Posted on January 3, 2010, 12:43 am |
no responses
Coverity, the leader in improving software quality and security automatically, has introduced a sophisticated new concurrency defect detection capabilities in Coverity Prevent™, the company’s flagship static code analysis solution for C/C++ and Java. This new technology introduces the first static defect detection of race conditions, one of the most difficult to find concurrency errors that occurs in multi-threaded applications. This new capability will benefit developers by automatically identifying race conditions in addition to other concurrency defects early in the development cycle where they are most cost effective to eliminate.
“To remain competitive, software companies need to support multi-core hardware, which will make multi-threaded applications inevitable for most developers,” said Theresa Lanowitz, founder of Voke, a technology analyst firm. “The challenge for developers is that multi-threaded applications add complexity to the application lifecycle, requiring new expertise and technology to maintain application quality and security.”
Race condition defects have been responsible for some of the most notorious failures in software. For example, race conditions in the software of the Therac-25 radiation therapy machine were cited as contributing to the death of five patients. Race conditions were also a contributing factor in the North American Blackout of August 2003, during which 50 million people lost power.
The advent of multi-core hardware, whether computers from vendors such as AMD or Intel, or consumer goods such as the Sony PlayStation 3, are driving the emergence of multi-threaded software applications that are susceptible to race condition defects. To take advantage of multi-core hardware requires new, multi-threaded applications that can simultaneously execute multiple, interacting computational tasks.
Designing multi-threaded applications is highly complex, and introduces a new class of potential application failures when the intricacies of concurrently running threads are not handled properly. To date, testing for concurrency defects such as race conditions has been extremely difficult due to the complexity in run-time environments where multiple threads execute simultaneously while accessing shared memory.
The latest release of Coverity Prevent introduces a new interface designed specifically to help developers understand the complex interleavings that exist within their multi-threaded applications. New advanced analysis capabilities in Prevent provide analysis of 100% of these interleavings, delivering unmatched insight into complex code bases.
Coverity Prevent helps developers control the complexity of multi-threaded applications by automatically identifying these hard-to-find, often crash-causing concurrency defects such as:
• Race Condition – Multiple threads access the same shared data without the appropriate locks to protect access points. When this defect occurs, one thread may inadvertently overwrite data used by another thread, leading to both loss of information and data corruption.
•
• Deadlock – Two or more threads wait for a lock in a circular chain such that the locks can never be acquired. When this defect occurs, the entire software system may halt, as none of the threads can either proceed along their current execution paths or exit.
• Thread Block – A thread calls a long-running operation while holding a lock thereby preventing the progress of other threads. When this defect occurs, application performance can drop dramatically due to a single bottleneck for all threads.
“Coverity has been helping our customers eliminate concurrency defects in multi-threaded applications for years, and we’re excited to expand those capabilities by adding race conditions to the list of dangerous defects we identify,” said Ben Chelf, chief technology officer of Coverity. “Race conditions are particularly difficult for developers because they are hard to test for, nearly impossible to replicate, and the consequence of a race condition in the field can be disastrous – Coverity’s new technology overcomes all of these challenges and helps developers eliminate this painful defect type.”
A new white paper available explains more about Coverity’s breakthrough application of static analysis to detect race conditions. The paper is available in for download at: http://www.coverity.com/html/library.php
Coverity is a software engineering company that provides automated source code analysis tools to improve the software development process. Coverity?s advanced technology helps companies deliver the most reliable and secure software possible.
Hardware design has always been considered a difficult task, requiring significant investments in automation and verification. But the idea that building software is equally difficult has only recently gained credibility. Coverity meets that insight by providing automated tools that enable software developers to quickly, thoroughly, and accurately analyze their source code early in the development process.
These tools enable software developers to pinpoint defects that could cause catastrophic failures or security breaches. Coverity Prevent? and Coverity Extend? help software companies build better products, decrease time-to-market, and decrease risks
No responses yet.
