Using Java Code Quality Tools to Identify Bugs

The Problem
The following code will return NPE, when the instance Integer field - integerFlag is null, but it's difficult to capture the error when review the code.
    public int method() {
        if (integerFlag == 0) { //or BoolanFlag == true
            return;
        }
        //...
    }

The fix is to change the == to: Objects.equals(integerFlag, 0)
-- Use Objects.equals to compare equals as it's null safe.
-- Use common util libraries such as CollectionUtils.isEmpty etc.

But how can we utilize code analysis tool to capture this kind of errors for us? 

In Java, we can integrate findbugs, pmd, Sonar in maven, then run mvn site:site site:stage, the developers have to scan changed code and fix reported problem if needed before send it out for review. 

This will make developers and reviewers life easier.

Tools to help detect bugs
Github link: https://github.com/jefferyyuan/code-quality-mvn

FindBugs
findbugs:gui, findbugs:gui, findbugs:check
Extensions
fb-contrib

PMD
pmd:pmd, pmd:cpd

mvn site:site site:stage
Integrate findbugs, pmd into mvn.

Facebook Infer
brew upgrade opam
brew update && brew upgrade opam
./build-infer.sh java
-- If it fails due to missing packages, uses opam install.
Infer on maven project
mvn clean &&  infer --debug -- mvn compile -o

too many open files on osx
sudo sysctl -w kern.maxfiles=20480
sudo sysctl -w kern.maxfilesperproc=22480
sudo ulimit -S -n 2048

Google Error Prone
https://github.com/google/error-prone/issues/376

Sonar
Code Analysis with SonarQube Plugin
Install and run Sonar server
mvn clean verify sonar:sonar
mvn verify -Pcoverage,jenkins -Dsonar.host.url=http://localhost:9000 sonar:sonar

Install plugins
http://localhost:9000/updatecenter/installed
https://wiki.jenkins-ci.org/display/JENKINS/Static+Code+Analysis+Plug-ins

Checker Framework
Run Maven example first.
Install checker eclipse plugin.
Use annotation in comments
/*>>>
import org.checkerframework.checker.nullness.qual.*;
import org.checkerframework.checker.regex.qual.*;
*/

Configure Eclipse Compiler Warnings
Enable null analysis, unbox conversion, missing default in switch etc
Leveraging JSR-305 null annotations to prevent NullPointerExceptions
Use @CheckForNull, @Nonnulls

Misc && Issues
Use -X to print more log and check the log

maven-compiler-plugin Unsupported major.minor version 52.0
Some plugins may only work with jdk8 or jdk7, use export to change JAVA_HOME to JDK8/7 and rerun.


Post a Comment

Labels

Java (159) Lucene-Solr (110) All (58) Interview (58) J2SE (53) Algorithm (41) Soft Skills (36) Eclipse (34) Code Example (31) Linux (25) JavaScript (23) Spring (22) Windows (22) Web Development (20) Nutch2 (18) Tools (18) Bugs (17) Debug (15) Defects (14) Text Mining (14) J2EE (13) Network (13) PowerShell (11) Chrome (9) Design (9) How to (9) Learning code (9) Performance (9) UIMA (9) html (9) Continuous Integration (8) Dynamic Languages (8) Http Client (8) Maven (8) Security (8) Trouble Shooting (8) bat (8) blogger (8) Big Data (7) Google (7) Guava (7) JSON (7) Problem Solving (7) ANT (6) Coding Skills (6) Database (6) Scala (6) Shell (6) css (6) Algorithm Series (5) Cache (5) IDE (5) Lesson Learned (5) Programmer Skills (5) System Design (5) Tips (5) adsense (5) xml (5) AIX (4) Code Quality (4) GAE (4) Git (4) Good Programming Practices (4) Jackson (4) Memory Usage (4) Miscs (4) OpenNLP (4) Project Managment (4) Python (4) Spark (4) Testing (4) ads (4) regular-expression (4) Android (3) Apache Spark (3) Become a Better You (3) Concurrency (3) Eclipse RCP (3) English (3) Happy Hacking (3) IBM (3) J2SE Knowledge Series (3) JAX-RS (3) Jetty (3) Restful Web Service (3) Script (3) regex (3) seo (3) .Net (2) Android Studio (2) Apache (2) Apache Procrun (2) Architecture (2) Batch (2) Bit Operation (2) Build (2) Building Scalable Web Sites (2) C# (2) C/C++ (2) CSV (2) Career (2) Cassandra (2) Distributed (2) Fiddler (2) Firefox (2) Google Drive (2) Gson (2) Html Parser (2) Http (2) Image Tools (2) JQuery (2) Jersey (2) LDAP (2) Life (2) Logging (2) Software Issues (2) Storage (2) Text Search (2) xml parser (2) AOP (1) Application Design (1) AspectJ (1) Chrome DevTools (1) Cloud (1) Codility (1) Data Mining (1) Data Structure (1) ExceptionUtils (1) Exif (1) Feature Request (1) FindBugs (1) Greasemonkey (1) HTML5 (1) Httpd (1) I18N (1) IBM Java Thread Dump Analyzer (1) JDK Source Code (1) JDK8 (1) JMX (1) Lazy Developer (1) Mac (1) Machine Learning (1) Mobile (1) My Plan for 2010 (1) Netbeans (1) Notes (1) Operating System (1) Perl (1) Problems (1) Product Architecture (1) Programming Life (1) Quality (1) Redhat (1) Redis (1) Review (1) RxJava (1) Solutions logs (1) Team Management (1) Thread Dump Analyzer (1) Troubleshooting (1) Visualization (1) boilerpipe (1) htm (1) ongoing (1) procrun (1) rss (1)

Popular Posts