YDN

2 Comments

Hier c’était la première du YDN a Grenoble (Une petite carte ? :-D).

Pour ceux qui ne savent pas, Yahoo ouvre gratuitement (si si), ses API aux développeurs (Flickr, Search, …), laissant ainsi la possibilité a chacun de les utiliser pour faire sa petite appli ou inclure qqc de marant sur son site Oueb.

3 Evangelistes étaient la pour présenter les nouvelles API, ou les nouveaux gadgets.

La soirée était principalement centré sur les applis mobiles, mais nous avons eu droit à une présentation rapide de l’étendue des possibilités !

C’est bluffant !!!!

Et je pense que les invités ont apprécié …

Advertisements

Mysql over time

Leave a comment

After my last post on mysql quality, I was wondering (and lot of comments I’ve got confirm the fact it was a good question .. 🙂 ) if it was due to the release 5.1, or if it was historical bugs.
So, I’ve run the same tools, with the same compilation options and compared the version of mysql 4.1,5.0 and 5.1. Each time I took the last source version available.

The raw results are :

Mysql 4.0 : 4.8k errors
among them :
FORWARD NULL :59
RESOURCE_LEAK:32

Mysql 5.0 : 2.4k errors
among them :
FORWARD NULL :70
RESOURCE_LEAK:39

Mysql 5.1 : 2.5K errors
among them :
FORWARD_NULL: 77
RESOURCE_LEAK: 45

After a quick look, we can see that the type of errors change over time, I think it’s due to maturity of developers (the do less ‘simple’ mistake) which increase.

There was a big clean done between 4.x and 5.0.x versions. But, since the beginning of version 5, lot of code added, introducing new bugs (nearly 5% more), without any stabilization actions.

How can Static Code Analysis tools may help you ?

Leave a comment

I love Static Code Analysis tools (SCA) because they are easy to use, easy to run, and most of the time very valuable.

You have of course, a learning step to know each families of tools (syntax checker, tools ensuring rules compliance, tools finding bugs,..) and to know which one to use and when to use it. But, as soon as you have this knowledge, you are very efficient and you can use them for example, during code review (even on large project) to have a good idea of the issues (it’s not easy to discover manually) or the origin of a problem. For example, you may have scalability issues on a project, but the root cause may be fully different from one project to an other one,…, the tools will help you to spot the origin.

So, I’m currently playing with several ‘bug finder’ tools, some commercial one, and some open source ones, on languages like Java/C/C++/C#,…The results ‘after some analysis’ give a good overview of a Project Quality.

So, like I am currently trying to explain to a friend of mine how to do Continuous Integration on top of Mysql (patches, plugin, specific hook, …) , I’m trying to plug some of these tools inside is Mysql CI line.

And … surprise …. more than 2000 potential bugs in Mysql Source code.

Lot of errors are due to memory handling, synchronization lock,  ‘some’ function return null, and the result of the call is used without any tests, some errors with static/non static field, ….., …..

That’s impressive …. there was a lot of time I’ve not seen so many errors per line of code. Also, the errors are very heterogeneous in the code … (side effect of open source ? )

In the following table I give some metrics :
Module Name                        Number of errors

client code 134
cmd-line-utils 80
core 1034
example 6
libmysql 211
mysys 61
server-tools 34
storage/archive 38
storage/blackhole 1
storage/csv 9
storage/federated 5
storage/heap 8
storage/innobase 262
storage/myisam 147
storage/ndb 785
system 0

For the experience I have,  I can say than 85% of the time there is a real bugs when the tool launched raise a warning.
Sometime, it took time to discover but, it was right 🙂

Some examples extracted from Myisam storage engine :

* storage/myisam/mi_check.c

Return code not check : everywhere the return code is checked, and an error is raised … my checker assume the return code is critical. So why at this line … no check ???

=> ligne 1185 :i_pack_get_block_info(info, &info->bit_buff, &block_info, &info->rec_buff, file, filepos)

* storage/myisam/mi_key.c

NPE :
–> ligne 252 : char_length= (!is_ft && cs && cs->mbmaxlen > 1) ? length/cs->mbmaxlen : length;
//so assuming cs is null
–> ligne 268
FIX_LENGTH(cs, pos, length, char_length); //which dereference cs without any checks ….

* storage/myisam/mi_rkey.c

Lock error :
—-> ligne 78 : rw_rdlock(&share->key_root_lock[inx]); // take a lock
if (!(nextflag & (SEARCH_FIND | SEARCH_NO_FIND | SEARCH_LAST))) use_key_length=USE_WHOLE_KEY;
……
if (rtree_find_first(info,inx,key_buff,use_key_length,nextflag) line 146
DBUG_ENTER(“table2myisam”);
if (!(my_multi_malloc(MYF(MY_WME, …..) ///// the allocation is not stored … and never free
DBUG_RETURN(HA_ERR_OUT_OF_MEM);