InfoQ

News

Coverity Readiness Manager Brings Quick Visibility to Code Characteristics

Posted by Scott Delap on Sep 09, 2008 09:33 AM

Community
Java
Topics
Performance & Scalability
Tags
Testing ,
Coverity ,
Code Coverage

Coverity recently released the first version of their new product Software Readiness Manager for Java. Software Readiness Manager collects and analyzes essential data from multiple sources and provides analysis on aspects such as as code complexity, violation of best practices, architectural integrity, interdependencies, and test coverage. It provides development managers with insight to assess risk, prioritize refactoring, and assess software readiness.

In addition to Software Readiness Manager also makes a number of other Java code analysis tools. InfoQ recently sat down with Andy Chou, chief scientist at Coverity, to discuss Coverity Prevent and Thread Analyzer.

Coverity Prevent for Java was a result of the C++ version of the product. What was the inspiration for Thread Analyzer?

 

We saw the trend towards multicore processors, and from experience we knew that multithreaded programs would begin to behave differently on this new hardware. Specifically, problems such as race conditions and deadlocks that lie dormant could suddenly become major problems. These problems are among the most difficult to debug because they are very hard to reproduce. Our static analysis product, Coverity Prevent, also detects concurrency defects, but we knew that dynamic analysis could complement the static results by finding even more concurrency defects during testing. This led us to develop Thread Analyzer, and so far the response from our customers has been very positive.

How would you define the ROI proposition for Thread Analyzer in comparison to profiling tools such as Yourkit?

 

Thread Analyzer is focused on some of the most pernicious problems in programming multithreaded code. It can take days to weeks to reproduce and find a concurrency defect. Even after isolating a problem down to a few crucial lines of code, it can be difficult to untangle the interleaved events required to make a race condition or deadlock occur.

Thread Analyzer makes these very clear and reproducible, so it can provide tremendous savings when it finds a problem that's currently being debugged or, better yet, while an application is being tested. Profiling tools do quite a few things, including breaking down where time and memory is being spent in an application. I would say that they are complementary tools, and the value of each depends on the kind of application being developed and situation at hand.

A recent meme from the blogsphere has been Open Source is Killing Commercial Developer Tools. How has open source effected your business?

 

Open source has been a boon for our business -- every code base provides an extensive test of our static analysis system, and we've used that to great advantage by tuning our algorithms to minimize false positives and maximize bugs found, all without having to leave the lab. We are also proud to provide the open source community with defects found by our tools at Scan (http://scan.coverity.com). So far over 8000 defects have been fixed by open source developers looking at the Scan results. In terms of open source tools, they do have an effect on the developer tools market, but we find that there is plenty of room for tools that use advanced technologies, provide enterprise features and support, and are diligent about investing in their core value to stay ahead. Tools that attempt to be cash cows without improving themselves -- they get run over by open source."

What is the number one issue that you have seen for Java developers creating multithreaded applications?

 

Originally we thought that race conditions would be the most important problem, because they can cause data corruption and they are especially hard to work backwards to find a root cause. However, we've bene surprised that many customers tell us that deadlocks are even more important to them because they can cause an application to completely halt. Even in our own internal development, our enterprise architect has said that he views deadlocks as a major problem in testing and deploying enterprise applications on the Java platform. These views may reflect some lack of awareness that race conditions can cause serious data corruption... Deadlocks are immediately apparent, whereas race conditions may not ever be noticed, depending on the nature of the race.

What features are you working on for the next version of Thread Analyzer?

 

We plan on a tighter integration with our static analysis products, so they can share information with each other to help improve performance and find even more defects. We also plan on working on detecting concurrency problems in distributed programs that use multiple servers. Finally, we're exploring integration with platform vendors to reach a much wider audience with Thread Analyzer

Related Sponsor

The Adobe Flash Platform provides everything you need to develop applications, content and video across operating systems and devices.

No comments

Watch Thread Reply

Educational Content

Bindings, Platforms, and Innovation

This presentation focuses on the Internet and separating myth from fact, history from the future, and the mundane from the imaginative. Bob Frankston presents a vision of what could and should be.

  •  Jul 02, 2009,
  •  

Orchestrating Long Running Activities with JBoss / JBPM

This article explores the use of JBoss and jBPM to implement design solutions that effectively address the issue of orchestrating long running activities.

  •  Jul 01, 2009,
  •  

Neo4j - The Benefits of Graph Databases

This presentation covers the use of graph databases as an optimal solution for data that is difficult to fit in static tables, rapidly evolving data or data that has a lot of optional attributes.

Realistic about Risk: Software development with Real Options

This session introduces Real Options and shows how it can help in running your project. Real Options is a decision-making process that can be used to manage risk.

  •  Jun 30, 2009,
  •  

Communication Flexibility Using Bindings

This article discusses the use of bindings on services and references (including the instance of non-configured bindings) as the means to implement SCA communications in a Web and SOA environment.

  •  Jun 30, 2009,
  •  

Writing DSLs in Groovy

After a short introduction to DSLs, Scott Davis plays with the keyboard showing how to approach the creation of a DSL by typing working snippets of Groovy code that get executed.

Scaling Agile with C/ALM (Collaborative Application Lifecycle Management)

IBM Rational and InfoQ present, Scaling Agile with C/ALM, an eBook showing organizations how to become “finely tuned software delivery machines” by enabling team integration and scaling.

Concurrent Programming with Microsoft F#

Amanda Laucher presents a real life enterprise application written in F#. She shows actual code snippets, explaining design decisions and suggesting how to use some of the F# constructs.