[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [dsdp-tm-dev] FindBugs

Hi Martin,

Installing FindBugs in Eclipse is pretty straightforward - you can install it either from the update site [1] using the Update Manager or download the plug-in from the project downloads page. When installed you can scan the existing projects in the workspace by right-click on the project and selecting FindBugs from the context menu. When the scan is complete, the found problems can be browsed using the FindBugs perspective.
You can also specify FindBugs options for each project from the project's Properties page. There is support for filter files which can be used for excluding false positives. However, maintaining these filter files will require additional efforts from the committers. I guess for now we can run the tool once and fix what we believe are real bugs. For the long term we should decide whether or not to include FindBugs in our daily work on TM.


Cheers,
Rado

[1] http://findbugs.cs.umd.edu/eclipse

Oberhuber, Martin wrote:
Thanks for the pointer, Rado.

I can only agree. We are using FIndBugs successfully
On all our commercial plugins. For RSE, I have always
Wanted to introduce it, but wanted to reduce the number
Of normal Eclipse Javac warnings before doing so.

But now seems the right time. APIs are frozen, so we
Need to focus on the implementations and get our code
Bug free.

There is only one caveat though: Some of the FindBugs
Warnings are false positives. And if somebody has
Analyzed an issue and found that it was not an issue
After all, there must be some common way of excluding
That issue from the warnings in the future, to ensure
That not the next developer invests time in checking
The same issue again.

At Wind River, we have some proprietery means to have
Markup in the code that supports filtering out FindBugs warnings. Rado do you see any such feature
In the Open Source FindBugs tool?


Whoever has a few cycles should download Findbugs
And check their code. Finding the bugs early with
The tool saves LOTS of time compared to having A user report it, look at bugzilla, reproduce it
Etc... I fully recommend that we all go for it.
Installing the plugin is super simple, just
Drop it into your dropins folder.


Rado can you give more instructions how to set up
A project for running findbugs and how to activate
It?

http://findbugs.sourceforge.net/

Thanks,
--
Martin Oberhuber, Senior Member of Technical Staff, Wind River
Target Management Project Lead, DSDP PMC Member
http://www.eclipse.org/dsdp/tm


-----Original Message-----
From: dsdp-tm-dev-bounces@xxxxxxxxxxx [mailto:dsdp-tm-dev-bounces@xxxxxxxxxxx] On Behalf Of Radoslav Gerganov
Sent: Donnerstag, 24. April 2008 17:00
To: Target Management developer discussions
Subject: [dsdp-tm-dev] FindBugs


Hi folks,

I would like to draw your attention to a very useful tool for finding bugs in Java programs called
FindBugs[1]. It performs static analysis over Java byte code and search for bugs. There is also an
Eclipse plug-in which provides integration with the Eclipse platform and can be used for finding
bugs in Eclipse projects. You can take a look at [1] for more details about the tool.


So I gave it a try over some of the TM plug-ins and I got some interesting results. Here is a very
small excerpt of the results for org.eclipse.rse.core and org.eclipse.rse.ui:


org.eclipse.rse.core
-----
H B ES: Comparison of String parameter using == or != in
org.eclipse.rse.internal.core.model.SystemRegistry.updateHost(
IHost, IRSESystemType, String, String,
String, String, int)

H B ES: Comparison of String parameter using == or != in
org.eclipse.rse.internal.core.filters.SystemFilterPool.setOwni
ngParentName(String)

H B ES: Comparison of String parameter using == or != in
org.eclipse.rse.core.subsystems.RemoteServerLauncher.setServer
Script(String)

M C NP: Possible null pointer dereference of SystemFilterPoolManager.name in
org.eclipse.rse.internal.core.filters.SystemFilterPoolManager.
setName(String)



org.eclipse.rse.ui ----- H C EC: Call to equals() comparing unrelated class and interface in org.eclipse.rse.internal.ui.view.SystemViewFilterStringAdapter .doDelete(Shell, Object, IProgressMonitor)

H B HE: org.eclipse.rse.internal.ui.view.team.SystemTeamViewSubSystemC
onfigurationNode defines
equals and uses Object.hashCode()


M D BC: instanceof will always return true in
org.eclipse.rse.core.subsystems.SubSystemConfiguration.createS
erverLauncher(IConnectorService),
since all org.eclipse.rse.core.subsystems.RemoteServerLauncher are instances of
org.eclipse.rse.core.model.ILabeledObject


M D BC: instanceof will always return true in
org.eclipse.rse.internal.ui.view.SystemView.getSelection(Contr
ol), since all
org.eclipse.swt.widgets.TreeItem are instances of org.eclipse.swt.widgets.TreeItem


M B Eq: org.eclipse.rse.ui.open.SystemQuickOpenPageDescriptor defines compareTo(Object) and uses
Object.equals()


While some of the problems can be classified as "warnings" or "bad practice" there are also such
that are real bugs. I think it will be useful for everyone to check his stuff with this tool.


[1] http://findbugs.sourceforge.net/

Cheers,
Rado
_______________________________________________
dsdp-tm-dev mailing list
dsdp-tm-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/dsdp-tm-dev

_______________________________________________
dsdp-tm-dev mailing list
dsdp-tm-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/dsdp-tm-dev