Thread: Coverity Inspected, 20 bugs detected!

Coverity Inspected, 20 bugs detected!

From
Josh Berkus
Date:
Folks,

Sorry to dual-list this, but there's dual aspects to it.

EnterpriseDB, Neil Conway and (earlier) Sean Chittenden worked with
Coverity to do static code analysis of PostgreSQL.   We came up very clean
(20 bugs in our 3/4 million lines of code) but part of that was due to
previous work.   As such, we're now entitled to put a "Coverity Inspected"
web sticker up on our site somewhere.

So, two questions:

1) Do we want to put up a Coverity Inspected button?    On the plus side,
Oracle, MySQL and BerkeleyDB (as well as FreeBSD) have all gone through
the Coverity checker, so it says good things about our competitiveness to
other database products.   On the negative side, do we really care?

2) If we want to put up the button, *where*?   We don't really have a page
on the web site for "certifications and awards", but maybe we ought to?

--
--Josh

Josh Berkus
Aglio Database Solutions
San Francisco

Re: Coverity Inspected, 20 bugs detected!

From
"Marc G. Fournier"
Date:
IMHO ... most definitely to both ...


On Sat, 23 Jul 2005, Josh Berkus wrote:

> Folks,
>
> Sorry to dual-list this, but there's dual aspects to it.
>
> EnterpriseDB, Neil Conway and (earlier) Sean Chittenden worked with
> Coverity to do static code analysis of PostgreSQL.   We came up very clean
> (20 bugs in our 3/4 million lines of code) but part of that was due to
> previous work.   As such, we're now entitled to put a "Coverity Inspected"
> web sticker up on our site somewhere.
>
> So, two questions:
>
> 1) Do we want to put up a Coverity Inspected button?    On the plus side,
> Oracle, MySQL and BerkeleyDB (as well as FreeBSD) have all gone through
> the Coverity checker, so it says good things about our competitiveness to
> other database products.   On the negative side, do we really care?
>
> 2) If we want to put up the button, *where*?   We don't really have a page
> on the web site for "certifications and awards", but maybe we ought to?
>
> --
> --Josh
>
> Josh Berkus
> Aglio Database Solutions
> San Francisco
>
> ---------------------------(end of broadcast)---------------------------
> TIP 9: In versions below 8.0, the planner will ignore your desire to
>       choose an index scan if your joining column's datatypes do not
>       match
>

----
Marc G. Fournier           Hub.Org Networking Services (http://www.hub.org)
Email: scrappy@hub.org           Yahoo!: yscrappy              ICQ: 7615664

Re: [pgsql-advocacy] Coverity Inspected, 20 bugs detected!

From
"Joshua D. Drake"
Date:
Marc G. Fournier wrote:
>
> IMHO ... most definitely to both ...

Yes to both.

>
>
> On Sat, 23 Jul 2005, Josh Berkus wrote:
>
>> Folks,
>>
>> Sorry to dual-list this, but there's dual aspects to it.
>>
>> EnterpriseDB, Neil Conway and (earlier) Sean Chittenden worked with
>> Coverity to do static code analysis of PostgreSQL.   We came up very
>> clean
>> (20 bugs in our 3/4 million lines of code) but part of that was due to
>> previous work.   As such, we're now entitled to put a "Coverity
>> Inspected"
>> web sticker up on our site somewhere.
>>
>> So, two questions:
>>
>> 1) Do we want to put up a Coverity Inspected button?    On the plus side,
>> Oracle, MySQL and BerkeleyDB (as well as FreeBSD) have all gone through
>> the Coverity checker, so it says good things about our competitiveness to
>> other database products.   On the negative side, do we really care?
>>
>> 2) If we want to put up the button, *where*?   We don't really have a
>> page
>> on the web site for "certifications and awards", but maybe we ought to?
>>
>> --
>> --Josh
>>
>> Josh Berkus
>> Aglio Database Solutions
>> San Francisco
>>
>> ---------------------------(end of broadcast)---------------------------
>> TIP 9: In versions below 8.0, the planner will ignore your desire to
>>       choose an index scan if your joining column's datatypes do not
>>       match
>>
>
> ----
> Marc G. Fournier           Hub.Org Networking Services (http://www.hub.org)
> Email: scrappy@hub.org           Yahoo!: yscrappy              ICQ: 7615664
>
> ---------------------------(end of broadcast)---------------------------
> TIP 5: don't forget to increase your free space map settings


--
Your PostgreSQL solutions provider, Command Prompt, Inc.
24x7 support - 1.800.492.2240, programming, and consulting
Home of PostgreSQL Replicator, plPHP, plPerlNG and pgPHPToolkit
http://www.commandprompt.com / http://www.postgresql.org

Re: Coverity Inspected, 20 bugs detected!

From
"Magnus Hagander"
Date:
> So, two questions:
>
> 1) Do we want to put up a Coverity Inspected button?    On
> the plus side,
> Oracle, MySQL and BerkeleyDB (as well as FreeBSD) have all
> gone through the Coverity checker, so it says good things
> about our competitiveness to
> other database products.   On the negative side, do we really care?

I'd say that if "business customers" care, then we should care.


> 2) If we want to put up the button, *where*?   We don't
> really have a page
> on the web site for "certifications and awards", but maybe we
> ought to?

Um. We have an "Awards" page in case you missed it ;-) It's at
http://www.postgresql.org/about/awards.

Are you saying we should rename it to "Certifications and awards", or
create a separate page for certifications?

Do we have more than one certification (possibly pending)? If not, a
separate page with just on certification might look a bit weird :-)

//Magnus

Re: [pgsql-advocacy] Coverity Inspected, 20 bugs detected!

From
Robert Treat
Date:
On Sunday 24 July 2005 08:05, Magnus Hagander wrote:
> > So, two questions:
> >
> > 1) Do we want to put up a Coverity Inspected button?    On
> > the plus side,
> > Oracle, MySQL and BerkeleyDB (as well as FreeBSD) have all
> > gone through the Coverity checker, so it says good things
> > about our competitiveness to
> > other database products.   On the negative side, do we really care?
>
> I'd say that if "business customers" care, then we should care.
>

I actually scoped out the sites josh mentioned above and couldn't find a
coverity badge on any of them :-\

Was thinking though that maybe we should add a news item to the main page for
folks who may not have caught this elsewhere?

> > 2) If we want to put up the button, *where*?   We don't
> > really have a page
> > on the web site for "certifications and awards", but maybe we
> > ought to?
>
> Um. We have an "Awards" page in case you missed it ;-) It's at
> http://www.postgresql.org/about/awards.
>

Hey, thats pretty nice. Kudos to the web team for that.

> Are you saying we should rename it to "Certifications and awards", or
> create a separate page for certifications?
>
> Do we have more than one certification (possibly pending)? If not, a
> separate page with just on certification might look a bit weird :-)

Without more certifications I don't think we have a good case for a second
page, so do people want to certifications lumped in with the awards or is
there a better place for them?

Josh, do you know if we are considered Novell "Yes Certified" ?

--
Robert Treat
Build A Brighter Lamp :: Linux Apache {middleware} PostgreSQL

Re: [pgsql-advocacy] Coverity Inspected, 20 bugs detected!

From
Simon Riggs
Date:
On Sat, 2005-07-23 at 15:24 -0700, Josh Berkus wrote:
> So, two questions:
>
> 1) Do we want to put up a Coverity Inspected button?    On the plus side,
> Oracle, MySQL and BerkeleyDB (as well as FreeBSD) have all gone through
> the Coverity checker, so it says good things about our competitiveness to
> other database products.   On the negative side, do we really care?
>
> 2) If we want to put up the button, *where*?   We don't really have a page
> on the web site for "certifications and awards", but maybe we ought to?

2) is yes, lets have a page for certifications and awards

If 2) then yes to 1) also

Best Regards, Simon Riggs


Re: [pgsql-advocacy] Coverity Inspected, 20 bugs detected!

From
"Jim C. Nasby"
Date:
On Sun, Jul 24, 2005 at 02:05:44PM +0200, Magnus Hagander wrote:
> > So, two questions:
> >
> > 1) Do we want to put up a Coverity Inspected button?    On
> > the plus side,
> > Oracle, MySQL and BerkeleyDB (as well as FreeBSD) have all
> > gone through the Coverity checker, so it says good things
> > about our competitiveness to
> > other database products.   On the negative side, do we really care?
>
> I'd say that if "business customers" care, then we should care.
>
>
> > 2) If we want to put up the button, *where*?   We don't
> > really have a page
> > on the web site for "certifications and awards", but maybe we
> > ought to?
>
> Um. We have an "Awards" page in case you missed it ;-) It's at
> http://www.postgresql.org/about/awards.

BTW, I think it says something that most people here didn't know about
that page. IMO we should put a more prominent link to it on the front
page. One possibility (as much as I hate them) would be to use a
drop-down menu below each catagory; at least that way if you mouse-over
'about' you'd see awards & certifications. Though personally I think it
would be good to put a direct link on the front page somewhere.
--
Jim C. Nasby, Database Consultant               decibel@decibel.org
Give your computer some brain candy! www.distributed.net Team #1828

Windows: "Where do you want to go today?"
Linux: "Where do you want to go tomorrow?"
FreeBSD: "Are you guys coming, or what?"