Findbugs如何使⽤?Findbugs的使⽤说明
Findbugs使⽤说明
jdk怎么使用1 ⽤途
FindBugs 是⼀个java bytecode静态分析⼯具,它可以帮助java⼯程师提⾼代码质量以及排除隐含的缺陷。
FindBugs检查类或者 JAR ⽂件,将字节码与⼀组缺陷模式进⾏对⽐以发现可能的问题。
有了静态分析⼯具,就可以在不实际运⾏程序的情况对软件进⾏分析。FindBugs不是通过分析类⽂件的形式或结构来确定程序的意图,⽽是通常使⽤ Visitor 模式进⾏分析(Visitor 模式的更多信息)。
2 安装
⽬前findbugs最新的版本是1.3.9,
2.1 Eclipse插件的安装
环境要求,Findbugs要求Eclipse 3.4 以上的版本,JRE/JDK 1.5.0以上的版本。
步骤,将edu.umd.cs.lipse_1.3.9.20090821.zip解压到Eclipse的 "plugins"⼦⽬录下,这样就可以在 <eclipse_install_dir>/plugins/edu.umd.cs.lipse_1.3.9.20090821/
下看到FindBugs logo图⽚findbugs.png。
启动Eclipse 然后选择 Help → About Eclipse Platform → Plug-in Details,你应该到 "FindBugs Plug-in"。
3 使⽤
启动
选中java⼯程,点击⿏标右键,选择名为“Find Bugs”的菜单,FindBugs开始运⾏,问题指⽰器将指向根据bug模式识别出来的潜在问题代码位置。
可选项定制
你还可以通过java⼯程的属性对话框来定制findbugs的运⾏⽅式,可选项包括:
控制"Run FindBugs Automatically" 开关的checkbox。选中时, FindBugs 将在每次修改java类后启动运⾏。
选择最⼩告警优先级和Bug类别。这些选项将选择哪些警告被显⽰。例如,如果你选择"Medium",只有Medium 和 High priority 警告将被显⽰。近似地,如果你未选中 "Style" checkbox,Style类的警告
信息将不会被显⽰。
选择探测器。这个列表允许你选择你想在⼯程中使⽤的探测器。
4 配套的Bug模式解释
为了有针对性的使⽤这个⼯具,减少bug的误报,提⾼使⽤效率,我们选择了10个左右的bug模式,下⾯就是对这10个模式的解释。
这些bug可能会引起程序的性能或逻辑问题.
需要说明的是,findbugs能检测的bug pattern远不仅于此,甚⾄可以定制⾃⼰的探测器,因此,这个⽂档会不断扩充,同时,也欢迎⼤家不断探索和分享使⽤实践.
4.1 ES_COMPARING_PARAMETER_STRING_WITH_EQ
ES: Comparison of String parameter using == or != (ES_COMPARING_PARAMETER_STRING_WITH_EQ)
This code compares a java.lang.String parameter for reference equality using the == or != operators. Requiring callers to pass only String constants or interned strings to a method is unnecessarily fragile, and rarely l 使⽤ == 或者 != 来⽐较字符串或interned字符串,不会获得显著的性能提升,同时并不可靠,请考虑使⽤equals()⽅法。
4.2 HE_EQUALS_NO_HASHCODE
HE: Class defines equals() but not hashCode() (HE_EQUALS_NO_HASHCODE)
This class overrides equals(Object), but does not override hashCode(). Therefore, the class may violate the invariant that equal objects must have equal hashcodes.
类定义了equals()⽅法但没有重写hashCode()⽅法,这样违背了相同对象必须具有相同的hashcodes的原则
4.3 IT_NO_SUCH_ELEMENT
It: Iterator next() method can't throw NoSuchElement exception (IT_NO_SUCH_ELEMENT)
This class implements the java.util.Iterator interface. However, its next() method is not capable of throwing java.util.NoSuchElementException. The next() method should be changed so it throws NoSuchElementEx 迭代器Iterator⽆法抛出NoSuchElement异常,类实现了java.util.Iterator接⼝,但是next()⽅法⽆法抛出java.util.NoSuchElementException异常,因此,next()⽅法应该做如此修改,当被调⽤时,如果没有
element返回,则抛出NoSuchElementException异常
4.4 J2EE_STORE_OF_NON_SERIALIZABLE_OBJECT_INTO_SESSION
J2EE: Store of non serializable object into HttpSession (J2EE_STORE_OF_NON_SERIALIZABLE_OBJECT_INTO_SESSION)
This code seems to be storing a non-serializable object into an HttpSession. If this session is passivated or migrated, an error will result.
将没有实现serializable的对象放到HttpSession中,当这个session被钝化和迁移时,将会产⽣错误,建议放到HttpSession中的对象都实现serializable接⼝。
4.5 ODR_OPEN_DATABASE_RESOURCE
ODR: Method may fail to close database resource (ODR_OPEN_DATABASE_RESOURCE)
The method creates a database resource (such as a database connection or row set), does not assign it to any fields, pass it to other methods, or return it, and does not appear to close the object on all paths out of th ⽅法可能未关闭数据库资源,未关闭数据库资源将会导致性能变差,还可能引起应⽤与服务器间的通讯问题。
4.6 OS_OPEN_STREAM
OS: Method may fail to close stream (OS_OPEN_STREAM)
The method creates an IO stream object, does not assign it to any fields, pass it to other methods th
at might close it, or return it, and does not appear to close the stream on all paths out of the method. This may resul ⽅法可能未关闭stream,⽅法产⽣了⼀个IO流,却未关闭,将会导致⽂件描绘符的泄漏,建议使⽤finally block来确保io stream被关闭。
4.7 DMI_CALLING_NEXT_FROM_HASNEXT
DMI: hasNext method invokes next (DMI_CALLING_NEXT_FROM_HASNEXT)
The hasNext() method invokes the next() method. This is almost certainly wrong, since the hasNext() method is not supposed to change the state of the iterator, and the next method is supposed to change the state o 4.8 IL_INFINITE_LOOP
IL: An apparent infinite loop (IL_INFINITE_LOOP)
This loop doesn't seem to have a way to terminate (other than by perhaps throwing an exception).
明显的⽆限循环.
4.9 IL_INFINITE_RECURSIVE_LOOP
IL: An apparent infinite recursive loop (IL_INFINITE_RECURSIVE_LOOP)
This method unconditionally invokes itself. This would seem to indicate an infinite recursive loop that will result in a stack overflow.
明显的⽆限迭代循环,将导致堆栈溢出.
4.10 WMI_WRONG_MAP_ITERATOR
WMI: Inefficient use of keySet iterator instead of entrySet iterator (WMI_WRONG_MAP_ITERATOR)
This method accesses the value of a Map entry, using a key that was retrieved from a keySet iterator. It is more efficient to use an iterator on the entrySet of the map, to avoid (key) lookup.
使⽤了keySet iterator和(key)来获取Map值,这种⽅式效率低,建议使⽤entrySet的iterator效率更⾼.
4.11 IM_BAD_CHECK_FOR_ODD
IM: Check for oddness that won't work for negative numbers (IM_BAD_CHECK_FOR_ODD)
The code uses x % 2 == 1 to check to see if a value is odd, but this won't work for negative numbers (e.g., (-5) % 2 == -
1). If this code is intending to check for oddness, consider using x & 1 == 1, or x % 2 != 0.
奇偶检测逻辑,未考虑负数情况.
版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。
发表评论