On the Real-World Effectiveness of Static Bug Detectors at Finding Null Pointer Exceptions
Static bug detectors aim at helping developers to automatically find and prevent bugs. In this experience paper, we study the effectiveness of static bug detectors at identifying Null Pointer Dereferences or Null Pointer Exceptions (NPEs). NPEs pervade all programming domains from systems to web development. Specifically, our study measures the effectiveness of five Java static bug detectors: CheckerFramework, Eradicate , Infer , NullAway , and SpotBugs . We conduct our study on 102 real-world and reproducible NPEs from 42 open-source projects found in the BugSwarm and Defects4J datasets. We apply two known methods to determine whether a bug is found by a given tool, and introduce two new methods that leverage stack trace and code coverage information. Additionally, we provide a categorization of the tool’s capabilities and the bug characteristics to better understand the strengths and weaknesses of the tools. Overall, the tools under study only find 30 out of 102 bugs (29.4%), with the majority found by Eradicate . Based on our observations, we identify and discuss opportunities to make the tools more effective and useful.