Code analysis vendor Coverity reports that the number of defects in open source projects is on the decline. Coverity has created a Web site for analyzing the programming code of open source projects. Among the code submitted by open source projects and developers over the past three years, "defect density" has declined 16 percent and some 11,200 defects have been eliminated.
Coverity assigns projects to a series of Rungs depending on how many defects they resolve. Defects in Samba, tor, OpenPAM, and Ruby discovered during Rung 1 and 2 have been resolved, and the projects have been granted top-level Rung 3 status. The Web site, which uses static analysis tools, has analyzed more than 60 million unique lines of code from 280 projects.
Static analysis is often most helpful for finding "structural 'anti-patterns' in code, poor programming practices that can result in performance and security issues like memory leaks and buffer overflows as well as more exotic conditions like errors due to parallel execution of code in a multicore CPU environment," says Forrester Research analyst Jeffrey Hammond.
From IDG News Service
View Full Article
Abstracts Copyright © 2009 Information Inc., Bethesda, Maryland, USA