This Article 
 Bibliographic References 
 Add to: 
Using Static Analysis to Find Bugs
Sept.-Oct. 2008 (vol. 25 no. 5)
pp. 22-29
Nathaniel Ayewah, University of Maryland, College Park
David Hovemeyer, York College of Pennsylvania
John Penix, Google
William Pugh, University of Maryland, College Park
Static analysis examines code in the absence of input data and without running the code. It can detect potential security violations (SQL injection), runtime errors (dereferencing a null pointer) and logical inconsistencies (a conditional test that can't possibly be true). Although a rich body of literature exists on algorithms and analytical frameworks used by such tools, reports describing experiences in industry are much harder to come by. The authors describe FindBugs, an open source static-analysis tool for Java, and experiences using it in production settings. FindBugs evaluates what kinds of defects can be effectively detected with relatively simple techniques and helps developers understand how to incorporate such tools into software development.

1. I.F. Darwin, Checking C Programs with Lint, O'Reilly, 1988.
2. S. Hallem, D. Park, and D. Engler, "Uprooting Software Defects at the Source," ACM Press Queue, vol. 1, no. 8, 2003, pp. 64–71.
3. B. Chess and J. West, Secure Programming with Static Analysis, 1st ed., Addison-Wesley Professional, 2007.
4. W.R. Bush, J.D. Pincus, and D.J. Sielaff, "A Static Analyzer for Finding Dynamic Programming Errors," Software Practice and Experience, vol. 30, no. 7, 2000, pp. 775–802.
5. D. Hovemeyer, J. Spacco, and W. Pugh, "Evaluating and Tuning a Static Analysis to Find Null Pointer Bugs," Proc. 6th ACM SIGPLAN-SIGSOFTWorkshop Program Analysis for Software Tools and Eng. (PASTE05), ACM Press, 2005, pp. 13–19.
6. J. Spacco, D. Hovemeyer, and W. Pugh, "Tracking Defect Warnings across Versions," Proc. 2006 Int'l Workshop Mining Software Repositories (MSR 06), ACM Press, 2006, pp. 133–136.
7. D. Hovemeyer and W. Pugh, "Finding More Null Pointer Bugs, but Not Too Many," Proc. 7th ACM SSIGPLAN-SIGSOFTWorkshop Program Analysis for Software Tools and Eng. (PASTE07), ACM Press, 2007, pp. 9–14.
8. Reasoning Inspection Service Defect Data Report for Tomcat, Version 4.1.24, tech. report, Reasoning, Inc., Jan. 2003.
9. T. Copeland, PMD Applied, Centennial Books, 2005.
10. B. Chelf, D. Engler, and S. Hallem, "How to Write System-Specific, Static Checkers in Metal," Proc. 2002 ACM SIGPLAN-SIGSOFTWorkshop Program Analysis for Software Tools and Eng. (PASTE02), ACM Press, 2002, pp. 51–60.
11. N. Ayewah et al., "Evaluating Static Analysis Defect Warnings on Production Software," Proc. 7th ACM SIGPLAN-SIGSOFTWorkshop Program Analysis for Software Tools and Eng. (PASTE07), ACM Press, 2007, pp. 1–8.
12. "Mondrian: Code Review on the Web," Dec. 2006, .
13. D. Hovemeyer and W. Pugh, "Status Report on JSR-305: Annotations for Software Defect Detection," Companion to the 22nd ACM SIGPLANConf. Object-Oriented Programming Systems and Applications, ACM Press, 2007, pp. 799–800.
14. JSR 305: Annotations for Software Defect Detection,

Index Terms:
static analysis, FindBugs, code quality, bug patterns, software defects, software quality
Nathaniel Ayewah, David Hovemeyer, J. David Morgenthaler, John Penix, William Pugh, "Using Static Analysis to Find Bugs," IEEE Software, vol. 25, no. 5, pp. 22-29, Sept.-Oct. 2008, doi:10.1109/MS.2008.130
Usage of this product signifies your acceptance of the Terms of Use.