Sunday, June 21, 2009

Finding Bugs with FindBugs

FindBugs is a static analysis tool developed and maintained by the University of Maryland. The tool can find bugs in Java code, and present a listing of issues detected to developers. The project maintains a list of bug patterns they detect when performing an analysis of a code base here.  

As an experiment to begin learning about FindBugs, I ran the tool against a recent build of Apache Felix Karaf. In figure 1 you can see the listing of issues flagged.

Figure 1: FindBugs analysis screen.

Reviewing the flagged issues, not all of them are bugs but suggestions on performance or alternative implementation practice. The remainder of issues are actual problems, luckily many of these can often be remedied in a few minutes. One such issue was a minor file descriptor leak discovered in Karaf's Main class. Resolving the issue only required closing an IO stream after use. After modifying the code, and testing to ensure nothing accidentally broke, I re-ran FindBugs; the issue list was reduced by one :) Having made a small improvement to the code base I took the time to open a minor issue under Felix Karaf issue tracker and submitted a patch. 

Using tools such as FindBugs is only one part of the process of developing software, many issues will not be caught with out proper unit and system testing, and feed back from users in the field. As a second set of eyes to help catch programming omissions and in maintaining good coding practices I feel that the time spent with FindBugs is well worth the effort.

No comments: