Firebird Coverity tests results
I’m publishing the results of the coverity tests ran against Firebird 2.0 at 6/March/2006. For those who doesn’t know what is this: some months ago, USA government sponsored some companies to find bugs in popular Open Source projects, in a way to make them more secure. Firebird was in the software list. Now the first results are being published.
The source code is analyzed by the automated Coverity Tool, which process the source code and build automated reports with possible problems found.
The results I’m publishing doesn’t have the internal hyperlinks that allows to jump directly to the “faulting line” in the source code, as well the detailed information about each problem, since this would require access to the authenticated coverity servers and most of you don’t have the necessary login info.
Click here to see the resullts. More detailed comments about this to come in the next days. Also, keep in mind that automated tools can be fooled by the code, what means that some code can be reported as problematic while it isn’t.
Note: The tests are being run against Firebird 2.0 source code. As you know, FB 2.0 is still in BETA, and that’s why we have betas… to detect and correct bugs.
Loading...
It looks like all bugs (or whatever) come from ICU, except a few from gpre 😉
From my calculations, we’ve got 0.653 *potential* bugs per 1000 lines of code, which isn’t that bad when we take into account that we have almost 3mil lines of code 😉
Pavel, from results I see that we have 250,428 lines of code, plus 111,409 lines of comment and 49,984 blank lines.
They have run this test 14 times, right? And sum of all lines of code tested is 3,408,860…
Am I wrong here?
Check Claudio comments here.