]> pere.pagekite.me Git - homepage.git/blob - blog/data/2009-05-02-coverity.txt
projects / homepage.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
A bit more.
[homepage.git] / blog / data / 2009-05-02-coverity.txt
1 Title: Two projects that have improved the quality of free software a lot
2 Tags: english, debian
3 Date: 2009-05-02 15:00
4
5 <p>There are two software projects that have had huge influence on the
6 quality of free software, and I wanted to mention both in case someone
7 do not yet know them.</p>
8
9 <p>The first one is <a href="http://valgrind.org/">valgrind</a>, a
10 tool to detect and expose errors in the memory handling of programs.
11 It is easy to use, all one need to do is to run 'valgrind program',
12 and it will report any problems on stdout. It is even better if the
13 program include debug information. With debug information, it is able
14 to report the source file name and line number where the problem
15 occurs. It can report things like 'reading past memory block in file
16 X line N, the memory block was allocated in file Y, line M', and
17 'using uninitialised value in control logic'. This tool has made it
18 trivial to investigate reproducible crash bugs in programs, and have
19 reduced the number of this kind of bugs in free software a lot.
20
21 <p>The second one is
22 <a href="http://en.wikipedia.org/wiki/Coverity">Coverity</a> which is
23 a source code checker. It is able to process the source of a program
24 and find problems in the logic without running the program. It
25 started out as the Stanford Checker and became well known when it was
26 used to find bugs in the Linux kernel. It is now a commercial tool
27 and the company behind it is running
28 <a href="http://www.scan.coverity.com/">a community service</a> for the
29 free software community, where a lot of free software projects get
30 their source checked for free. Several thousand defects have been
31 found and fixed so far. It can find errors like 'lock L taken in file
32 X line N is never released if exiting in line M', or 'the code in file
33 Y lines O to P can never be executed'. The projects included in the
34 community service project have managed to get rid of a lot of
35 reliability problems thanks to Coverity.</p>
36
37 <p>I believe tools like this, that are able to automatically find
38 errors in the source, are vital to improve the quality of software and
39 make sure we can get rid of the crashing and failing software we are
40 surrounded by today.</p>
Nettsider og blogg.