You are here

Add new comment

Error message

The spam filter installed on this site is currently unavailable. Per site policy, we are unable to accept new submissions until that problem is resolved. Please try resubmitting the form in a couple of minutes.

Do you trust FindBugs results?

Static analysis tools may find code smell. But sometimes some trivial smells are not detected. For instance when you compile with Java 6.0 or Eclipse 3.4, FindBugs v1.3.8 will not find anything suspicious in this method:

public String testStringBuilder( final String what, final int times ) {
  String result = "";
  for ( int i = 0; i < times; i++ )
    result += what;
  return result;

But the SBSC_USE_STRINGBUFFER_CONCATENATION (Method concatenates strings using + in a loop) should be detected. Why it doesn't work? FindBugs works on bytecode, take a look at decompiled bytecode generated by Java 6 or Eclipse:

String result = "";
for(int i = 0; i < times; i++)
    result = (new StringBuilder(String.valueOf(result))).append(what).toString();

return result;

Bytecode generated from Java 5 is different (peculiar, why they did not used StringBuilder(String s) when it was present in Java 5?), FindBugs recognizes the pattern:

String s1 = "";
for(int j = 0; j < i; j++)
    s1 = (new StringBuilder()).append(s1).append(s).toString();

return s1;

A bug was reported.

Plain text

  • No HTML tags allowed.
  • Lines and paragraphs break automatically.