EVERYTHING ABOUT STATIC CODE ANALYSIS FOR A JAVA PROGRAMMER
225 views
34 slides
Jun 26, 2019
Slide 1 of 34
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
About This Presentation
Theory
Code quality (bugs, vulnerabilities)
Methodologies of code protection against defects
Code Review
Static analysis and everything related to it
Tools
Existing tools of static analysis
SonarQube
PVS-Studio for Java what is it?
Several detected examples of code with defects
More about sta...
Slide Content
EVERYTHING ABOUT STATIC CODE ANALYSIS FOR A JAVA PROGRAMMER Maxim Stefanov PVS-Studio , C++ / Java developer, Tula 1
About the speaker Maxim Stefanov ( [email protected] ) C++/Java developer in the PVS-Studio company Activities : Taking part in developing the C++ analyser core Taking part in developing the Java analyzer 2
We’re going to talk about ... Theory Code quality ( bugs , vulnerabilities ) Methodologies of code protection against defects Code Review Static analysis and everything related to it Tools Existing tools of static analysis SonarQube PVS-Studio for Java what is it ? Several detected examples of code with defects More about static analysis Conclusions 3
Why we need to concern about code quality Don’t let technical debt accrue, if a project is green Don’t lose users, if a project already has a history 4
Cost of fixing a defect From the book by C. McConnell " Code Complete " 5
Methods to provide the code of high quality 6
Static code analysis Pros Cons Detect s defects before co de reviewing You cannot detect high level errors The analyser doesn’t get tired and is ready to work anytime False positives You can find some errors not knowing about such patterns You can detect errors that are difficult to notice when reviewing code 7
Technologies used in static analysis P attern-based analysis Type inference D ata-flow analysis Symbolic execution Method annotations 8
P attern-based analysis @ Override public boolean equals ( Object obj ) { .... return index.equals ( other.index ) && type.equals ( other.type ) && version == other.version && found == other.found && tookInMillis == tookInMillis && Objects. equals ( terms , other.terms ); } 9
T ype inference interface Human { ... } class Parent implements Human { ... } class Child extends Parent { ... } ... class Animal { ... } ... boolean someMethod ( List < Child > list , Animal animal ) { if ( list.remove ( animal ) ) return false ; ... } 10
Method annotations Class ( " java.lang.Math " ) - Function ( " max " , Type ::Int32, Type ::Int32) . Pure () . Set ( FunctionClassification :: NoDiscard ) . Requires ( NotEquals (Arg1, Arg2)) . Returns (Arg1, Arg2, []( const Int &v1, const Int &v2) { return v1.Max(v2); } ) 11
M ethod annotations int test ( int a, int b) { Math. max (a, b ); //1 if (a > 5 && b < 2 ) { // a = [6..INT_MAX] // b = [INT_MIN..1] if ( Math. max (a, b) > ) //2 { ...} } return Math. max (a, a); //3 } 12
D ata-flow analysis void func ( int x) // x: [-2147483648..2147483647] //1 { if (x > 3 ) { // x: [4..2147483647] //2 if (x < 10 ) { // x: [4..9] //3 } } else { // x: [-2147483648..3] //4 } } 13
S ymbolic execution int someMethod ( int A, int B) { if (A == B) return 10 / (A - B) ; return 1 ; } 14
Existing tools 15
SonarQube: who, what and why Platform with open source code for continuous analysis and estimating the code quality Contains a number of analyzers for various languages Allows to integrate third-party analyzers Clearly demonstrates quality of your project 16
SonarQube: data representation 17
SonarQube : data representation 18
SonarQube : data representation 19
SonarQube : data representation 20
Story of creating PVS-Studio for Java Java is a popular language Wide implementation area of the language We could use mechanisms from the C++ analyzer ( data-flow analysis , method annotations ) 21
Analyzer internals 22
Spoon for getting a syntax tree and semantic model Spoon transforms the code in the metamodel : class TestClass { void test ( int a, int b) { int x = (a + b) * 4 ; System. out .println (x); } } 23 Analyzer internals
Data-flow analysis , method annotations - usage of mechanisms from the C++ analyzer using SWIG 24 Analyzer internals
Diagnostic rule is a visitor with overloaded methods. Inside the methods the items that are of interest for us are traversed along the tree. 25 Analyzer internals
Several examples of errors, found using PVS-Studio 26
Integer division private static boolean checkSentenceCapitalization ( @ NotNull String value ) { List < String > words = StringUtil.split ( value , " " ); .... int capitalized = 1 ; .... return capitalized / words.size () < 0.2 ; // allow reasonable amount of // capitalized words } V6011 [CWE-682] The '0.2' literal of the 'double' type is compared to a value of the ' int ' type. TitleCapitalizationInspection.java 169 IntelliJ IDEA 27
Always false PVS-Studio: V6007 [CWE-570] Expression '"0".equals(text)' is always false. ConvertIntegerToDecimalPredicate.java 46 IntelliJ IDEA public boolean satisfiedBy ( @ NotNull PsiElement element) { .... @ NonNls final String text = expression.getText (). replaceAll ( "_" , "" ); if (text == null || text.length () < 2 ) { return false ; } if ( "0" .equals(text) || "0L" .equals(text) || "0l" .equals(text)) { return false ; } return text.charAt ( ) == '0' ; } 28
Unexpected number of iterations public static String getXMLType (@ WillNotClose InputStream in ) throws IOException { .... String s; int count = 0 ; while ( count < 4 ) { s = r.readLine (); if (s == null ) { break ; } Matcher m = tag.matcher (s); if ( m.find ()) { return m.group ( 1 ); } } .... } 29 SpotBugs V6007 [CWE-571] Expression 'count < 4' is always true. Util.java 394
We can’t go on without Copy-Paste public class RuleDto { .... private final RuleDefinitionDto definition ; private final RuleMetadataDto metadata ; .... private void setUpdatedAtFromDefinition ( @ Nullable Long updatedAt ) { if ( updatedAt != null && updatedAt > definition .getUpdatedAt ()) { setUpdatedAt ( updatedAt ); } } private void setUpdatedAtFromMetadata ( @ Nullable Long updatedAt ) { if ( updatedAt != null && updatedAt > definition .getUpdatedAt ()) { setUpdatedAt ( updatedAt ); } } .... } 30 SonarQube V6032 It is odd that the body of method ' setUpdatedAtFromDefinition ' is fully equivalent to the body of another method ' setUpdatedAtFromMetadata '. Check lines: 396, 405. RuleDto.java 396
Duplicates V6033 [CWE-462] An item with the same key ' JavaPunctuator.PLUSEQU ' has already been added. Check lines: 104, 100. KindMaps.java 104 SonarJava private final Map < JavaPunctuator , Tree.Kind > assignmentOperators = Maps.newEnumMap ( JavaPunctuator. class ); public KindMaps () { .... assignmentOperators .put ( JavaPunctuator. PLUSEQU , Tree.Kind. PLUS_ASSIGNMENT ); .... assignmentOperators .put ( JavaPunctuator. PLUSEQU , Tree.Kind. PLUS_ASSIGNMENT ); .... } 31
How to integrate static analysis in the process of software development Each developer has a static analysis tool on his machine Analysis of the entire code base during the night builds. When suspicious code is found - all guilty ones get mails. 32
How to start using static analysis tools on large projects and not to lose heart Check the project Specify that all issued warnings are not interesting for us yet. Place the warnings in a special suppression file Upload the file with markup in the version control system Run the analyser and get warnings only for the newly written or modified code PROFIT! 33
Conclusions Static analysis – additional methodology, not a « silver bullet » Static analysis has to be used regularly You can immediately start using the analysis and postpone fixing of old errors Competition is a key to progress 34
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 225
- Slides 34
- Favorites 1
- Age 2351 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
32 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
33 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
31 views
14
Fertility awareness methods for women in the society
Isaiah47
30 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
27 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
29 views