Slashdot Mirror
MySQL & Open Source Code Quality
dozek writes "Perhaps another rung for the Open Source model of software development, eWeek reports that an independent study of the MySQL source code found it to be "in fact six times better than that of comparable commercial, proprietary code." You can read the eWeek write-up or the actual research paper (reg. required)."
please blast the Jews
anyone who has ever used MS SQL can attest to that.
and MySQL is not even touted as a Enterprise class SQL server....
Six times better? I didn't know it was possible to quantify code quality in that matter. Interesting.
"Nature doesn't care how smart you are. You can still be wrong." - Richard Feynman
c to the penis bird dfporewpfmom222222[no carrier]....
Larry Ellison begs to differ...
Woot. Pretty amazing, but with so many eyes and not at all confined by the "9-5" grind, it is almost expected.
I don't doubt that MySQL's source is better than that of, say, OracleSQL's, but how do you assign a number to the difference?
And how do you suppose you can express the quality of code in numbers? Hmm, maybe I should read the research paper first, but the possibility of a first post is simply... hypnotic!
was MySQL not "commercial"?
...until I release my MySQL source code to the open source community. Then that 6x multiplier will drop down to 2x.
Yeah, it's really that bad. Gets the job done, though. Hell to maintain. Probably would've helped if I documented any of it.
Maybe I should read that Code Complete book I keep meaning to read sometime.
Creator of the popular web game Proximity
Perhaps another rung for the Open Source model of software development
Uhh... no.
It's is a glowing report for this particular open source project but that brush shouldn't be used to paint all open source. That will just lull open source developers into a false sense of euphoric contentment. Code quality didn't get this far by having a fixed target, that target should be a carrot on a stick that will never quite be reached.
Trolling is a art,
Through its analysis, Reasoning concluded that the commercial average defect density--covering 200 recent projects and totaling 35 million lines of commercial code--came to 0.57 defects per thousand lines of code
Um, so they just guessed that the code was six times better. Okay.
Undoubtedly()
{
when();
you = measure(quality);
in.defects();
per->lines_of(code, anyone);
can = write(good, solid, code);
}
it was a FIRST one. Holy shit, I'm fast...
"Reasoning performed its independent analysis using defect density as a prime quality indicator. Defined as the number of defects found per thousand lines of code, MySQL's defect density registered as 0.09 defects per thousand lines of source code. Through its analysis, Reasoning concluded that the commercial average defect density--covering 200 recent projects and totaling 35 million lines of commercial code--came to 0.57 defects per thousand lines of code."
Jason Lotito
Defects per 1000 lines ? What sort of a unit is that ?
Or should we find a name for it ?
Let's call it the Linus !!
...they quantified it by dividing verified defects by lines of code. MySQL had 0.09 bugs/KLOC while the "commercial" defect density was 0.53 bugs/KLOC. (Their use of the term "commercial" confused me since MySQL is, after all, a "commercial" project, just an open-source one.)
All's true that is mistrusted
This article must have been written by supporters of closed software. The ratio of 0.57/0.09 is 6.333~ and the article states it is 6. Clearly FUD. Let the flaming begin!
And line of code for line of code there are less known errors in MySQL than there are assumed/predicted/mean errors in their commercial counterparts, but that doesn't answer the question of how does MySQL compare performance-wise to Oracle or <flameretardent coating>MS SQL 2003</flameretardent coating>
Just my 0.03 (adjusted for inflation)
Music is everybody's possession.
It's only publishers who think that people own it.
Fuck Beta
~John Lenno
lame jewish bastard!
even if the source code is maybe "better" and I still like mysql for simple stuff it can't replace oracle in most situations yet. It still lags of features/safety in some ways...
As strong proponent of MySQL, I'd be very curious to see how it stacks up in those regards.
Anyone know how this one is faring? Will it ever be released? It's based on GCC, right? How many students can it pass between until it's "distribution"?
The reason I'm asking is because I saw that one member of the team has jumped over to a company called Coverity where one can read:
I just think it'd be horrible if they used the GPL'ed GCC to develop their methods (having access to a full portable compiler onto which to do research and development is hardly a "small thing"), and then lock these same methods away from the community.
I'm grateful for their work on checking linux, but really... this smells bad, IMHO.
(If you don't know what I'm taking about, don't assume it's off-topic, okay? The Standford Checker is a related topic to the Reasoning analysis of MySQL, and I'm not sure we'll ever have a _better_ fitting topic to discuss this)
Belief is the currency of delusion.
I do believe that Open Source is better than proprietory. Faults per 1000 lines of code may seem like a valid scale, but I think it is indicatory at best, not proof.
* It does not take into account the design of the software. This is often as important as the actual quality of the code.
* It does not take into account the kind of errors. This is related to the first, but a buffer overflow that allows root access is worse than a failed instruction.
* It does not even take the length of lines into account. Shortening the lines could lower the number, without actually changing anything.
So, small victory, but the race goes on.
the pun is mightier than the sword
This just looks like some quasi-scientific statement, trying to express things as a number that really don't fit such a representation. For example, as the number of defects decreases, it becomes increasingly more difficult to find the ones that are left. And is code that contains no bugs at all infinitely much better than code that contains a single bug which hardly ever occurs?
The main difference between open and *MOST* closed code is the fact that the early release of closed code means mucho mas money to corporate pigs and dogs, thus, proper requirements analysis, design, coding and testing are usually pummeled in the name of happy-go-lucky capitalism. "It will be ready when it is ready." -Carmack "I love America!" -Murphy
HAD
Neener neener!
Now, I'm sure we can all be very mature about this...
Alito: A vote for Alito is a punch in the eye to put that bitch back in her place!
This "proves" that MySQL is better than commercial offerings. Good. A lot of people knew that. Hats off to the developers. But...
1. This cannot be generalized into a property of all open source projects.
2. It's more a tribute to the architecture and original core developers of MySQL than anything else.
3. Realize that even though MySQL is an open source product, MySQL AB is the *company* that organizes and pays for MySQL development. So, again, you can't generalize this into something that covers late night hackers working on personal projects in their basements (the open source geek fantasy).
MySQL is awesome! But let's be careful about this story, okay? It's the over-generalization that gives OSS/Linux advocates a bad name ("The Gimp is equivalent to Photoshop!").
How many lines of code are there in a Library Of Congress?!
Because there are portions of the MySQL code that are just painful to look at.
Take for instance the part that takes as input the key index size and calculates internal buffer sizes. The option's size is an unsigned long long, but they cast it to an unsigned long all over the place, do in-place bitshifting on the cast (and cause it to wrap -- try specifying 4G for your key index sometime and you'll get 0), and the quality of code in that case is just painfully horrible to look at or even figure out what it's doing.
I could only shudder to think what the quality of the commercial product looked like, in comparison. Hell, I'll have nightmares if I consider the quality of MySQL++ as a comparison..
--jordan
I imagine that I could write such a poor bubble-sort program that would have no errors - but would take a programmer a week to figure out what it does because it is over 5000 lines long...
From excellent karma to terible karma with a single +5 funny post...
How buggy is MySQL is compared to say PostSQL, FileBird, etc. MySQL tends to crumple under load, while PostSQL keeps going.
So how many of the eWeek people do you think saw the code to MS SQL Server or Oracal SQL? I am hightly doubting that they even were able to get to the front door to knock on either of the doors to ask if they could see the code. I mean this just looks like pure propoganda to anybody that has half a brain and keeps up with the industry.
Don't get me wrong I love MySQL, but these types of articles are just as bad as the people saying that MacOS X isn't that secure because of the less users on it. Or the guy claiming that MS is way superior in the Internet Server world. These type of articles are just there to cause controversy and seperate us as a community Mac/Windows/Linux combined.
I am not putting any merrit in this article and neither should you.
Slashdot is a bad commercial for MySQL. Maybe it is the SlashCode, and not MySQL, but the Slashdot database regularly becomes confused, such as posting a comment to the wrong story.
This is a good example of developing high quality software versus a piece of crap with lots of "features".
MySQL doesn't have some features such as stored procs or views, but what is implemented is pretty solid, which is important for a database.
Wasn't it 6.56 times better?
We suffer more in our imagination than in reality. - Seneca
There's a hell of a difference between 235,667 lines of code and 35 million lines of code. Just like there's a difference between 1000 lines of code and 235,667 lines of code. That is, the more line of code, the more likely a defect will survive.
Remember the 'Open Source' IE patch that came out recently? That had a few bugs in - buffer overflows, that sort of thing. Luckily, being Open Source, they got spotted quickly.
Now apply the 'Rule of 6 times' to Microsoft's closed source IE patches...
Anybody care to enlighten me on how they came up with that number?
First off, I think MySQL is a fantastic product. Its the perfect mix of speed and ease of use well suited for small to medium sized datastores where speed and relaibility are a must. That being said, I think it's unfair to describe this product alongside others such as Oracle, MSSQL (blow me guys, its a great product) and even PostgreSQL and SAP DB (which is be best OpenSource option in my opinion). The codebase for MySQL will never acheive the magnitude of the aforementioned products so it should be used that way. Just my 2 cents.
My mother never saw the irony in calling me a son-of-a-bitch.
How much sampling did they do? Or did they just take MySQL and some bum-wad county program and compare them?
/. would be able to see past stereotypes already.
That's like saying all negros are criminals because the TV show COPS shows them being criminals.
I'd think a left-wing pro commie gaggle of hippies such as
Live in the now man!
Someday, I'll have a real sig.
Let's call it the Linus !!
Great, then we'll have people arguing that we should call it the GNU/Linus!
One man's -1 Flamebait is another man's +5 Funny.
marketing sites only have 3% more fake/fudged stats then news sites.
and 74.6% of all stats are made up anyways.
I'm not sure what point you're arguing here. Of course there's nothing stopping you from building commercial software using GCC, but the Standford Checker is -- as far as I know (and I could be wrong) -- built ON gcc, not only with. As in, the meta-compilation framework was added to gcc as backend (and if it wasn't, this is all moot, but I seem to recall that it was. Doubt it was LLVM)
Forget the legalities, I'm sure they're withing their _RIGHTS_ to take the research and move it into a compoany, but is it -- assuming my reasoning and background is correct -- ethical? Should we condone it? Is it within the spirit of the GPL?
Belief is the currency of delusion.
So.. if they can find x number of "defects" per y lines of code...
Why not fix them?
I'm in the midst of upgrading a SQL Server 2000 installation. MS issued their latest patch in August - a mere 56 MB patch. Hopefully that will fix some of the flakiness I've been seeing.
[Insert pithy quote here]
I find the MySQL gotchas frightening:
Don't read this: Slashdot lameness messages are very annoying when you have posted a legitimate comment: Your comment has too few characters per line (currently 18.5). Your comment violated the "postercomment" compression filter. Try less whitespace and/or less repetition. Comment aborted. Your comment violated the "poster-comment" compre55ion filter. Try less whi7espace and/or less repetition. Comment aborted. Your commen7 has too few characters per 1ine. Your comment has too few characters per line (currently 18.5). Your comment violated the "poster-comment" compre66ion filter. Try less whitespace and/or less repetition. Comment aborted. Your comment has too few characters per line (currently 18.5). Your comment has too few characters per line.
Now it says: Your commen7 has too few characters per line (currently 33.7). However, I didn't change the number of lines.
# Important Stuff: Please try to keep posts on topic. # Try to reply to other people's comments instead of starting new threads. # Read other people's messages before posting your own to avoid simply duplicating what has already been said. # Use a clear subject that describes what your message is about. # Offtopic, Inflammatory, Inappropriate, Illegal, or Offensive comments might be moderated. (You can read everything, even moderated posts, by adjusting your
Higher levels of investment in development may yield things like better test labs, more test boxes, more test OSes, easier benchmark simulation, etc. More dollars means that development can take place on more special-case nodes, and devote time to specific optimizations.
I want to delete my account but Slashdot doesn't allow it.
is code that contains no bugs at all infinitely much better than code that contains a single bug which hardly ever occurs?
even if i consider this theoretical question i think it depends on the fact what the software is used for. i am with you when we talk about a mediaplayer or a game, but if we talk about surgical or airplanecontrol software my view changes radical.
This study really only shows the defects in the MySQL code base and nothing about proprietary database source code.
:-(
The analysis of the proprietary databases' source code is by guessing as they don't have access to the proprietary source code and therefore can not make such a claim.
While I have no doubt that the open source model is superior in development, this study, unfortunately, proves nothing. Smoke and mirrors..
jason
No one has seen what you have seen, and until that happens, we're all going to think that you're nuts. - Jack O'Neil
Usually in the open source world, there are two major implementations of a software concept and several minor ones, and usually commercial rivarly as well.
Examples
Editors such as Vim, Notepad, Kedit, BBedit, Textpad, nano
GUI's such as Explorer, Finder, KDE, Gnome, XFeaces, Box.
Kernelss such as ntkrnl.exe, linux, darwin.
Each one has varying bugs and complexity, There is a link between ones market share, feature set and lines of code.
For example, in Gnome vs KDE for example, I find KDE to be less buggy even though its more complex, because it has more users (90% of distros use it be default) and so there are more people finding faults, while also adding more features as well. Gnome 2.4 shockingly had LESS features than 2.2, because the code base had became so buggy that the developers had to remove a lot of the functionallty to stablize.
MS SQL is basically a revamped Sybase. So, on UNIX & Linux you could use Sybase ASE.
This is proof positive that the marketing engine has started churning in the Linux / Open Source arena. The quoted statistics are meaningless. Here are is a short list of things (in no particular order) that are wrong with this "study" (who paid for it anyway?):
Lines of code is meaningless as a reliable measure of anything. The most this number can be used for is for assessing the high level complexity (i.e. simple, non-trivial, or hard) of an application / code construct. It is absolutely pointless to compare two different applications against each other by lines of code. This means that you can say that one is non-trivial and the other is complex or you can say that both are complex, but there is no valid way of determining (by using this particular metric) that one application is more complex than the other. I believe this is the fundamental flaw in this "study".
The study igores capabilities. If application A has feature a, b, and c, and application B has features a, b, c, d, e, f, g, h , is it even meaningful to compare the number of defects detected between applications A and B? And no - normalizing it by lines of code is not valid (see previous point).
Testing methodology : from the defects quoted in the article, it appears as if they "study" did white box testing on MySQL. This is hardly complete. While null pointer dereferences are certainly terrible, I would be also very very concerned about bugs pertaining to SQL capabilites, data integrity, performance, etc. If I go out and do a comparison of RDBMS's for a client, my report wouldnt be complete at all without covering these areas. How come the "study" doesnt mention any of these things?
Lets face it : this is a paid propaganda article by the marketing machinery. Much like Microsoft has done in the past.
There is no such thing as luck. Luck is nothing but an absence of bad luck.
It is really embarassing to have bad code with your name on it, released to the public.
Not only that, but there is a small percentage of coders when presented with an ugly solution to a problem, will pretty it up, just "because". And it is a good way to get known in the OSS world.
Unlike the corporate world, working but ugly code is hidden deeper and deeper, and people go out of their way to avoid it.
These are exceptions and highlighted, it does not in anyway reflect the entire model as a whole as we can plainly see buy looking around.
There is a hell of alot more reliable closed source software out there than open source.
Like it or not fanboys, its reality.
Just add a bunch of creatively placed linefeeds, you can easily get back up to the 6X number (based on lines of code).
-CausticPuppy "Of all the people I know, you're certainly one of them." -Somebody I don't know
Too bad ADO Blobs still don't work...
Seen lots of intelligent comments about lenght of lines and potential bloat skewing the results, but there is one more issue to consider: design.
No matter how good the coding itself, if the design is broken, the tool is broken, period.
And MySQL has a broken design. So broken that the upgrade path isn't MySQL X or something the like, but MaxSQL -- in fact, rebranded SAPdb. That SAPdb is at most at Oracle v7.2 levels tells lots about MySQL.
I could be more specific, but do your own research in Google -- lack of SQL compliance, lack of features to enable declarative coding at the server instead of procedural client code, and so on.
Now, the interesting part. Suppose MySQL AB would have a sudden insight and repent of their un-SQL, anti-relational ways. Unlikely, you say; yet possible. Now suddenly they have to recode, or change drastically the current code. The resulting tool will be probably much bigger than the current, because SQL is baroque; or even worse than much bigger, because of MySQL backwards compatibility.
The sheer bloat will make even this faulty measure of bugs/KLoC skyrocket. Now, run the comparision again...
Not to say SQL compliance shouldn't be attained. In fact, bloat in the SQL DBMS is a more than good enough tradeoff against bloat in the application. The ideal would be a RDBMS, but while there isn't a MyDataphor a SQL DBMS should do.
Even today, I don't care about comparing to, say, Oracle or MS SQL Server. IBM DB2 would be a better baseline, but best of all the real competitors: PostgreSQL and Alphora Dataphor.
Leandro Guimarães Faria Corcete DUTRA
DA, DBA, SysAdmin, Data Modeller
GNU Project, Debian GNU/Lin
So Oracle is mission critical to our operation. But I hate their licensing structure enough that I'd love to go with something like MySQL. Reliability and speed are very important.
Does anyone have any option, backed by experience in the matter, on switching from Oracle to MySQL. A good or bad idea? Disregard cost of the actual switch. I'm looking at this from the standpoint of technical merit and capability.
David Whatley
I'm a little confused. I thought I understood how to make profit with the GPL, but now I'm not sure.
MySQL GPL'ed all their products. (presumably so they could get developers and bug-fixes to their product for no charge.) However, they offer "commercial" licenses for people who want to integrate MySQL into their software, but don't want to GPL it. How can they do that? Presumably, any improvements/bugfixes/modifications that came from the community would be GPL, and therefore cannot be re-integrated under a more restricted license. I'm a little confused here. How can they take code that has been released under the GPL and turn around and release it under a more restrictive license?
Not checking the return status of printf for errors looks like a defect to me.
There is a bad Moderator amongst you - giving you a bad name! The nefarious moderator marked the above post redundant - Never checking the timestamp on the post. If they did. they would find that the above first post on the subject, and cannot be redundant!
Your question is actually a valid one, but, come on... The names are PostgreSQL and Firebird.
(which ranged from a few uninitialized variables prior to use
Are you out of your vulcan mind? That's instant GIGO!
.
By including the use of 'stdio.h' to which we (SCO) own the rights to, you have violated the DMCA.
MrHanky, you now must either pay us for the use of said file ($699) or ceist and decist.
We hold rights to your future earnings from your use of our file, and we option the rights to your childrens earnings.
Thank you
Daryl
soo so sorry... It just popped into my head...
Why worry? Each of us is wearing an unlicensed "nucular" accelerator on his back.
Sig changed for readability by G.W.
The numbers in the article are too fuzzy to draw meaningful conclusions, but I wonder if there was a correlation between size of project and bugs/KLOC. Most comp-sci types agree that the difficulty of writing good code grows polynomially with a project's size and not linearly. So, is MySQL more bugfree than a commercial program of its own size, or one with a codebase 10 times larger? Maybe it was competing with 199 little bugless programs and one giant, riddled behemoth.
I guess my main point is that the article provides some data but no information at all. The original study might've, but the summary could have said "MySQL is more purple than commercial code" for all the supporting evidence it gave.
Dewey, what part of this looks like authorities should be involved?
..are in the header file but obviously you can't show those as they are belong to SCO...
To Terminate, or not to Terminate, that's the question - SCSIROB
OT: This is just a dummy post to cancel an accidental incorrect moderation. Sorry
I'm sorry but this is a joke. They do not tell what proprietary code they looked at to make this conclusion. They do not even say if they compared this to other Commercial database solutions. Obviously this is good code but if its not compared against other databases I don't really see the point.
Which commercial counterparts? oracle, db2, informix? I seriously doubt it - and eWeek didn't say.
Given that a database is a core software component I'd *expect* a far lower defect density than you'd typically find in an application or especially a desktop application.
Good to hear that they're working on reducing their defects, but please - this is hardly a big deal.
Used the early 4.0 stuff on a few projects only bug that bit me was a release where the bits to bind it to an ip address were borked. Checked it's mailing list and it was a issue that was resolved, and fix was in the next release also there was a workaround for the release I was using.
Say what you want but it was solid backend for
the program using in my case.
Great tools do only ONE thing, but do that ONE thing very, very well.
anything open sourced in that domain?
That they're filing suit against MYSQL for violating their IP on code quality.
http://www.reasoning.com/pdf/MySQL_Defect_Report.p dfo rt.p dfr .pdf
http://www.reasoning.com/pdf/MySQL_Metric_Rep
http://www.reasoning.com/pdf/MySQL_White_Pape
MySQL Defect Report: http://www.reasoning.com/pdf/MySQL_Defect_Report.p df p df f
MySQL Metric Report: http://www.reasoning.com/pdf/MySQL_Metric_Report.
MySQL White Paper: http://www.reasoning.com/pdf/MySQL_White_Paper.pd
It's called "PEER REVIEW" and it does make your code better. Closed-source software vendors may want to take note.
-ted
It does indeed sound a bit like that, and with good reason. If you notice, the "indepedent review" was carried out by Reasoning, Inc., and we've heard of them before in these parts.
For the benefit of those who haven't seen this trollfest^H^H^H^H^H^H^H^H^Hstory in its previous incarnations, Reasoning's services spot what some people call "systematic" errors, things like NULL pointer dereferencing or the use of uninitialised variables. As many people note every time this subject comes up, any smart development team will use a tool like Lint to check their code anyway, as a required step before check-in and/or as a regular, automated check of the entire codebase, and so any smart development team should find all such errors immediately. IOWs, it's grossly unfair to compare open and closed source "code quality" on this basis. Any project that has errors like this in it at all isn't serious about quality, and it shouldn't take an external study to point this out.
Serious code quality is not dictated by how many mechanical errors there are that slip through because of weaknesses in the implementation language. Rather, it is indicated by how many "genuine" logic errors -- cases where the output differs unintentionally from the specifications -- there are. Of course, no automated process can identify those, but to get a meaningful comparison of code quality, you'd need to investigate that aspect, rather than kindergarten mistakes.
There are other objections to their principal metric as well. For starters, source code layout is not normally significant in C, C++ or Java, so any metric based on line count is going to be flawed at best. But the big objection is that they're talking about childish mistakes, and comparing supposedly world class software based on childish mistakes isn't helpful (except to dispel the myth that some big name products have sensible development processes).
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
How does the code quality of the free MySQL v4.0.17 compare with the priced MySQL v4.1? They're both open source (source code downloads), but 4.1 has a proprietary non-GPL license with a price attached. What do you get for your money, other than "new features"?
--
make install -not war
Hint: it is near the bottom
So its useful for what it was intended for?
I have a reasonably nice mySQL database set up to manage my research data. It's set up so that anyone in-house can access it using a web browser, extract reports, etc. I think it's pretty slick, and it's orders of magnitude better than what they were using before I got here. (That would be spreadsheets, all in different formats, and all with different coding of entities. Sheesh!)
Anyway, someone else in the same building is collecting the same kind of data, identical format, just in a different region. He's got his tech building a new database in Access. As far as I can tell, this duplication of effort is just because they both have Access as part of MS Office. I keep trying to encourage them to just piggy-back on my database. Because of the web server aspect, they don't need to be running linux or mySQL themselves, so there's no "geek factor" involved. Neither of them already know Access, so whatever they do, they'll be learning it from scratch.
My feeling is that this is a wasted effort on their part. The only downside that I can think of is that I'll end up supporting their data as well as mine, since we have no IT support. From their point of view, there's no real drawbacks that I can think of, but they're still very reluctant.
Anyone have any ammunition I can use to support my case?
I prefer to be called Evil Scientist.
I really don't know that I understand (or even agree with) the quality statement.
;-)
I routinely work with DB2 UDB and Sybase ASE, less often with Oracle. All of those I can be assured of recovery with and all I would be comfortable deploying in business environment.
I keep MySQL on my laptop because it's a quick'n'dirty database for me to play in and prototype with. I let customers (I'm a gun-for-hire) deploy it for non-business-critical applications such as web site backends, mailing databases, etc. Stuff were rollbacks and point-in-time recovery are less critical.
So given the above, how can you really claim the code is really better "qaulity"? It's like comparing apples and oranges. A Toyoya Corolla is certainly a well built and reliable car, but comparing it to a Hummer or a Porsche is a bit more than subjective.
Maybe the 'quality' they referring to is really just nice indents and comments
Just my 2 cents (Canadian),
-psy
In my opinion, there is no substantial difference in code quality between open source software and proprietary software.
/usr/bin/env. Kind of confusing %-)
/usr/local, which is the default location) and Perl 5, just to compile some C/C++-Code?
:-) is Sun JVM vs. GCJ's libjava. I compiled a very complex multithreaded application using GCJ; it worked fine on uniprocessor machines, but it randomly deadlocked on my multiprocessor server. Finally I found out, that libjava is broken on SMP machines. That doesn't mean, that libjava's code quality is bad; but it still means, that some other Java-Libraries (those of some virtual machines) are more mature, and possibly better tested.
I have seen a lot of very buggy commercial software (including nVidia drivers, IBM's LANManager Services for OS/2, lots of Microsoft's services and utilities in Windows 2000 (for example, "TCP/IP Helper Service") and Netscape 4.7).
On the other hand, I have also seen very bad code quality in open source products - for example, GTK+ (actually, the really bad thing about GTK+ is primarily its install scripts, makefiles and such). Compiling and installing GTK+ on anything else than on a GNU/Linux-machine is some kind of an adventure, while its commercial counterpart, Qt from trolltech, can be compiled quite easily.
- I set the PKGCONFIG env variable before running 'configure'. It worked quite well until line 27.000 (or so) in 'configure', where the variable's content was suddenly gone (BTW, I really dislike debugging 28.000+ line shellscripts). I tried to 'configure' with bourne shell and with korn shell 93.
- It assumes, you have Perl installed (if it's not in your PATH, 'configure' creates funny things like "#! -w" instead of "#!/path/to/perl -w"). The error message produced due to this bug was something like '/usr/bin/env: no such file or directory' - because the perl script was directly started using
- 'configure' forgot to add '-fPIC' to CFLAGS, for this reason all shared libraries where broken. I had to add this option manually.
- Nothing works with 'make'. I had to install 'gmake' (GNU make) instead.
- The actual source code of the core libraries finally compiled, after I had upgraded to gcc 3.3.2. The source code of the 'demo' programs was totally broken, and gcc refused to compile it - once more I had to change the makefiles manually.
-----
One or two weeks later I compiled trolltech's Qt library on the same computer. It was as simple as './configure --platform=platformname && make && make install'.
Why do I need to debug 28.000+ lines of shellscript-code and a lot of makefiles, why do I need to install gmake, pkgconfig (by the way, pkgconfig and most other things in GTK+ don't work well if you don't install everything to
Qt does mainly the same as GTK+, but it simply compiles, using only shellscripts, 'make' and a C/C++ compiler.
Another example regarding code maturity (rather maturity than quality, notice the difference
-----
Some fundamental things about Software:
- The more people read the code, the more people can potentially find and fix bugs (good about open source).
- If a lot of people are allowed to write the code, somebody has to coordinate the work of all these people. Lots of different versions of the same module, written and/or modified by lots of different people need to be combined or coordinated otherwise (bad about most open source projects, because hardly somebody knows, how trustworthy anyone of the developers is; good abous some closed source projects (e.g. Trusted SunOS kernel, IBM SLIC kernel and other trusted code), because only a small group of really good programmers is allowed to write or modify code).
Conclusion: It's good to have only a small group of 'trusted' developers, who write or modify the code, and then to let everyone else read and verify the code.
regards,
octogen
...just think how much better Postgresql must be.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
Fewer bugs per line of code means either fewer bugs or more lines of code. So if you blather on using long-winded, repetitive, cut-and-pasted code, you'll score highly on this scale.
Patrick Doyle
I mod down every jackass who puts his moderation policy in his sig. Oh, wait a sec....
There is a chain of discount supermarkets in Hungary called Smatch. Probably all over Europe as well, not sure. I believe the company is Belgian. In Budapest there's about 180 of them, if I remember correctly.
;-)
Just some off-topic trivia for you, since it's your project.
This Like That - fun with words!
It's a really clean 10 lines of code...now if they can implement something to make MySQL useful like subqueries this article will be worth reading.
Slashdot were to read their own articles, they would know this is a repeat. Slashdot, where's the quality?
/*
Undoubtedly()
{
when();
you = measure(quality);
in.defects();
per->lines_of(code, anyone);
can = write(good, solid, code);
}
*/
Do Not Move Gemstone from Oracle! You have severe stability problems with play.net at times and I bet its unrelated to Oracle. I don't know about the games but the web site is tied to Oracle by the function calls.
/. reader.
Netcraft says your site is using MS 2000. There is your problem. Move to an OpenBSD solution first on the frontend and I'd keep Oracle at the backend.
Remember the saying goes: "No one got fired for buying IBM." Also the same for Oracle. But...
I'd choose a PostgresSQL solution. Toss it in a sandbox and use it for the forums per-se and see how it goes.
My advice costs a premium and basic membership. (wink)
GS4 Player and
... How companies like this "Reasoning" sell people on this bullshit. Do they actually get paid for writing this pointless tripe?
What a joke. How about this:
I'll write 15 lines of code that do absolutely nothing right now, in a language of "Reasoning's" choice, and it'll completely bug-free. Does that mean I'm infinitely better than mySQL? Despite the fact that my code does absolutely nothing???
Please. Any of these bullshit whitepapers that don't take feature set into account are WORTHLESS.
Reminds me of that line in Tommy Boy(?): "Hey, if you want me to take a dump in a box and mark it guaranteed, I will. I got spare time."
Despite the uncovered bugs, Reasoning concluded that Uppsala, Sweden-based MySQL AB's code quality was in fact six times better than that of comparable commercial, proprietary code. - they decided this after looking at one "commercial" - closed source database and comparing it with one open-source (also commercial) MySQL? Talk about self-serving use of statistics! Sure, there is a correlation, but where is the causation?
whatever.
You can't handle the truth.
> As a matter of fact, until Oracle's release of 10g, MS SQL beat all commercial offerings in the TPC benchmarks.
pardon?
which benchmarks? tpc-c, tpc-h, tpc-r, tpc-w? It actually has some strong entries in tcp-c (oltp) but that's about it. DB2 and Oracle are all over it most of the time - and not just oracle 10g, but 9i as well.
I do agree with you though - that sql server is about the easiest database to develop on. I still won't give it much credit here though - the fact that it *isn't as bad* as oracle, et al isn't much to celebrate.
And when it comes to supporting it in a production environment, that's when it really begins to stink.
Both functions fail to initialize the integer i before performing an operation on it :)
--
Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
mysql is the shitiest database around. Get off the mysql bandwagon you fucking morons. Why aren't any slashdorkers crying about how mysqlab is FUD'ing with the GPL?
I'm not sure I agree. If speed is important, and you know the pointer isn't NULL due to earlier checks which the scan tool can't see, you might not want to throw in extra checks. Of course, you'd need a clear way to document the perimeter of checked-ness.
If speed's not important, why not use Perl or Java or something? High level languages protect against this kind of mistake. Of course you may be using C simply to use libraries that are only available for C.
All your databases are belong to MySQL!
There are at least some things questionable on this study:
... it has grown to
a) MySQL is not a good example of Open-Source Development. It is a good example of
'Cathedral-style' development (with the cathedral having its windows opened, though).
b) Whether source has x or y bugs per line is not the most interesting thing when it comes to open-source.
How consistent in design and implementation some piece of software is may be more interesting - especially if bugs are not only
fixed by the original author (or just in case a moose stampede runs over the orignal author).
Anyone who made a look into MySQL source code
does not need to know more
yet another crufty piece of software over the years.
c) The question what is a bug and what is not is
'questionable' in any non-trivial software.
"Read for yourself" link is a goat!
Now it bold.
Slow down buddy, or you might get a cardiac infarct...
Well at least your family will enjoy a nice large cheque from Bill and Steve.
Style errors could be errors that work for a given platform at a given configuration. But would not work on another one.
Unitialized variables is often a mistake where you assume than an int, as an example, is zero if you dont init it. True on many compilers, but not on others. ISO C standard states you must initialize the variables.
Such an error might or might not raise an error or a warning by the compiler.
Standard compliance really hits you in the nose when you try to compile stuff written for a linux distro and you want to use it on FreeBSD.
lol, sort of funny given how often is used by php web apps that are crap, regularly featured on bugtraq. Can't blame MySQL for that though.
A few years ago, I looked around and found that there weren't very many good lint like tools for C++ code. What would people recommend now?
In particular, I'm thinking about a very large source base (the Linux kernel is usually built along with the rest of the system), written in C++, but with a lot of source files in XML or custom formats that are processed via various build time programs in a variety of languages (TCL, Perl, Java, Python).
Multiple executables are produced, and some very tricky custom systems are used for memory and thread management.
plus-good, double-plus-good
The modern C spec says that integer variables default to 0, but in the interests of portable code, explicit values are still better.
:) I think your point still came across ;)
I wouldn't worry about it, either
--
Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
And mySQL offers 1/6th of the functionality that commercial products offer.