OOPSLA '04 Companion to the 19th annual ACM SIGPLAN conference on Object-oriented programming systems, languages, and applications
Static analysis tools as early indicators of pre-release defect density
Proceedings of the 27th international conference on Software engineering
Tracking defect warnings across versions
Proceedings of the 2006 international workshop on Mining software repositories
Proceedings of the 11th annual SIGCSE conference on Innovation and technology in computer science education
Prioritizing Warning Categories by Analyzing Software History
MSR '07 Proceedings of the Fourth International Workshop on Mining Software Repositories
Which warnings should I fix first?
Proceedings of the the 6th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering
Understanding the value of program analysis tools
Companion to the 22nd ACM SIGPLAN conference on Object-oriented programming systems and applications companion
Predicting accurate and actionable static analysis warnings: an experimental approach
Proceedings of the 30th international conference on Software engineering
A metric for software readability
ISSTA '08 Proceedings of the 2008 international symposium on Software testing and analysis
A report on a survey and study of static analysis users
DEFECTS '08 Proceedings of the 2008 workshop on Defects in large software systems
Using Static Analysis to Find Bugs
IEEE Software
Statistics in a nutshell
Using checklists to review static analysis warnings
Proceedings of the 2nd International Workshop on Defects in Large Software Systems: Held in conjunction with the ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2009)
A few billion lines of code later: using static analysis to find bugs in the real world
Communications of the ACM
Null dereference analysis in practice
Proceedings of the 9th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
FITE: future integrated testing environment
Proceedings of the FSE/SDP workshop on Future of software engineering research
Residual investigation: predictive and precise bug detection
Proceedings of the 2012 International Symposium on Software Testing and Analysis
A study on improving static analysis tools: why are we not using them?
Proceedings of the 34th International Conference on Software Engineering
Using automatic static analysis to identify technical debt
Proceedings of the 34th International Conference on Software Engineering
Software development environments on the web: a research agenda
Proceedings of the ACM international symposium on New ideas, new paradigms, and reflections on programming and software
Why don't software developers use static analysis tools to find bugs?
Proceedings of the 2013 International Conference on Software Engineering
Proceedings of the 2013 International Conference on Software Engineering
Pathways to technology transfer and adoption: achievements and challenges (mini-tutorial)
Proceedings of the 2013 International Conference on Software Engineering
Scalable and incremental software bug detection
Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering
Hi-index | 0.00 |
In May 2009, Google conducted a company wide FindBugs "fixit". Hundreds of engineers reviewed thousands of FindBugs warnings, and fixed or filed reports against many of them. In this paper, we discuss the lessons learned from this exercise, and analyze the resulting dataset, which contains data about how warnings in each bug pattern were classified. Significantly, we observed that even though most issues were flagged for fixing, few appeared to be causing any serious problems in production. This suggests that most interesting software quality problems were eventually found and fixed without FindBugs, but FindBugs could have found these problems early, when they are cheap to remediate. We compared this observation to bug trends observed in code snapshots from student projects. The full dataset from the Google fixit, with confidential details encrypted, will be published along with this paper.