Today is a few days short of my first anniversary of starting work at Coverity. It has been an extremely fun, educational and challenging year. I wanted a change, and I got one in a lot of ways. Working at a rapidly-growing, ten-year-old, 300-person company is very different than working at an industry behemoth like Microsoft. Working in a downtown Seattle skyscraper is a pleasant change from crossing the bridge to Redmond every day. I’ve spent the last six months doing a lot more strategy and planning than writing code, which I hope to rebalance back towards the coding side for the next six months.
But in a lot of ways things have been the same. I’m still working on analysis of C#. I’m still meeting with my old friends on the C# compiler team from time to time. (Hi guys!) I’m still shipping software to paying customers who are people like me: software developers who want tools that make their code better. Both DevDiv and Coverity have the property that their R&D employees are their target market, and that’s a really pleasant property to have.
And I’m still working with a great team of smart people, from whom I still have much to learn. When I arrived a year ago I had only the vaguest idea of how far along the c# analyzer was. I was relieved to learn that the whole thing was already working end to end when I arrived. There were many challenges in tuning the checkers, monitoring performance, and so on, that the whole team came together to solve.
I am therefore excited that today we announce the general availability of version 7.0 of Coverity’s analysis product. The C# analysis portion has been completely redesigned and rebuilt to use the same underlying analysis engine as the C, C++ and Java analyzers, and carefully tuned to avoid the false positive patterns that crop up in C#. A number of the checkers are specific to C#; all of them find real bugs in real programs. As I point out in this little video[1. I’m also excited that apparently the video production department has promoted me from Perfectly Ordinary Architect to Senior Architect! Not sure how that happened.] about Coverity vs FXCOP analysis: we hope they find those bugs that you’re glad you found before you shipped!
Today we’re also launching a redesigned web site, and we are moving the Coverity Development Testing Blog[1. Which is now using WordPress, same as ericlippert.com.] to blog.coverity.com. If you want to subscribe, the RSS feed is blog.coverity.com/feed.
Over the next few weeks I’ll post some blogs describing in more technical detail the sorts of bugs the C# checkers find, how they do it, and how you can avoid these bad patterns in your own code.