Subscribe via E-mail

Your email:

New eBook

Service VirtualizationBoost Productivity & Reduce Cost

SV tiny

Download Parasoft's Service Virtualization eBook—Learn how to rapidly access any environment needed to develop, test, or validate an application

Posts by category

Latest Posts

Follow Me

ALM Best Practices

Current Articles | RSS Feed RSS Feed

Static Code Analysis Rule Set Optimization Can Uncover More Defects

Posted on Thu, Dec 16, 2010
  
  
  
  

cogs - Nathan Jakubiak, Parasoft Software Development Manager

 

Recently our development team found a bug that resulted in a null variable being dereferenced and throwing an exception. We have static analysis rules enabled, so we wondered why they did not catch the problem.

We discovered that there was a Java static analysis rule that could have found the problem and alerted us if those variables ever got dereferenced: "Avoid using "private" fields which are never given a meaningful value." So we turned the rule on.

This rule was in a Jtestcategory called Possible Bugs, so we combed through that category, looking for other Severity 1 rules that we possibly should have turned on. As we were doing this, we found and enabled the high severity rule "Do not call 'equals()' methods that always return false." This turned up a number of bugs!

In our code we have calls that look like Logger.getlogger().error("some error message"). In some cases, a developer had accidentally used the equals() method instead of the error() method. The resulting code compiled fine, but did not do the logging that was intended. Jtest found this problem since the equals() method was passing a String to the equals() method of a Logger object - and this would always return false.

In this process we also turned on the rule "Avoid calling 'equals()' with same object", which also found us a bug! This bug was in the equals() method of an object called XMLAssertionTool, and could cause the method to consider two instances of XMLAssertionTool equal even if their message field had a different value, as shown below:

public boolean equals(Object obj) {
     if (!(obj instanceof XMLAssertionTool)) {
          return false;
     }
     XMLAssertionTool other = (XMLAssertionTool)obj;
     return assertions.equals(other.assertions) &&
          message.equals(message) && toolEquals(obj);
     // The problem is: "message.equals(message)"
}


***
To learn more about why, when, and how to perform static analysis, see our Static Analysis Best Practices paper.

Image credit: Patrick Hoesly.

Tags: 

Comments

Currently, there are no comments. Be the first to post one!
Post Comment
Name
 *
Email
 *
Website (optional)
Comment
 *

Allowed tags: <a> link, <b> bold, <i> italics