FindbugsFindbugs

Tin Bui-HuyTin Bui-Huy

September, 2009September, 2009

ContentContent

What is bug?What is bug? What is Findbugs?What is Findbugs? How to use Findbugs?How to use Findbugs? Other static analysis tools for JavaOther static analysis tools for Java

What is bug?What is bug?

An error or defect in software or An error or defect in software or hardware that causes a program to hardware that causes a program to malfunctionmalfunction

Bug fixing costBug fixing cost

What is Findbugs?What is Findbugs?

Result of a research project at the Result of a research project at the University of Maryland University of Maryland

Static analysisStatic analysis tool for Java tool for Java

What is Findbugs?What is Findbugs?

Not concerned by formatting or Not concerned by formatting or coding standards coding standards

Concentrates on detecting potential Concentrates on detecting potential bugs and performance issuesbugs and performance issues

Can detect many types of common, Can detect many types of common, hard-to-find bugs hard-to-find bugs

How it works?How it works?

Use “bug patterns” to detect Use “bug patterns” to detect potential bugspotential bugs

ExamplesExamplesAddress address = client.getAddress(); if ((address != null) || (address.getPostCode() != null)) { ... }

public class ShoppingCart { private List items; public addItem(Item item) { items.add(item); } }

NullPointerException

Uninitialized field

What Findbugs can do?What Findbugs can do? FindBugs comes with over 200 rules FindBugs comes with over 200 rules

divided into different categories:divided into different categories: CorrectnessCorrectness

E.g. infinite recursive loop, reads a field that is E.g. infinite recursive loop, reads a field that is never writtennever written

Bad practiceBad practiceE.g. code that drops exceptions or fails to close fileE.g. code that drops exceptions or fails to close file

PerformancePerformance Multithreaded correctnessMultithreaded correctness DodgyDodgy

E.g. unused local variables or unchecked casts E.g. unused local variables or unchecked casts

How to use FindbugsHow to use Findbugs??

Standalone Swing applicationStandalone Swing application Eclipse plug-inEclipse plug-in Integrated into the build process Integrated into the build process

(Ant or Maven)(Ant or Maven)

Steps to Run Findbugs Steps to Run Findbugs StandaloneStandalone

Finbugs’ GUI Finbugs’ GUI brought upbrought up

Select File | Select File | New projectNew project

Steps to Run Findbugs Steps to Run Findbugs StandaloneStandalone

Select byte Select byte code files code files and their and their source source codecode

[Point to jar files or class files]

[Point to java files]

Steps to Run Findbugs Steps to Run Findbugs StandaloneStandalone

FindBugs’ resultsFindBugs’ results

Selectively Suppressing Selectively Suppressing Rules with FindBug Filters Rules with FindBug Filters

Select Edit | Preferences then move Select Edit | Preferences then move to Filterto Filter

Add some filters that meet your Add some filters that meet your expectationexpectation

1. AT: Sequence of calls to concurrent abstraction may not be atomic2. DC: Possible double check of field3. DL: Synchronization on Boolean4. DL: Synchronization on boxed primitive5. DL: Synchronization on interned String 6. DL: Synchronization on boxed primitive values7. Dm: Monitor wait() called on Condition8. Dm: A thread was created using the default empty run method9. ESync: Empty synchronized block10. IS: Inconsistent synchronization11. IS: Field not guarded against concurrent access12. JLM: Synchronization performed on Lock13. JLM: Synchronization performed on util.concurrent instance14. JLM: Using monitor style wait methods on util.concurrent abstraction15. LI: Incorrect lazy initialization of static field16. LI: Incorrect lazy initialization and update of static field17. ML: Synchronization on field in futile attempt to guard that field18. ML: Method synchronizes on an updated field19. MSF: Mutable servlet field20. MWN: Mismatched notify()21. MWN: Mismatched wait()22. NN: Naked notify23. NP: Synchronize and null check on the same field.24. No: Using notify() rather than notifyAll()25. RS: Class's readObject() method is synchronized

26. RV: Return value of putIfAbsent ignored, value passed to putIfAbsent reused27. Ru: Invokes run on a thread (did you mean to start it instead?)28. SC: Constructor invokes Thread.start()29. SP: Method spins on field30. STCAL: Call to static Calendar31. STCAL: Call to static DateFormat32. STCAL: Static Calendar field33. STCAL: Static DateFormat34. SWL: Method calls Thread.sleep() with a lock held35. TLW: Wait with two locks held36. UG: Unsynchronized get method, synchronized set method37. UL: Method does not release lock on all paths38. UL: Method does not release lock on all exception paths39. UW: Unconditional wait40. VO: An increment to a volatile field isn't atomic41. VO: A volatile reference to an array doesn't treat the array elements as volatile42. WL: Synchronization on getClass rather than class literal43. WS: Class's writeObject() method is synchronized but nothing else is44. Wa: Condition.await() not in loop 45. Wa: Wait not in loop