Hi there,

Some of you may have noticed that I've been raising seemingly random JIRAs related to incorrect code.

During regular project work I use FindBugs quite a bit, especially when I'm dropped into a job with an existing code base.

One of the ways of using FindBugs is by setting it up in Maven and getting it to run reports for you. I gather that this is what you guys have attempted in the past. The problem with this is that it generates reams of paper (so to speak), often containing more false positives than useful information.

As I'm an eclipse user, I've installed the FindBugs plugin. When you're working on a particular module it's pretty easy to run FindBugs across it and see what it has to say:

You can see that it's not exactly overwhelming and you can ignore the noise (there's a lot of it in some unit tests) and zero in on the suspect stuff quite easily. For example, there's many instances of NP_NULL_ON_SOME_PATH such as:

Possible null pointer dereference of AbstractOperationContext.activeStep in org.jboss.as.controller.AbstractOperationContext.addStep(OperationStepHandler, OperationContext$Stage, boolean)

ie. a value is tested for null, but is dereferenced later anyway.

If you decide to try it, grab the version from <http://findbugs.sourceforge.net/downloads.html> because the version in the Eclipse Marketplace seems to be broken.


Steve Coy
(Hopefully the image makes it through the mailing list)