UMD's FindBugs Tool
Google has a tradition of engineering fixits , special days where they try to get all of their
engineers focused on some specific problem or technique for improving the systems at Google.
A fixit might work to improve web accessibility, internal testing, removing TODO's from internal
On May 13-14, Google held a global fixit for UMD's FindBugs tool  a static analysis tool for
finding coding mistakes in Java software. The focus of the fixit was to get feedback on the 4,000
highest confidence issues found by FindBugs at Google, and let Google engineers decide which
issues, if any, needed fixing.
More than 700 engineers ran FindBugs from dozens of offices. More than 250 of them entered
more than 8,000 reviews of the issues. A review is a classification of an issue as must-fix,
should-fix, mostly-harmless, not-a-bug, and several other categories. More than 75% of the
reviews classified issues as must fix, should fix or I will fix. Many of the scariest issues received
more than 10 reviews each.
Engineers have already submitted changes that made more than 1,100 of the 3,800 issues go
away. Engineers filed more than 1,700 bug reports, of which 600 have already been marked as
fixed. Work continues on addressing the issues raised by the fixit, and on supporting the
integration of FindBugs into the software development process at Google.
The fixit at Google showcased new capabilities of FindBugs that provide a cloud computing /