Slashdot Mirror

← Back to Stories (view on slashdot.org)

Java Static Analysis And Custom Bug Detectors

Posted by ryuzaki0 on from the developerworks-ftl dept.

An anonymous reader writes "Java static analysis and custom bug detectors can be a very cost-effective way to improve software quality. By creating a detector for a known bug pattern, we can search for that bug pattern not only in the current code base for a specific project, but in any project, current or future. This article looks at how static analysis tools can change the way you manage software quality."

2 of 157 comments (clear)

  1. Why not use OCaml or Haskell? by Anonymous Coward · · Score: -1, Offtopic

    While there may be various reasons why one would rather go with Java, if fairly high-quality software is needed, OCaml and Haskell may be just the solution. This is especially so when formally-verified software would be excessively expensive.

    Even if static typing does limit flexibility somewhat, and does put more responsibility on the developer to ensure that their programs type correctly, doing so often leads directly to fewer problems. Plus you get the benefit of typing problems being discovered at compile time, rather than at runtime (where a user will see it, rather than a developer).

    Due to coming out of various branches of mathematics, the type systems of languages like Haskell and OCaml are far superior to that of Java. It's almost a case where it's pointless to bother with Java static analysis tools, when using a language with proper static typing takes care of all that immediately at compile-time.

  2. What a strange thing from IBM by roman_mir · · Score: 0, Offtopic

    One would think that out of all people, IBM staff would be familiar with the ATM or the Halting Problem. I think that the bugs that are really important to find, are those that are not feasible to find with automated tools, and the bugs that this article is talking about are the simples ones.

    Also wouldn't this 'static bug detection' be unnecessary if Java was a strong typed language? The idea of casting is of-course a powerful one, but it is this idea that is probably responsible for the most non-business related bugs in the code. This, and null pointers of-course (a strange name for an exception in a language that uses no pointers.)

    In any case, I would rather see people do something than nothing, so I guess bug detectors better than no bug detectors, but in reality I would rather have the developers write good unit-tests.

    --
    You can't handle the truth.