A comparison of bug finding tools for Java

Author

Rutar, Nick ; Almazan, Christian B. ; Foster, Jeffrey S.

Author_Institution

Maryland Univ., College Park, MD, USA

fYear

2004

fDate

2-5 Nov. 2004

Firstpage

245

Lastpage

256

Abstract

Bugs in software are costly and difficult to find and fix. In recent years, many tools and techniques have been developed for automatically finding bugs by analyzing source code or intermediate code statically (at compile time). Different tools and techniques have different tradeoffs, but the practical impact of these tradeoffs is not well understood. In this paper, we apply five bug finding tools, specifically Bandera, ESC/Java 2, FindBugs, JLint, and PMD, to a variety of Java programs. By using a variety of tools, we are able to cross-check their bug reports and warnings. Our experimental results show that none of the tools strictly subsumes another, and indeed the tools often find nonoverlapping bugs. We discuss the techniques each of the tools is based on, and we suggest how particular techniques affect the output of the tools. Finally, we propose a meta-tool that combines the output of the tools together, looking for particular lines of code, methods, and classes that many tools warn about.

Keywords

Java; program compilers; program debugging; software tools; Bandera; ESC; FindBug; JLint; Java; PMD; bug finding tool; source code; Computer bugs; Data analysis; Educational institutions; Java; Pattern analysis; Pattern matching; Radio access networks; Reliability engineering; Software debugging; Software reliability;

fLanguage

English

Publisher

ieee

Conference_Titel

Software Reliability Engineering, 2004. ISSRE 2004. 15th International Symposium on

ISSN

1071-9458

Print_ISBN

0-7695-2215-7

Type

conf

DOI

10.1109/ISSRE.2004.1

Filename

1383122