Static Analysis for Software Defect Detection

I was watching a Google video on static analysis by William Pugh, author of FindBugs. In this video he talks about the common bug patterns and how Findbugs is useful. The common bugs are grouped into some patterns and Findbugs is developed so as to find all such bug patterns. While this tool is very helpful in the static analysis, but it could not be complete replacement for the manual code reviews as the developers may be creating a new kind of bugs each time which will not be identified by such tools.
The examples given by the speaker are trivial and should be identified during the manual code review process, else it just reflects the bad job done by the tester. While such tools are always helpful when we have large non-reviewed code. We can just run such tools on the code and find all the bugs, but this alone may leave many bugs undetected.

No comments:

Post a Comment