To help developers find and fix code defects during development, testing tool provider Coverity today announced Coverity Test Advisor, a change impact-analysis tool within the newly expanded Coverity Development Testing Platform.
Coverity Test Advisor alerts developers to high-risk changes in code that occur during software development. “Developers can use the tool while they code to get detailed insight into code quality and security defects, along with the specific insight they need on how to fix any defects or issues found,” said Jennifer Johnson, VP of marketing at Coverity.
Changed code automatically introduces risk, but there isn’t a standard “type” of high-risk change that Coverity Test Advisor identifies, according to Johnson. It all depends, she said, on what the organization deems as high risk. “A high-risk change might be code that is modified that directly or indirectly impacts critical functionality in a product,” Johnson explained. “If there was a defect introduced as a result of the change, it could cause a failure or breach.”
Also, most organizations think about the direct code change, she said, but indirectly the change might have impacted the legacy part of the application that now needs more attention. “For example, there might be legacy code that has been ‘in the wild,’ so to speak, for one or more releases; many may say that’s low-risk code since it’s already in the field,” she said. “But if that code is impacted by a change, it needs to be tested again in the context of the change and is, therefore, high risk.”
Coverity Test Advisor can identify traditionally untestable issues, which Johnson said is basically anything that can’t be identified through functional or performance testing in QA. “For example, there might be a defect that exists when you string together a sequence of events or functions in the code that is very difficult to test for or reproduce in QA,” she said. “We can test for the unpredictable corner cases that may only occur in certain circumstances such as race conditions, memory leaks, null pointer dereferences and control flow issues.”
Coverity Test Advisor joins Coverity Quality Advisor and Coverity Security Advisor in the Coverity Development Testing Platform. In addition to C, C++ and C#, the company announced that the expanded platform now supports Java.