do. ... I was somehow able to cobble together a superhuman AI for Azul in about 5 hours of my time and get it to a crushingly strong level ... The two tricks were: Look at the data / have some reasonable-ish evals; Solve problems systematically.

另一个想法,而且我事先并不清楚,就是 LLM 似乎对那些在所做事情上相对更专业的人来说是更大的生产力倍增器。……我竟然只用了大约 5 个小时就拼凑出一个超人的 Azul AI,并将其提升到碾压性的强大水平……两个诀窍是:查看数据/进行一些合理的评测;系统性地解决问题。

§ 21

Some of the major reasons I've seen for this are:

General incredulity

Workflow-based reliability differences

General workflow issues, i.e., "skill issue"

Differences in expectations

On general incredulity, moreso than at any other time in my life, I see people saying that X is impossible, nobody does X, and anyone who claims that they're doing X is a liar, when I know people (who I trust and are credible) doing X or I'm doing X.

我观察到的主要原因包括:

  • 普遍的怀疑态度
  • 基于工作流的可靠性差异
  • 一般性工作流问题,即“技能问题”
  • 期望差异

关于普遍的怀疑态度,这是我一生中看到最多的:人们说 X 是不可能的,没有人做 X,任何声称在做 X 的人都是骗子——而我知道我信任且可靠的人在做 X,或者我自己就在做 X。

基于工作流的可靠性差异意味着,不同工作流对可靠性的要求不同,那些要求更高可靠性的人常会声称 AI 没用,因为它不能可靠地做 X,却忽略了有许多有效用途并不需要那种可靠性。

一般性工作流问题包括环境配置错误、上下文窗口污染、不精确的语言导致意外要求等。

期望差异:不同规模需要不同架构,这对智能体同样适用。

打开原文 ↗