Findbugs Tin Bui-Huy September, 2009. Content What is bug? What is bug? What is Findbugs? What is Findbugs? How to use Findbugs? How to use Findbugs?

Slides:

Advertisements

Similar presentations

Chapter 17 Failures and exceptions. This chapter discusses n Failure. n The meaning of system failure. n Causes of failure. n Handling failure. n Exception.

Advertisements

Chapter 5: The Singleton Pattern

50.003: Elements of Software Construction Week 6 Thread Safety and Synchronization.

Concurrency (p2) synchronized (this) { doLecture(part2); } synchronized (this) { doLecture(part2); }

CERTIFICATION OBJECTIVES Use Class Members Develop Wrapper Code & Autoboxing Code Determine the Effects of Passing Variables into Methods Recognize when.

Concurrency 101 Shared state. Part 1: General Concepts 2.

Feature requests for Case Manager By Spar Nord Bank A/S IBM Insight 2014 Spar Nord Bank A/S1.

/ PSWLAB Concurrent Bug Patterns and How to Test Them by Eitan Farchi, Yarden Nir, Shmuel Ur published in the proceedings of IPDPS’03 (PADTAD2003)

CS 11 java track: lecture 7 This week: Web tutorial:

Concurrency and Thread Yoshi. Two Ways to Create Thread Extending class Thread – Actually, we need to override the run method in class Thread Implementing.

Threading Part 3 CS221 – 4/24/09. Teacher Survey Fill out the survey in next week’s lab You will be asked to assess: – The Course – The Teacher – The.

Threading Part 2 CS221 – 4/22/09. Where We Left Off Simple Threads Program: – Start a worker thread from the Main thread – Worker thread prints messages.

George Blank University Lecturer. CS 602 Java and the Web Object Oriented Software Development Using Java Chapter 4.

Coding concerns, are they real? Fadi Wedyan, Dalal Alrmuny May 10 th, 2007.

Concurrency: Mutual Exclusion, Synchronization, Deadlock, and Starvation in Representative Operating Systems.

Synchronization in Java Nelson Padua-Perez Bill Pugh Department of Computer Science University of Maryland, College Park.

Synchronization in Java Fawzi Emad Chau-Wen Tseng Department of Computer Science University of Maryland, College Park.

Copyright © 2003 ProsoftTraining. All rights reserved. Sun Certified Java Programmer Exam Preparation Guide.

CSE 403 Lecture 11 Static Code Analysis Reading: IEEE Xplore, "Using Static Analysis to Find Bugs" slides created by Marty Stepp

1 Testing Concurrent Programs Why Test?  Eliminate bugs?  Software Engineering vs Computer Science perspectives What properties are we testing for? 

50.003: Elements of Software Construction Week 8 Composing Thread-safe Objects.

Threading and Concurrency Issues ● Creating Threads ● In Java ● Subclassing Thread ● Implementing Runnable ● Synchronization ● Immutable ● Synchronized.

07 Coding Conventions. 2 Demonstrate Developing Local Variables Describe Separating Public and Private Members during Declaration Explore Using System.exit.

1 Concurrent Languages – Part 1 COMP 640 Programming Languages.

JAVA: An Introduction to Problem Solving & Programming, 5 th Ed. By Walter Savitch and Frank Carrano. ISBN © 2008 Pearson Education, Inc., Upper.

Testing. 2 Overview Testing and debugging are important activities in software development. Techniques and tools are introduced. Material borrowed here.

Use of Coverity & Valgrind in Geant4 Gabriele Cosmo.

Semaphores, Locks and Monitors By Samah Ibrahim And Dena Missak.

1 Threads  Sequential Execution: Here statements are executed one after the other.They consider only a single thread of execution, where thread is an.

How not to do Java Concurrency And how to find if you did it wrong Mark Winterrowd

Optimistic Design 1. Guarded Methods Do something based on the fact that one or more objects have particular states  Make a set of purchases assuming.

Internet Software Development Controlling Threads Paul J Krause.

Producer-Consumer Problem The problem describes two processes, the producer and the consumer, who share a common, fixed-size buffer used as a queue.bufferqueue.

Synchronized and Monitors. synchronized is a Java keyword to denote a block of code which must be executed atomically (uninterrupted). It can be applied.

11/18/20151 Operating Systems Design (CS 423) Elsa L Gunter 2112 SC, UIUC Based on slides by Roy Campbell, Sam.

Sharing Objects  Synchronization  Atomicity  Specifying critical sections  Memory visibility  One thread’s modification seen by the other  Visibility.

BEGINNING PROGRAMMING.  Literally – giving instructions to a computer so that it does what you want  Practically – using a programming language (such.

Java Thread and Memory Model

SPL/2010 Synchronization 1. SPL/2010 Overview ● synchronization mechanisms in modern RTEs ● concurrency issues ● places where synchronization is needed.

COMPSCI 230 S2C 2015 Software Design and Construction Synchronization (cont.) Lecture 4 of Theme C.

Singleton Duchenchuk Volodymyr Oksana Protsyk. 2 /48.

SPL/2010 Guarded Methods and Waiting 1. SPL/2010 Reminder! ● Concurrency problem: asynchronous modifications to object states lead to failure of thread.

Exceptions Chapter 16 This chapter explains: What as exception is Why they are useful Java exception facilities.

Software and Threading Geza Kovacs Maslab Abstract Design: State Machines By using state machine diagrams, you can find flaws in your behavior without.

Debugging Threaded Applications By Andrew Binstock CMPS Parallel.

Lecture 6: Monitors & Semaphores. Monitor Contains data and procedures needed to allocate shared resources Accessible only within the monitor No way for.

SOEN 343 Software Design Section H Fall 2006 Dr Greg Butler

Threads and Singleton. Threads  The JVM allows multiple “threads of execution”  Essentially separate programs running concurrently in one memory space.

PROGRAMMING TESTING B MODULE 2: SOFTWARE SYSTEMS 22 NOVEMBER 2013.

Programming & Debugging. Key Programming Issues Modularity Modifiability Ease of Use Fail-safe programming Style Debugging.

Optimistic Design CDP 1. Guarded Methods Do something based on the fact that one or more objects have particular states Make a set of purchases assuming.

Specifying Multithreaded Java semantics for Program Verification Abhik Roychoudhury National University of Singapore (Joint work with Tulika Mitra)

Component-Based Software Engineering Understanding Thread Safety Paul Krause.

Defensive Programming. Good programming practices that protect you from your own programming mistakes, as well as those of others – Assertions – Parameter.

Software Design 13.1 From controller to threads l Threads are lightweight processes (what’s a process?)  Threads are part of a single program, share state.

Today Review passing by reference and pointers. null pointers. What is an Object? Winter 2016CMPE212 - Prof. McLeod1.

Findbugs Tin Bui-Huy September, Content What is bug? What is bug? What is Findbugs? What is Findbugs? How to use Findbugs? How to use Findbugs?

Code improvement: Coverity static analysis Valgrind dynamic analysis GABRIELE COSMO CERN, EP/SFT.

Content Coverity Static Analysis Use cases of Coverity Examples

Software Construction Lab 10 Unit Testing with JUnit

Introduction to Classes and Objects

Design Patterns – Chocolate Factory (from Head First Design Patterns)

Java Primer 1: Types, Classes and Operators

Testing and Debugging.

Condition Variables and Producer/Consumer

Condition Variables and Producer/Consumer

Producer-Consumer Problem

CS5123 Software Validation and Quality Assurance

Software Engineering and Architecture

SPL – PS3 C++ Classes.

Presentation transcript:

Findbugs Tin Bui-Huy September, 2009

Content What is bug? What is bug? What is Findbugs? What is Findbugs? How to use Findbugs? How to use Findbugs? Other static analysis tools for Java Other static analysis tools for Java

What is bug? An error or defect in software or hardware that causes a program to malfunction An error or defect in software or hardware that causes a program to malfunction

Bug fixing cost

What is Findbugs? Result of a research project at the University of Maryland Result of a research project at the University of Maryland Static analysis tool for Java Static analysis tool for Java

What is Findbugs? Not concerned by formatting or coding standards Not concerned by formatting or coding standards Concentrates on detecting potential bugs and performance issues Concentrates on detecting potential bugs and performance issues Can detect many types of common, hard-to-find bugs Can detect many types of common, hard-to-find bugs

How it works? Use “bug patterns” to detect potential bugs Use “bug patterns” to detect potential bugs Examples Examples Address address = client.getAddress(); if ((address != null) || (address.getPostCode() != null)) {... } public class ShoppingCart { private List items; public addItem(Item item) { items.add(item); } NullPointerException Uninitialized field

What Findbugs can do? FindBugs comes with over 200 rules divided into different categories: FindBugs comes with over 200 rules divided into different categories: Correctness Correctness E.g. infinite recursive loop, reads a field that is never written Bad practice Bad practice E.g. code that drops exceptions or fails to close file Performance Performance Multithreaded correctness Multithreaded correctness Dodgy Dodgy E.g. unused local variables or unchecked casts E.g. unused local variables or unchecked casts

How to use Findbugs ? Standalone Swing application Standalone Swing application Eclipse plug-in Eclipse plug-in Integrated into the build process (Ant or Maven) Integrated into the build process (Ant or Maven)

Steps to Run Findbugs Standalone Finbugs’ GUI brought up Finbugs’ GUI brought up Select File | New project Select File | New project

Steps to Run Findbugs Standalone Select byte code files and their source code Select byte code files and their source code [Point to jar files or class files] [Point to java files]

Steps to Run Findbugs Standalone FindBugs’ results FindBugs’ results

Selectively Suppressing Rules with FindBug Filters Select Edit | Preferences then move to Filter Select Edit | Preferences then move to Filter Add some filters that meet your expectation Add some filters that meet your expectation

1. 1. AT: Sequence of calls to concurrent abstraction may not be atomic DC: Possible double check of field DL: Synchronization on Boolean DL: Synchronization on boxed primitive DL: Synchronization on interned String DL: Synchronization on boxed primitive values Dm: Monitor wait() called on Condition Dm: A thread was created using the default empty run method ESync: Empty synchronized block IS: Inconsistent synchronization IS: Field not guarded against concurrent access JLM: Synchronization performed on Lock JLM: Synchronization performed on util.concurrent instance JLM: Using monitor style wait methods on util.concurrent abstraction LI: Incorrect lazy initialization of static field LI: Incorrect lazy initialization and update of static field ML: Synchronization on field in futile attempt to guard that field ML: Method synchronizes on an updated field MSF: Mutable servlet field MWN: Mismatched notify() MWN: Mismatched wait() NN: Naked notify NP: Synchronize and null check on the same field No: Using notify() rather than notifyAll() RS: Class's readObject() method is synchronized

RV: Return value of putIfAbsent ignored, value passed to putIfAbsent reused Ru: Invokes run on a thread (did you mean to start it instead?) SC: Constructor invokes Thread.start() SP: Method spins on field STCAL: Call to static Calendar STCAL: Call to static DateFormat STCAL: Static Calendar field STCAL: Static DateFormat SWL: Method calls Thread.sleep() with a lock held TLW: Wait with two locks held UG: Unsynchronized get method, synchronized set method UL: Method does not release lock on all paths UL: Method does not release lock on all exception paths UW: Unconditional wait VO: An increment to a volatile field isn't atomic VO: A volatile reference to an array doesn't treat the array elements as volatile WL: Synchronization on getClass rather than class literal WS: Class's writeObject() method is synchronized but nothing else is Wa: Condition.await() not in loop Wa: Wait not in loop