- The tool has found 190 Null Pointer dereferences in JDK1.6! Surely, JDK has been in use longer than our software and surely, Java has more people in Quality than our team does and yet, there are 190 Null Pointer dereferences in the JDK code? That took me by surprise because the null pointer pieces of code are normally easy to identify and deal with.
- FindBugs found 236 Null Pointer dereferences in eclipse-3.2.
- FindBugs also found an infinite recursive loop in Google Widget Toolkit after it was made open source. This is interesting for two reasons – firstly, even programmers at Google make mistakes. And secondly, GWT isn’t a very large piece of software and an infinite recursive loop can be categorized as a ‘silly’ error. So, bugs can be introduced by anyone and can occur anywhere.
This got me interested and I decided to run the tool on the code I work with. It showed me a lot of bugs (over a hundred, actually). Even though some of them were either insignificant (unchecked cast, for example when I know the cast will work fine) or false positives, I found a lot of bugs in the code which I never knew existed. Exhibit AHere you will find an if-else condition which does the exact same thing in both the branchesExhibit B A comparison with null, which if true, will throw a null pointer exceptionExhibit C The tool is smart enough to find out that the value of ICON_LEFT_OFFSET is 0 and states that either way, the value assigned will be 0Exhibit DAnother common error where a null pointer exception could easily occur There were quite a few (about 15) null pointer dereferences and I even found 2 potential infinite recursive loops! And these are generic enough errors which could occur in any piece of code. I agree that some null pointer errors might never occur in the normal execution of the code as they are probably checked for at other places, but that is never an excuse to have lame code. The tool even shows up bad programming practices. In conclusion, even though this tool might not replace other good practices like Code Inspections, Four-eye reviews, etc. this is definitely a great developer companion which can help improve software a great deal. Give it a shot and trust me, you will be surprised.