Coverity Releases New Version of Source Code Analyzer with Ability to Detect Hard-to-Find Concurrency Problems
Share:
Eclipse IDE Integration, Windriver Workbench Integration, Extensive Management Views, and Mac OS X Support Also Added
SAN FRANCISCO, Dec. 13 - Coverity, Inc., makers of the world's most advanced and scalable source code analysis solution, today announced the general availability of Coverity Prevent 2.3, a new version of their flagship product that can automatically identify concurrent programming defects in source code. Prior to this new version of Coverity Prevent, these errors were extremely difficult to diagnose through traditional testing and could result in potentially catastrophic and unpredictable program behavior.
"We've found Coverity Prevent to be an excellent tool to help us uncover programming errors," said Paul Hemson, distinguished engineer, Director of QA at McAfee software. "Coverity could pay for itself by finding a single concurrency defect. These are extremely expensive defects to isolate and fix by traditional methods."
"Concurrency is a costly problem that is extremely difficult to solve," said Theresa Lanowitz, research director at Gartner. "Software development organizations that deal with concurrent programming will see significant cost savings from a solution that finds these defects early in the development cycle."
Concurrent programming has become ubiquitous in many products, ranging from highly responsive user interfaces to massively parallel server clusters in networked environments. As software programs become more complex, different parts of a program are frequently required to work in parallel, often resulting in software defects that are difficult to replicate and debug. Concurrency problems such as race conditions and deadlocks may take months to find because the problem is often the result of complex interactions, such as event timings, that are not easily replicated.
New dual-core processors from AMD, IBM, Sun, and Intel have also contributed to the rise in frustrating defects stemming from concurrent programming. In order to efficiently use dual-core processors, developers must use concurrent programming techniques effectively. To support the growth of concurrent programming, Intel and Microsoft recently added support for the OpenMP Application Program Interface for concurrent programming to their respective compilers.
"Exploiting the performance gains from new dual-core processors will lead to a crisis in software quality unless new programming tools are developed," said Dr. Dawson Engler, associate professor of computer science at Stanford University and chief scientist at Coverity. "With its ability to cover 100% of all paths, static source code analysis is ideally suited to finding concurrent programming errors in large projects."
As one of the most difficult and abstract programming concepts, concurrency raises complex issues that require a great deal of training and experience to be utilized properly. However, in many cases development teams short on manpower will assign inexperienced developers to handle complex concurrency issues. This leads to software defects that have proven nearly impossible to debug with existing tools.
This release of Coverity Prevent focuses on solving three concurrency problems:o Double locks and missing unlocks;o Incorrect lock ordering;o Blocking operations within critical sections.
The new concurrency analyzer finds deadlocks caused by double locks, missing unlocks and lock ordering violations. It also finds cases where "blocking" functions may be called with locks held. These errors can lead to severe and unpredictable performance degradation.
Coverity has also strengthened their partnership with IBM in this release by joining the "Ready for Rational" program. In addition to the Intel and AMD platforms, Coverity Prevent now supports IBM PowerPC-based systems from Apple Computer and the Mac OS X operating system.
In addition to the new integration with IBM's Eclipse platform, Coverity Prevent also now integrates with Windriver's Workbench IDE.
Coverity Prevent also now comes with extensive management views designed to allow development managers to quickly understand the quality of software produced by their development teams. Managers can now see architectural metrics, detect problem areas, evaluate how code base quality and security evolves over a release cycle, and compare results across releases, builds, and components.
About Coverity
Coverity (www.coverity.com), makers of the world's most advanced and scalable source code analysis solution for pinpointing software defects and security vulnerabilities, is a privately-held company headquartered in San Francisco. Coverity was founded in 2002 by leading Stanford University scientists whose four-year research project resulted in a breakthrough approach for addressing the costliest problem in the software industry. That research breakthrough allows developers to quickly and precisely eliminate software defects and security vulnerabilities in tens of millions of lines of new or legacy code. Today, Coverity's solution is used by more than 85 leading companies to significantly improve the quality of their software, including Juniper Networks, Symantec/VERITAS, McAfee, Synopsys, NASA, PalmOne, Sun Microsystems and Wind River.
Media Contacts:
Craig Oda
Page One PR for Coverity
coda@pageonepr.com
650-565-9800 x102
Rob Rachwald
Senior Director of Marketing
rob@coverity.com
415-613-4008
Source: Coverity, Inc.
Web site: http://www.coverity.com/
