"This week, Coverity announced the initial results of its code scans, churning out numbers for 32 open source projects. The numbers themselves are interesting. Using a 3.2-Ghz Linux box, the Coverity tool ran through 17.5 million lines of code in 27 hours. In that time, it found the average defect rate to be .434 defects per 1,000 lines of code for the projects, which included Linux, Apache, Firefox, FreeBSD, and X.
"Somewhat tellingly, the average defect density of just the LAMP (Linux, Apache, MySQL, and Perl/PHP) stack was .290. 'Somewhat' because Coverity CTO and co-founder Ben Chelf suggested this might indicate that the 'more popular projects were seeing less defects.' Chelf stopped just short of making an official statistical pronouncement, however.
"We, having no PR concerns, will venture to say that the numbers do seem to support that trend..."
