UFIA intro .pdf

File information


Original filename: UFIA-intro.pdf

This PDF 1.3 document has been generated by Apple Keynote 4.0.1 / Mac OS X 10.4.10 Quartz PDFContext, and has been sent on pdf-archive.com on 11/01/2016 at 11:23, from IP address 81.180.x.x. The current document download page has been viewed 737 times.
File size: 446 KB (53 pages).
Privacy: public file


Download original PDF file


UFIA-intro.pdf (PDF, 446 KB)


Share on social networks



Link to this file download page



Document preview


Using FindBugs in Anger


David Hovemeyer
York College

William Pugh
Univ. of Maryland



In Anger
• British slang
• in depth or comprehensively. Within the context of
using something 'in anger.'

• “No commander, I can't say for certain that our

missile guidance system is accurate until we have
used it in anger.”



http://www.urbandictionary.com/define.php?term=anger, definition 6
2

Static Analysis






Analyzes your program without executing it
Doesn’t depend on having good test cases



or even any test cases

Generally, doesn’t know what your software is supposed to do



Looks for violations of reasonable programming




Shouldn’t throw NPE
Shouldn’t allow SQL injection

Not a replacement for testing




Very good at finding problems on untested paths
4

But many defects can’t be found with static analysis
3

Common Wisdom about Bugs
and Static Analysis




Programmers are smart



So, bugs remaining in production code must be
subtle, and finding them must require sophisticated
static analysis techniques

Smart people don’t make dumb mistakes
We have good techniques (e.g., unit testing, pair
programming, code inspections) for finding bugs early



I tried lint and it sucked: lots of warnings, few real
issues
4

Can You Find The Bug?

5

Can You Find The Bug?
if (listeners == null)
listeners.remove(listener);

• JDK1.6.0, b105, sun.awt.x11.XMSelection
• lines 243-244
5

Why Do Bugs Occur?





Nobody is perfect
Common types of errors:




Misunderstood language features, API methods



Misunderstood class or method invariants

Typos (using wrong boolean operator, forgetting
parentheses or brackets, etc.)

Everyone makes syntax errors, but the compiler
catches them



What about bugs one step removed from a syntax
error?

Effectively Using Static
Analysis to Improve
Code Quality

No silver bullets
• Static analysis isn’t a silver bullet
• won’t ensure your code is correct or of high quality
• Other techniques are just as valuable, if not more so
• careful design
• testing
• code review
8


Related documents


ufia intro
cs280studyguideexam1chapters3 5
paper 1
paper
tequila jf048637f
gp 2014 1742 r1

Link to this page


Permanent link

Use the permanent link to the download page to share your document on Facebook, Twitter, LinkedIn, or directly with a contact by e-Mail, Messenger, Whatsapp, Line..

Short link

Use the short link to share your document on Twitter or by text message (SMS)

HTML Code

Copy the following HTML code to share your document on a Website or Blog

QR Code

QR Code link to PDF file UFIA-intro.pdf