首页 发现 帮助
登录
ademant
/
gpsd
关注 1
点赞 0
派生 0
文件 工单管理 0 合并请求 0 Wiki
分支: pylib-fixes
分支列表 标签列表
gpsd
/
www
/
reliability.html

reliability.html 6.2 KB
永久链接 文件历史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159 
  1. <!DOCTYPE HTML>
    2. 

  2. <html lang="en">
    3. 

  3. <head lang="en">
    4. 

  4.    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
    5. 

  5.    <meta name="Author" content="Eric S. Raymond">
    6. 

  6.    <meta name="Description" content="gpsd is a utility that can listen to a GPS or AIS receiver and re-publish the positional data in a simpler format.">
    7. 

  7.    <meta name="Keywords" content="GPS, translator, GIS">
    8. 

  8.    <meta name="Revised" content="9 April 2015">
    9. 

  9.    <meta name="robots" content="index,follow">
    10. 

  10.    <!-- the following is a verification tag for Google Analytics -->
    11. 

  11.    <meta name="verify-v1" content="kb4f3qxJPMaOltYTpJHnvbnteza1PHO4EhrRIfcq2gk=">
    12. 

  12.    <title>GPSd &mdash; Put your GPS on the net!</title>
    13. 

  13.    <link rel="stylesheet" href="main.css" type="text/css">
    14. 

  14. </head>
    15. 

  15. <body>
    16. 

  16. 

  17. <div id="Header">
    18. 

  18. How We Engineer For High Reliability.
    19. 

  19. </div>
    20. 

  20. 

  21. <div id="Menu">
    22. 

  22.     <img src="gpsd-logo-small.png" alt="Small gpsd Logo" height="126"
    23. 

  23.     width="105"><br>
    24. 

  24.     Home<br>
    25. 

  25.     <div>
    26. 

  26.     <a href="#news">News</a><br>
    27. 

  27.     <a href="#downloads">Downloads</a><br>
    28. 

  28.     <a href="#mailing-lists">Mailing lists</a><br>
    29. 

  29.     <a href="#documentation">Documentation</a><br>
    30. 

  30.     <a href="faq.html">FAQ</a><br>
    31. 

  31.     <a href="xgps-sample.html">Screenshots</a><br>
    32. 

  32.     <a href="#recipes">Recipes</a><br>
    33. 

  33.     <a href="#others">Other GPSDs</a><br>
    34. 

  34.     <a href="hardware.html">Hardware</a><br>
    35. 

  35.     <a href="for-vendors.html">For GPS Vendors</a><br>
    36. 

  36.     <a href="wishlist.html">Wish List</a><br>
    37. 

  37.     <a href="hall-of-shame.html">Hall of Shame</a><br>
    38. 

  38.     <a href="troubleshooting.html">Troubleshooting Guide</a><br>
    39. 

  39.     <a href="hacking.html">Hacker's Guide</a><br>
    40. 

  40.     <a href="references.html">References</a><br>
    41. 

  41.     <a href="protocol-transition.html">Application Compatibility</a>
    42. 

  42.     <a href="history.html">History</a><br>
    43. 

  43.     <a href="future.html">Future</a><br>
    44. 

  44.     </div>
    45. 

  45. 

  46.     <div>&nbsp;</div>
    47. 

  47. 

  48.     <a href='http://www.catb.org/hacker-emblem/'><img
    49. 

  49.     src='glider.png' alt='hacker emblem' height="55" width="55"></a><br>
    50. 

  50. 

  51.     <script src="https://www.openhub.net/p/3944/widgets/project_thin_badge.js"></script>
    52. 

  52. 

  53.     <hr>
    54. 

  54.     <script><!--
    55. 

  55.     google_ad_client = "pub-1458586455084261";
    56. 

  56.     google_ad_width = 160;
    57. 

  57.     google_ad_height = 600;
    58. 

  58.     google_ad_format = "160x600_as";
    59. 

  59.     google_ad_type = "text";
    60. 

  60.     google_ad_channel = "";
    61. 

  61.     //--></script>
    62. 

  62.     <script src="https://pagead2.googlesyndication.com/pagead/show_ads.js">
    63. 

  63.     </script>
    64. 

  64.     <hr>
    65. 

  65. 

  66.     <a href="https://validator.w3.org/check/referer"><img
    67. 

  67.           src="https://www.w3.org/Icons/valid-html401"
    68. 

  68.           alt="Valid HTML 4.01!" height="31" width="88"></a>
    69. 

  69. </div>
    70. 

  70. 

  71. <div id="Content">
    72. 

  72. 

  73. <p>GPSD has an exceptionally low defect rate.  Our first <a
    74. 

  74. href='http://coverity.com'>Coverity</a> scan, in March 2007, turned up
    75. 

  75. only 2 errors in over 22KLOC; our second, in May 2012, turned up just
    76. 

  76. 13 errors in 72KLOC, all on rarely-used code paths.  Though the
    77. 

  77. software is very widely deployed on multiple platforms, we often go
    78. 

  78. for months between new tracker bugs.</p>
    79. 

  79. 

  80. <p>Here's how that's done:</p>
    81. 

  81. 

  82. <h2>We have an extensive suite of unit tests and regression tests</h2>
    83. 

  83. 

  84. <p>GPSD has around 100 unit tests and regression tests, including sample
    85. 

  85. device output for almost every sensor type we support. We've put a lot of
    86. 

  86. effort into making the tests easy and fast to run so they can be run
    87. 

  87. often. This makes it actively difficult for random code changes to
    88. 

  88. break our device drivers without somebody noticing.</p>
    89. 

  89. 

  90. <p>Which isn't to say those drivers can't be wrong, just that the ways
    91. 

  91. they can be wrong are constrained to be through either:</p>
    92. 

  92. 

  93. <ol>
    94. 

  94. <li> a protocol-spec-level misunderstanding of what the driver is
    95. 

  95. supposed to be doing, or </li>
    96. 

  96. <li> an implementation bug somewhere in the program's
    97. 

  97. state space that is obscure and difficult to reach.  </li>
    98. 

  98. </ol>
    99. 

  99. 

  100. <p>Our first Coverity run only turned up two driver bugs - static
    101. 

  101. buffer overruns in methods for changing the device's reporting
    102. 

  102. protocol and line speed that escaped notice because they can't be
    103. 

  103. checked in our test harnesses but only on a live device.</p>
    104. 

  104. 

  105. <p>This is also why Coverity didn't find defects on commonly-used code
    106. 

  106. paths. If there'd been any, the regression tests probably would have
    107. 

  107. smashed them out long ago. A great deal of boring, grubby, finicky
    108. 

  108. work went into getting our test framework in shape, but it has paid
    109. 

  109. off hugely.</p>
    110. 

  110. 

  111. <h2>We use every fault scanner we can lay our hands on.</h2>
    112. 

  112. 

  113. <p>We regulary apply Coverity, <a
    114. 

  114. href='http://sourceforge.net/apps/mediawiki/cppcheck/'>cppcheck</a>,
    115. 

  115. and <a
    116. 

  116. href="http://clang-analyzer.llvm.org/scan-build.html">scan-build</a>.
    117. 

  117. We've as yet been unable to eliminate all scan-build warnings, but we
    118. 

  118. require the code to audit clean under all the other tools on each
    119. 

  119. release. </p>
    120. 

  120. 

  121. <p>We used to use <a href='http://www.splint.org'>splint</a>, until
    122. 

  122. we found that we couldn't replicate the results of splint runs
    123. 

  123. reliably in different Linux distributions. Also, far and away the biggest
    124. 

  124. pain in the ass to use. You have to drop cryptic, cluttery magic
    125. 

  125. comments all over your source to pass hints to splint and suppress its
    126. 

  126. extremely voluminous and picky output. We have retired in favor of more
    127. 

  127. modern analyzers.</p>
    128. 

  128. 

  129. <p>cppcheck is much newer and much less prone to false
    130. 

  130. positives. Likewise scan-build. But here's what experience tells us:
    131. 

  131. each of these tools finds overlapping but different sets of
    132. 

  132. bugs. Coverity is, by reputation at least, capable enough that it
    133. 

  133. might dominate one or more of them - but why take chances? Best to use
    134. 

  134. all and constrain the population of undiscovered bugs into as
    135. 

  135. small a fraction of the state space as we can.</p>
    136. 

  136. 

  137. <p>We also use <a href='http://valgrind.org/'>valgrind</a> to check
    138. 

  138. for memory leaks, though this is not expected to turn up bugs (and
    139. 

  139. doesn't) due to our no-dynamic-allocation <a href="hacking.html#malloc">house
    140. 

  140. rule</a>.</p>
    141. 

  141. 

  142. <h2>We are methodical and merciless</h2>
    143. 

  143. 

  144. <p>Neither magic or genius is required to get defect densities as
    145. 

  145. low as GPSD's. It's more a matter of sheer bloody-minded persistence -
    146. 

  146. the willingness to do the up-front work required to apply and
    147. 

  147. discipline fault scanners, write test harnesses, and automate your
    148. 

  148. verification process so you can run a truly rigorous validation with
    149. 

  149. the push of a button.</p>
    150. 

  150. 

  151. <p>Many more projects could do this than do. And many more projects
    152. 

  152. should.</p>
    153. 

  153. 

  154. <hr>
    155. 

  155. <script src="datestamp.js"></script>
    156. 

  156. </div>
    157. 

  157. </body>
    158. 

  158. </html>
    159. 

  159.