Saturday, 22 May 2010

Final Year Project: The Result

This blog entry will demonstrate the system developed for the Enhancing FindBugs final year project. It is my hope that the functionality demonstrated here will be considered for inclusion in FindBugs. The extra features were found to consistently present all false positives in less inspections than the default FindBugs ordering. This was evaluated on three open-source codebases (Testability Explorer, Guava, FLL-SW) and a former academic project of mine. The full dissertation, which reports on the evaluation of the system, can be provided on request[1].

The following video gives a brief introduction into the working system.




The Feedback-Rank mode uses alert type, and the location of the source code, to determine how much bugs correlate. This is based on previous work[2][3] which found this an effective technique for prioritising alerts. A further strength of this implementation is that it breaks ties using the default FindBugs ordering. Thus, when no bugs have been inspected, they all tie, but are ordered by the alert priority originally decided by the FindBugs project.

Some points to note about the functionality shown here:
  • a bug being a false or true positive is determined by the FindBugs designation. This means there is no need for extra persistance mechanisms, and old projects with designated bugs can use the ranking modes.
  • it has been used on FindBugs projects with many bug reports (~9000) and the performance was never an issue.
  • bug inspections and designations can be completed efficiently, using only the keyboard.

I would very much like to contribute this work to FindBugs, hopefully the functionality will be compelling enough to interest those running the project.



[1] Note this is for an Honours degree, and contains a lot of material which may be irrelevant, e.g. discussions of the development methodology used.
[2] Kremenek, T., Ashcraft, K., Yang, J., and Engler, D. (2004). Correlation Exploitation in Error Ranking. In SIGSOFT ’04/FSE-12: Proceedings of the 12th ACM SIGSOFT twelfth international symposium on Foundations of software engineering, pages 83–93, New York, NY, USA. ACM.
[3] Heckman, S. S. (2007). Adaptively Ranking Alerts Generated From Automated Static Analysis. Crossroads, 14(1):1–11.