Chapter 7. Static Analysis
If you are using a statically typed language (like Java or C#), you have at your disposal a powerful way to isolate and find categories of bugs that are very difficult to find with code reviews and other traditional means. Static analysis is a programmatic validation mechanism where tools look for known bug patterns in your code.
Static analysis tools fall into two broad categories: those that look at compiled artifacts (that is, class files or byte code) and those that analyze source files. I give examples of each in this chapter, and I use Java because it has a very rich set of free static analysis tools. However, this technique is not restricted to Java code; tools exist for all major statically typed languages.
Byte Code Analysis
Byte code analyzers look for known bug patterns in compiled code. This implies two things. First, some languages have been studied enough to find common bug patterns in the compiled byte code. Second, these tools can’t find arbitrary bugs—they find only bugs for which patterns have been defined. This doesn’t mean that these tools are weak. Some of the bugs they find are extraordinarily difficult to find using other means (that is, by spending many unproductive hours staring at a debugger).
One such tool is FindBugs, an open source project from the University of Maryland. FindBugs operates in several different modes: command line, ...