Community
Participate
Working Groups
Hi all, FindBugs is quickly becoming a very popular tool for detecting bugs (please see the web site at http://findbugs.sourceforge.net/). Though FindBugs could give sometimes 40% of "false alarms", it is usually very acurate and finds very real issues. I ran FindBugs against a recent post-1.2 version of AspectJ and found a lot serious potential bugs, including: -String comparison with "==" and "!= " -null pointer dereference (which leads to NullPointerException) -unclosed file streams in branches -dropped/ignored exceptions -"new Boolean()" instead of "Boolean.valueOf(...)" -use of "hashcode()" instead of "hashCode()" and many, many more potential problems ... While FindBugs is very easy to work with (it only needs the .jar files to do the bytecode analysis), the saved bug report is in XML format and quite useless. That is why I highly recommend that the AspectJ team downloads it and run it against AspectJ Thanks, Hristo
give it a go for 1.6.0 final
Although I am not the reporter of this "bug" this my my favorite one. Could you please be so kind and post some results? E.g. bugs reported by findbugs, really bugs etc. Thank you very much.
Hi Vincenz, The reason the target changed from 1.6.0 to --- is because I haven't had time to look at it at all and am afraid I won't get to it in the 1.6.0 timeframe...
Sorry, I read it the other way around. My fault. But it would really be nice to have some information on this topic, regardless when it will be done.
Finally I did some of this, running findBugs over components I was interested in (weaver/new bcel). Interesting findings indeed... a few places where we intended to override equals() and hashCode() but had spelt hashCode() wrong (yikes!) I also turned up the eclipse warnings for: unused code, unnecessary casts and unnecessary conditional checks. There were a slew of these all over the place and I've gotten rid of a lot of them. I also installed PMD, just so I could use the 'find duplicate code' option, and discovered a few places with duplication, including a case where someone had ignored the Abstract implementation of a pattern visitor interface and proceeded to write their own duplicate of what was in the abstract impl. Codebase is improving - i think it may even be weaving faster than before. Weaver is another 20k slimmer.