FindBugs是个相当有趣的小工具,可以分析出Java程序中常见的“坏代码”——这些代码可能是效率不彰(例如创建不必要的对象),也可能有安全性或稳定性方面的隐患(例如不恰当的同步、未关闭的文件句柄)。我用FindBugs检查了一下JUnit,发现了好几处小问题;而对J2SE 1.4.2 Runtime的检查更是发现问题一大堆。你自己的程序,是不是也该做做检查呢?
目前这个小玩意还只能检查.jar里的.class文件,不能不说是一点缺憾,使用起来也多少有点麻烦。你有没有兴趣给它做做加工完善呢?
——————————————
FindBugs is a program which looks for bugs in Java code. It can detect various coding "mistakes" including thread synchronization problems and misuse of API methods. It includes both Swing and command line interfaces.
The new version adds new bug detectors:
- Places where a null pointer might be dereferenced
- I/O streams that are opened, do not escape the method, and are not closed on all paths out of the method
- Methods that can return null instead of a zero-length array
- Using the == or != operators to compare String objects
Other changes in this version:
- Command line interface can save bugs as XML
- GUI can save bugs to and load bugs from XML
- An "Annotations" window in the GUI allows the user to add textual annotations to bug reports; these annotations are preserved when bugs are saved as XML
- In this release, the Japanese bug summary translations by Germano Leichsenring are really included (they were inadvertently omitted in the previous release)
- Completely rewrote the control flow graph builder, hopefully for the last time
- Simplified implementation of control flow graphs, which should reduce memory use and possibly improve performance
- Improvements to command line interface (list bug priorities, filter by priority, specify aux classpath, specify project to analyze)
- Various bug fixes and enhancements
Check out the open source FindBugs
