]> pere.pagekite.me Git - homepage.git/blob - blog/data/2009-05-02-coverity.txt
projects / homepage.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Ny entry.
[homepage.git] / blog / data / 2009-05-02-coverity.txt
1 Title: Two projects that have improved the quality of free software a lot
2 Tags: english, debian
3 Date: 2009-05-02 15:00
4
5 <p>There are two software projects that have had huge influence on the
6 quality of free software, and I wanted to mention both in case someone
7 do not yet know them.</p>
8
9 <p>The first one is <a href="http://valgrind.org/">valgrind</a>, a
10 tool to detect and expose errors in the memory handling of programs.
11 It is easy to use, all one need to do is to run 'valgrind program',
12 and it will report any problems on stdout. It is even better if the
13 program include debug information. With debug information, it is able
14 to report the source file name and line number where the problem
15 occurs. It can report things like 'reading past memory block in file
16 X line N, the memory block was allocated in file Y, line M', and
17 'using uninitialised value in control logic'. This tool has made it
18 trivial to investigate reproducible crash bugs in programs, and have
19 reduced the number of this kind of bugs in free software a lot.
20
21 <p>The second one is
22 <a href="http://en.wikipedia.org/wiki/Coverity">Coverity</a> which is
23 a source code checker. It is able to process the source of a program
24 and find problems in the logic. It started out as the Stanford
25 Checker and became well known when it was used to find bugs in the
26 Linux kernel. It is now a commercial tool and the company behind it
27 is running <a href="http://www.scan.coverity.com/">a community
28 service</a> for the free software community, where a lot of free
29 software projects get their source checked for free. Several thousand
30 defects have been found and fixed so far. It can find errors like
31 'lock L taken in file X line N is never released if exiting in line
32 M', or 'the code in file Y lines O-P can never be executed'. The
33 projects included in the community service project have managed to get
34 rid of a lot of reliability problems thanks to Coverity.</p>
35
36 <p>I believe tools like this, that are able to automatically find
37 errors in the source, are vital to improve the quality of software and
38 make sure we can get rid of the crashing and failing software we are
39 surrounded by today.</p>
Nettsider og blogg.