CSE 6329 Project Team 1 Aliasgar Kagalwala Aditya Mone Derek White Dengfeng (Thomas) Xia.

Slides:

Advertisements

Similar presentations

Extending Eclipse Kai-Uwe Mätzel IBM OTI Labs Zurich

Advertisements

CPSC 441 TUTORIAL – JANUARY 16, 2012 TA: MARYAM ELAHI INTRODUCTION TO C.

Teachable Static Analysis Workbench by Igor Konnov, Dmitry Kozlov.

Programming Paradigms and languages

Engineering Secure Software. The Power of Source Code  White box testing Testers have intimate knowledge of the specifications, design, Often done by.

MC697 Object-Oriented Programming Using Java. In this class, we will cover: How the class will be structured Difference between object-oriented programming.

Web Applications Development Using Coldbox Platform Eddie Johnston.

Lab#1 (14/3/1431h) Introduction To java programming cs425

Approach for Unit testing with the help of JUnit... Satish Mishra

28/1/2001 Seminar in Databases in the Internet Environment Introduction to J ava S erver P ages technology by Naomi Chen.

RubyPolish: Static Bug Detection in Ruby Programs John Locke Alex Mont.

Presented by IBM developer Works ibm.com/developerworks/ 2006 January – April © 2006 IBM Corporation. Making the most of Creating Eclipse plug-ins.

1 Plug-in Development Environment (PDE) Guide. 2 Introduction to PDE l What is PDE: »a tool designed to help you develop platform plug-ins while working.

JSP Architecture  JSP is a simple text file consisting of HTML or XML content along with JSP elements  JSP packages define the interface for the compiled.

Web Applications Basics. Introduction to Web Web features Clent/Server HTTP HyperText Markup Language URL addresses Web server - a computer program that.

Introduction to the JDK Java for Computational Finance

© 2006 by IBM 1 How to use Eclipse to Build Rich Internet Applications With PHP and AJAX Phil Berkland IBM Software Group Emerging.

Struts 2.0 an Overview ( )

Getting Started with Eclipse Sandeep Pasuparthy. What’s Eclipse? It is a free software / open source platform- independent software framework for delivering.

Jarhead Analysis and Detection of Malicious Java Applets Johannes Schlumberger, Christopher Kruegel, Giovanni Vigna University of California Annual Computer.

EclipseME Java Micro Edition The Eclipse Way Craig Setera April 19, 2006.

XFindBugs: eXtended FindBugs for AspectJ Haihao Shen, Sai Zhang, Jianjun Zhao, Jianhong Fang, Shiyuan Yao Software Theory and Practice Group (STAP) Shanghai.

M1G Introduction to Programming 2 4. Enhancing a class:Room.

1 Java Database Connection (JDBC) There are many industrial-strength DBMS's commercially available in the market. Oracle, DB2, and Sybase are just a few.

119th International Unicode ConferenceSan Jose, California, September 2001 An Overview of ICU Helena Shih Chapman Doug Felt

An intro to programming. The purpose of writing a program is to solve a problem or take advantage of an opportunity Consists of multiple steps:  Understanding.

Agenda Introduction to MDHT MDHT Capabilities MDHT support using Consolidated CDA 1.

Java: Chapter 1 Computer Systems Computer Programming II.

Introduction to Android. Android as a system, is a java based operating system that runs on the Linux kernel. The system is very lightweight and full.

StyleCop Breaking down the barriers to entry Gary Ewan Park Twitter: Blog:

 To explain the importance of software configuration management (CM)  To describe key CM activities namely CM planning, change management, version management.

© 2006 IBM Corporation IBM WebSphere Portlet Factory Architecture.

Tools for Diagrammatic Specifications Stian Skjerveggen Supervisors: Yngve Lamo, Adrian Rutle, Uwe Egbert Wolter.

Copyright © IBM Corp., All rights reserved. This presentation is licensed under Creative Commons Att. Nc Nd 2.5 license. OpenDocument Format.

The Basics of Javadoc Presented By: Wes Toland. Outline  Overview  Background  Environment  Features Javadoc Comment Format Javadoc Program HTML API.

Stanisław Osiński, 2002JSP – A technology for serving dynamic web content Java Server Pages™ A technology for serving dynamic web content Stanisław Osiński,

CS 11 java track: lecture 1 Administrivia need a CS cluster account cgi-bin/sysadmin/account_request.cgi need to know UNIX

Object Oriented Programming Examples: C++, Java Advantages: 1. reusibility of code 2. ability to adapt (extend) previously written code.

CS266 Software Reverse Engineering (SRE) Reversing and Patching Java Bytecode Teodoro (Ted) Cipresso,

Introduction to Eclipse CSC 216 Lecture 3 Ed Gehringer Using (with permission) slides developed by— Dwight Deugo Nesa Matic

Basics of Java IMPORTANT: Read Chap 1-6 of How to think like a… Lecture 3.

4-Nov-15 Air Force Institute of Technology Electrical and Computer Engineering Object-Oriented Programming Design Topic 1: The Java Environment Maj Joel.

15/06/2006 The Future of Visual DCT EPICS Collaboration 2006 Argonne National Laboratory

© 2006 DTP PMC; made available under the EPL v1.0 | July 12, 2006 | DTP Enablement Project Creation Review Creation Review: Eclipse Data Tools Platform.

© Copyright SELA software & Education Labs Ltd Baruch Hirsch St.Bnei Brak Israel

Object Oriented Programming Examples: C++, Java Advantages: 1. reusibility of code 2. ability to adapt (extend) previously written code.

Core Java Introduction Byju Veedu Ness Technologies httpdownload.oracle.com/javase/tutorial/getStarted/intro/definition.html.

Migrating Desktop Bartek Palak Bartek Palak Poznan Supercomputing and Networking Center The Graphical Framework.

Page 1 – Autumn 2009Steffen Vissing Andersen SDJ I1, Autumn 2009 Agenda: Java API Documentation Code Documenting (in javadoc format) Debugging.

© FPT SOFTWARE – TRAINING MATERIAL – Internal use 04e-BM/NS/HDCV/FSOFT v2/3 JSP Application Models.

STRUCTURE OF JSP PRESENTED BY: SIDDHARTHA SINGH ( ) SOMYA SHRIVASTAV ( ) SONAM JINDAL ( )

Software Metric Tools Joel Keyser, Jacob Napp, Carey Norslien, Stephen Owings, Tristan Paynter.

Chapter 11: Advanced Inheritance Concepts. Objectives Create and use abstract classes Use dynamic method binding Create arrays of subclass objects Use.

® IBM Software Group © 2006 IBM Corporation Rational Asset Manager v7.2 Using Scripting Tutorial for using command line and scripting using Ant Tasks Carlos.

© 2002 IBM Corporation Confidential | Date | Other Information, if necessary Eclipse™ TPTP 4.6 Release Review Minideck June 1, 2009 Eclipse TPTP PMC &

Copyright © 2010 Obeo, Made available under the Eclipse Public License v SCA Tools (Helios) Release Review Planned Review Date: June 11, 2010.

© Dr. A. Williams, Fall Present Software Quality Assurance – Clover Lab 1 Tutorial / lab 2: Code instrumentation Goals of this session: 1.Create.

© 2010 IBM Corporation RESTFul Service Modelling in Rational Software Architect April, 2011.

Lecture 5:Interfaces and Abstract Classes Michael Hsu CSULA.

Lecture 6:Interfaces and Abstract Classes Michael Hsu CSULA.

Findbugs Tin Bui-Huy September, Content What is bug? What is bug? What is Findbugs? What is Findbugs? How to use Findbugs? How to use Findbugs?

Lecture 5:Interfaces and Abstract Classes

Install Ruby If you are running on Mac OS X, Ruby is preinstalled.

Teneo Ganymede Simultaneous Release Graduation Review

SE goes software engineering; (practically) managing the Compose

White Box testing & Inspections

Review of Previous Lesson

MAPO: Mining and Recommending API Usage Patterns

Plug-In Architecture Pattern

Presentation transcript:

CSE 6329 Project Team 1 Aliasgar Kagalwala Aditya Mone Derek White Dengfeng (Thomas) Xia

FindBugs is a static analysis tool for Java used to find warnings about bugs by analyzing the byte code (execution of the code is not required) Searches for bug patterns Claims a false warning rate of less than 50% Free software released under the LGPL Bug detectors can be written using either BCEL or ASM A University of Maryland project that has received funding from Google, Sun Microsystems, NSF, Fortify Software, SureLogic and the IBM Eclipse Innovation award [1]

A tool like FindBugs, which is based on a collection of known patterns, is most useful with a complete set of accurate bug detectors at its disposal Our team must learn about how to extend FindBugs by using its extensible design to implement new bug detectors We searched FindBug's SourceForge project page, finding suggestions for new bug detectors from the user community Our goal is to study and implement some of them, hopefully contributing something back to the project Goal: Add more bug detectors

Report platform dependent environment (ID: ) Instance initializer notification (ID: ) Generating warnings for implicit sign extending byte values (ID: ) Throwing hashcodes vs Object.toString (ID: )

Example code snippets from feature requests: Feature: Reporting platform dependent environment. o System.getProperty("line.separator") o Calendar.getInstance() or new Date() o Any string operation that uses the default charset of the JVM Feature: Warning for sign-extending byte values. Given the code: byte b = (some val); int i = (int) b; // this will sign- extend // 'b'. Values like 0x81 // will turn into // 0xFFFFFF81.

The features proposed will generate following warning output:

Looking at source of existing bug detectors is the recommended way of learning how to write one [2] Often use one of the following techniques:  Inspection of class/method/field structure  Micropatterns  Stack-based patterns  Dataflow analysis  Inter-procedural analysis Source: FindBugs tutorials on Google Code [4]

Most bug detectors extend: o BytecodeScanningDetector - more flexible, can detect more general problems o BytecodePatternDetector - good choice when pattern can be expressed as a sequence of bytecode patterns (micropatterns) Provides default implementations for methods, or override select methods for new detectors State can be accumulated as bytecode is walked Once the detector is written, it is packaged in a FindBugs plug-in JAR format containing an XML file describing the detector Source: IBM developerWorks, "FindBugs Part 2: Writing custom detectors" [2]

[1] FindBugs, URL: [2] FindBugs Part 2: IBM developerWorks: Writing custom detectors, URL: [3] D. Hovemeyer, W.Pugh, "Finding Bugs is Easy", SIGPLAN Notices, December 2004 [4] FindBugs tutorials on Google Code: