William W. Pugh
ABSTRACT
This will be a live demonstration of FindBugs, a static analysis bug finding tool, on the current development version of Eclipse 3.4. FindBugs reports issues such as null pointer dereferences, comparing incompatible types with equals, invalid method calls, infinite recursive loops, bad integer operations, and more. FindBugs reports more than 400 such issues in Eclipse 3.3.
During this demonstration, we'll give a quick overview of the FindBugs GUI andwalk through 10-20 bug warnings, categorize each warning as to whether or not fixing the issue is important, and enter comments about the bug. We'll be able to browse warnings by date of introduction, so we can see if the issues introduced in the past month are more or less serious than the issues that have been in the code base since Eclipse 3.3, 3.2 or earlier. Vocal audience participation is encouraged, and participants with laptops can follow along and enter their own categorization and comments either during the demonstration or afterwards. Audience members with commit privileges to the Eclipse project will get free FindBugs T-shirts.
We'll also briefly demonstrate how to set up FindBugs as part of a production development environment.
- N. Ayewah, W. Pugh, J. D. Morgenthaler, J. Penix, and Y. Zhou. Evaluating static analysis defect warnings on production software. In PASTE '07: Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering, pages 1--8, New York, NY, USA, 2007. ACM Press. Google Scholar
Digital Library
- D. Hovemeyer and W. Pugh. Finding Bugs is Easy. In Onward!, 19th ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications, Vancouver, BC, October 2004. Google ScholarDigital Library
Index Terms
- Finding bugs in eclipse
Recommendations
Finding bugs is easy
OOPSLA '04: Companion to the 19th annual ACM SIGPLAN conference on Object-oriented programming systems, languages, and applicationsMany techniques have been developed over the years to automatically find bugs in software. Often, these techniques rely on formal methods and sophisticated program analysis. While these techniques are valuable, they can be difficult to apply, and they ...
Finding more null pointer bugs, but not too many
PASTE '07: Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineeringIn the summer of 2006, the FindBugs project was challenged to improve the null pointer analysis in FindBugs so that we could find more null pointer bugs. In particular, we were challenged to try to do as well as a publicly available analysis by ...
Using checklists to review static analysis warnings
DEFECTS '09: Proceedings of the 2nd International Workshop on Defects in Large Software Systems: Held in conjunction with the ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2009)Static analysis tools find silly mistakes, confusing code, bad practices and property violations. But software developers and organizations may or may not care about all these warnings, depending on how they impact code behavior and other factors. In ...
Comments