Are you familiar with common mistakes such as checking equality of two Strings on Java using “==”? Or calling an instance method of a null object? They may look like obvious cases of bugs but many developers are unaware or unconsciously make these kind of codes.
Static code analysis tools, such as FindBugs inspects and analyzes Java bytecode and highlights possible coding errors, bad practice, correctness, malicious code vulnerability, multithreaded correctness, performance, security and dodgy codes without actually running the program.
FindBugs can be downloaded for free. To use FindBugs using the Swing interface, you can execute/run findbugs.sh (on Unix) or findbugs.bat (on Windows) from the bin folder.
1. When the application starts, click File – New Project.
2. On “Class archives and directories to analyze” click Add button, then choose the root folder that contains the compiled classes of your program.
3. On “Source directories”, click the Add button then choose the root folder of the source of your program.
4. Click Finish. FindBugs will scan and analyze all the classes of the program you specified.
After analyzing, FindBugs will show all the potential bugs detected grouped into different categories. When you select a particular bug, it will display the detailed description of the potential bug.