SlideShare uma empresa Scribd logo
1 de 56
IntelliJ IDEA
Static Code Analysis

       Hamlet D'Arcy
     Canoo Engineering AG
         @HamletDRC
http://hamletdarcy.blogspot.com
Static Code Analysis
Code Inspections
JSR 305 and 308 Annotations
Duplicate Detection
Stack Trace Analysis
Dataflow Analysis
Dependency Analysis


www.jetbrains.com/idea        2
About Me




www.jetbrains.com/idea   3
Static Code Analysis
Code Inspections
JSR 305 and 308 Annotations
Duplicate Detection
Stack Trace Analysis
Dataflow Analysis
Dependency Analysis


www.jetbrains.com/idea        4
class _01Example {

      private static long count = 0L;

      public synchronized void increment() {
        count++;
      }
}




    www.jetbrains.com/idea                     5
class _02Example {

      private boolean active = false;

      public boolean isActive() {
        return active;
      }

      public synchronized void activate() {
        active = true;
      }
}
    www.jetbrains.com/idea                    6
class _03Example {
     private final ReentrantLock lock = new ReentrantLock();
     private boolean active = false;

     public boolean isActive() throws Exception {
         lock.lock();
         boolean result = active;
         lock.unlock();
         return result;
     }

     public void activate() {
         lock.lock();
         active = true;
         lock.unlock();
     }
}

    www.jetbrains.com/idea                                     7
class _04Example {
  private static final boolean DEFAULT = true;

      void myMethod(Boolean value) {
        if (value == null)
          System.out.println("value: null");
          value = DEFAULT;

          System.out.println("received: " + value);
      }
}



    www.jetbrains.com/idea                        8
class _05Example {

      Frame makeFrame(int height, int width) {
        Frame frame = new Frame();
        frame.setSize(height, width);
        return frame;
      }

      Rectangle makeRectangle() {
        int x = 0;
        int y = 0;
        return new Rectangle(y, x, 20, 20);
      }
}
    www.jetbrains.com/idea                       9
class _06Example {
    {
        try {
            doSomething();
        } catch (UnsupportedOperationException e) {
            handleError(e);
        } catch (IllegalStateException e) {
            handleError(e);
        } catch (IllegalArgumentException e) {
            handleError(e);
        }
    }
    ...
}
www.jetbrains.com/idea                          10
class _07Example {
    private def Object lock = new Object()

     def method() {
         synchronized(lock) {
             // do something
         }
     }
}




www.jetbrains.com/idea                       11
class _08Example {
    var property: String = null

     def getProperty() {
         println(property)
     }
}




www.jetbrains.com/idea            12
Correctness
Multi-threaded correctness
Malicious code vulnerability
Bad practice
Internationalization
Performance
Code style violations
Dodgy
                       * Bill Pugh, FindBugs
www.jetbrains.com/idea                    13
… and more
Suppress False Positives
Define profiles and scopes
Run on demand
Run from command line
Team City integration
FindBugs, PMD & CheckStyle plugins
Language and framework support...


www.jetbrains.com/idea               14
Supported Frameworks
Android                  JSF
Ant                      JSP
Application Server       Junit
  Inspections            LESS
CDI(Contexts and         Maven
  Dependency             OSGi
  Injection)
                         RELAX NG
CSS
                         SCSS
Faces Model
                         Spring Model
FreeMarker
www.jetbrains.com/idea                  15
Write Your Own


IntelliJ IDEA Static Analysis:
Custom Rules with Structural Search & Replace

On http://JetBrains.tv



www.jetbrains.com/idea                     16
10 Best Unknown Inspections
Illegal package dependencies           return of collection or array
'this' reference escapes                  field
    constructor                        call to 'Thread.run()'
Field accessed in both                 expression.equals("literal")
    synched & unsynched                   rather than
    contexts                              "literal".equals(expression)
non private field accessed in          equals method does not check
    synched context                       class of parameter
Synchronization on 'this' and          method may be static
    'synchronized' method


http://hamletdarcy.blogspot.com/2008/04/10-best-idea-inspections-youre-not.html

www.jetbrains.com/idea                                                     17
How it Works
Searches AST for Bug Patterns




www.jetbrains.com/idea          18
How it Works
@Override
public void visitMethod(@NotNull final PsiMethod method) {
    super.visitMethod(method);
    if (method.hasModifierProperty(PsiModifier.ABSTRACT)) {
        return;
    }
    if (!RecursionUtils.methodMayRecurse(method)) {
        return;
    }
    if (!RecursionUtils.methodDefinitelyRecurses(method)) {
        return;
    }
    super.registerMethodError(method);
}
        www.jetbrains.com/idea                                19
Static Code Analysis
Code Inspections
JSR 305 and 308 Annotations
Duplicate Detection
Stack Trace Analysis
Dataflow Analysis
Dependency Analysis


www.jetbrains.com/idea        20
@Immutable and @GuardedBy
@Immutable
public class GuardedByExample {

     private final Object lock = new Object();

     @GuardedBy("lock")
     private final List<Object> myList = new ArrayList<Object>();

     public Object getElement(int index) {
       synchronized (lock) {
         return myList.get(index);
       }
     }

     public void addElement(Object e) {
       synchronized (lock) {
         myList.add(e);
       }
     }
}
    www.jetbrains.com/idea                                     21
@Nullable and @NotNull
public class NullableExample {
  @Nullable Integer getId() {
    return 1;
  }

     @NotNull String getName() {
       return "name";
     }

     @Override public String toString() {
       if (getName() == null) {
         return getId().toString() + "<unknown>";
       } else {
         return getId().toString() + getName();
       }
     }
}
    www.jetbrains.com/idea                          22
@Pattern

class PatternExample {


      @Pattern("[a-zA-Z]+")
      String getName() {
        return "my name";
      }
}


    www.jetbrains.com/idea    23
@Language

public class LanguageExample {

     @Language("Groovy")
     String getScript() {
       return "5.times { i -> println "Hello $i" } ";
     }

     String getMarkup() {
       @Language("XML")
       String markup = "<root><body>Some Text</body></root>";
       return markup;
     }
}


    www.jetbrains.com/idea                                24
@Nls, @NonNls, @PropertyKey
   Resource bundle & i18n integration

   Extracting hard-coded String literals:
    http://goo.gl/VZDln

   Documentation: http://goo.gl/NWzsv



www.jetbrains.com/idea                      25
Static Code Analysis
Code Inspections
JSR 305 and 308 Annotations
Duplicate Detection
Stack Trace Analysis
Dataflow Analysis
Dependency Analysis


www.jetbrains.com/idea        26
Static Analysis in IDEA
Static Analysis in IDEA
Duplicate Detection
Anonymizes Local Variables, Fields,
  Methods, Types, and Literals
Provides weighted/scored analysis
Supports several languages


More info: http://goo.gl/qmhhd


www.jetbrains.com/idea                29
Static Code Analysis
Code Inspections
JSR 305 and 308 Annotations
Duplicate Detection
Stack Trace Analysis
Dataflow Analysis
Dependency Analysis


www.jetbrains.com/idea        30
Static Analysis in IDEA
Static Analysis in IDEA
Analyze Stacktrace
Copy and paste log files into IDEA
ZKM Unscramble support (& others)

More Info: http://goo.gl/A8i87




www.jetbrains.com/idea               33
Static Code Analysis
Code Inspections
JSR 305 and 308 Annotations
Duplicate Detection
Stack Trace Analysis
Dataflow Analysis
Dependency Analysis


www.jetbrains.com/idea        34
Static Analysis in IDEA
Static Analysis in IDEA
Dataflow Analysis
Code archeology

to here – how a reference gets set
from here – where a reference goes to

More info: http://goo.gl/Cp92Q



www.jetbrains.com/idea                  37
Static Code Analysis
Code Inspections
JSR 305 and 308 Annotations
Duplicate Detection
Stack Trace Analysis
Dataflow Analysis
Dependency Analysis


www.jetbrains.com/idea        38
Static Analysis in IDEA
Static Analysis in IDEA
UML Generation
Dynamically generates diagram
Standard Show/Hide options
Integrated with Refactorings

Dependency Analysis
Shows all classes your code depends on
Shows specific usages in your classes
Allows jump to source
www.jetbrains.com/idea                   41
Dependency Structure Matrix
Analyzes structure of complex projects
Shows module, package, class
 dependencies
Shows cyclic & backwards dependencies
Helps eliminate illegal dependencies




www.jetbrains.com/idea                   42
Classes on top depend-on classes below


www.jetbrains.com/idea                       43
* le click *




CalculatorFacade uses:
         – Conversions, OperationsFactory & BinaryOperation

www.jetbrains.com/idea                                   44
CalculatorFacade is used by
         – CalculatorServlet & FPCalculatorServlet

www.jetbrains.com/idea                               45
* le click *
BinaryOperation is used 4 times by Facade
       – Darker color == more dependencies
Green shows who BinaryOperation is “used by”
Yellow shows who BinaryOperation “uses”
 www.jetbrains.com/idea                              46
Cyclic Dependencies can be highlighted
Modules can be collapsed/expanded

www.jetbrains.com/idea                   47
Dependency Structure Matrix
Demos on JetBrains site & booth

Feature Overview: http://goo.gl/0bcz3
JetBrains Blog Post: http://goo.gl/fdj26
Canoo Blog Post: http://goo.gl/M1hTY




www.jetbrains.com/idea                     48
Static Code Analysis
Code Inspections
JSR 305 and 308 Annotations
Duplicate Detection
Stack Trace Analysis
Dataflow Analysis
Dependency Analysis


www.jetbrains.com/idea        49
Software Lifecycle
Code Inspections
JSR 305 and 308 Annotations
Duplicate Detection
Stack Trace Analysis
Dataflow Analysis
Dependency Analysis


www.jetbrains.com/idea        50
Software Lifecycle
Code Inspections every second
JSR 305 and 308 Annotations     every second

Duplicate Detection
Stack Trace Analysis
Dataflow Analysis
Dependency Analysis


www.jetbrains.com/idea                   51
Software Lifecycle
Code Inspections every debug
JSR 305 and 308 Annotations     every debug

Duplicate Detection
Stack Trace Analysis
Dataflow Analysis every debug
Dependency Analysis


www.jetbrains.com/idea                    52
Software Lifecycle
Code Inspections every build
JSR 305 and 308 Annotations
Duplicate Detection
Stack Trace Analysis
Dataflow Analysis
Dependency Analysis


www.jetbrains.com/idea         53
Software Lifecycle
Code Inspections
JSR 305 and 308 Annotations
Duplicate Detection every day
Stack Trace Analysis
Dataflow Analysis
Dependency Analysis


www.jetbrains.com/idea          54
Software Lifecycle
Code Inspections
JSR 305 and 308 Annotations
Duplicate Detection
Stack Trace Analysis
Dataflow Analysis
Dependency Analysis     every release




www.jetbrains.com/idea                  55
Learn More – Q & A
My JetBrains.tv Screencasts: http://tv.jetbrains.net/tags/hamlet
My IDEA blog: http://hamletdarcy.blogspot.com/search/label/IDEA
Work's IDEA blog: http://www.canoo.com/blog/tag/idea/
Main blog: http://hamletdarcy.blogspot.com
YouTube channel: http://www.youtube.com/user/HamletDRC
Twitter: http://twitter.com/hamletdrc
IDEA RefCard from DZone: http://goo.gl/Fg4Af
IDEA Keyboard Stickers: JetBrains Booth

Share-a-Canooie – http://people.canoo.com/share/
Hackergarten – http://www.hackergarten.net/
     www.jetbrains.com/idea                                  56

Mais conteúdo relacionado

Mais procurados

Automated Patching for Vulnerable Source Code
Automated Patching for Vulnerable Source CodeAutomated Patching for Vulnerable Source Code
Automated Patching for Vulnerable Source CodeVladimir Kochetkov
 
PVS-Studio is there to help CERN: analysis of Geant4 project
PVS-Studio is there to help CERN: analysis of Geant4 projectPVS-Studio is there to help CERN: analysis of Geant4 project
PVS-Studio is there to help CERN: analysis of Geant4 projectPVS-Studio
 
Groovy Update - JavaPolis 2007
Groovy Update - JavaPolis 2007Groovy Update - JavaPolis 2007
Groovy Update - JavaPolis 2007Guillaume Laforge
 
Lift off with Groovy 2 at JavaOne 2013
Lift off with Groovy 2 at JavaOne 2013Lift off with Groovy 2 at JavaOne 2013
Lift off with Groovy 2 at JavaOne 2013Guillaume Laforge
 
Дмитрий Нестерук, Паттерны проектирования в XXI веке
Дмитрий Нестерук, Паттерны проектирования в XXI векеДмитрий Нестерук, Паттерны проектирования в XXI веке
Дмитрий Нестерук, Паттерны проектирования в XXI векеSergey Platonov
 
Alexey Sintsov- SDLC - try me to implement
Alexey Sintsov- SDLC - try me to implementAlexey Sintsov- SDLC - try me to implement
Alexey Sintsov- SDLC - try me to implementDefconRussia
 
How to write clean & testable code without losing your mind
How to write clean & testable code without losing your mindHow to write clean & testable code without losing your mind
How to write clean & testable code without losing your mindAndreas Czakaj
 
Sandboxie process isolation with kernel hooks
Sandboxie process isolation with kernel hooksSandboxie process isolation with kernel hooks
Sandboxie process isolation with kernel hooksKarlFrank99
 
Visualizing MVC, and an introduction to Giotto
Visualizing MVC, and an introduction to GiottoVisualizing MVC, and an introduction to Giotto
Visualizing MVC, and an introduction to Giottopriestc
 
Much ado about randomness. What is really a random number?
Much ado about randomness. What is really a random number?Much ado about randomness. What is really a random number?
Much ado about randomness. What is really a random number?Aleksandr Yampolskiy
 
OWASP SD: Deserialize My Shorts: Or How I Learned To Start Worrying and Hate ...
OWASP SD: Deserialize My Shorts: Or How I Learned To Start Worrying and Hate ...OWASP SD: Deserialize My Shorts: Or How I Learned To Start Worrying and Hate ...
OWASP SD: Deserialize My Shorts: Or How I Learned To Start Worrying and Hate ...Christopher Frohoff
 
From C++ to Objective-C
From C++ to Objective-CFrom C++ to Objective-C
From C++ to Objective-Ccorehard_by
 
Java Bytecode Fundamentals - JUG.lv
Java Bytecode Fundamentals - JUG.lvJava Bytecode Fundamentals - JUG.lv
Java Bytecode Fundamentals - JUG.lvAnton Arhipov
 
The operation principles of PVS-Studio static code analyzer
The operation principles of PVS-Studio static code analyzerThe operation principles of PVS-Studio static code analyzer
The operation principles of PVS-Studio static code analyzerAndrey Karpov
 
New methods for exploiting ORM injections in Java applications
New methods for exploiting ORM injections in Java applicationsNew methods for exploiting ORM injections in Java applications
New methods for exploiting ORM injections in Java applicationsMikhail Egorov
 
OWASP Poland Day 2018 - Pedro Fortuna - Are your Java Script based protection...
OWASP Poland Day 2018 - Pedro Fortuna - Are your Java Script based protection...OWASP Poland Day 2018 - Pedro Fortuna - Are your Java Script based protection...
OWASP Poland Day 2018 - Pedro Fortuna - Are your Java Script based protection...OWASP
 

Mais procurados (20)

Automated Patching for Vulnerable Source Code
Automated Patching for Vulnerable Source CodeAutomated Patching for Vulnerable Source Code
Automated Patching for Vulnerable Source Code
 
PVS-Studio is there to help CERN: analysis of Geant4 project
PVS-Studio is there to help CERN: analysis of Geant4 projectPVS-Studio is there to help CERN: analysis of Geant4 project
PVS-Studio is there to help CERN: analysis of Geant4 project
 
Groovy Update - JavaPolis 2007
Groovy Update - JavaPolis 2007Groovy Update - JavaPolis 2007
Groovy Update - JavaPolis 2007
 
Groovy 2 and beyond
Groovy 2 and beyondGroovy 2 and beyond
Groovy 2 and beyond
 
Lift off with Groovy 2 at JavaOne 2013
Lift off with Groovy 2 at JavaOne 2013Lift off with Groovy 2 at JavaOne 2013
Lift off with Groovy 2 at JavaOne 2013
 
Дмитрий Нестерук, Паттерны проектирования в XXI веке
Дмитрий Нестерук, Паттерны проектирования в XXI векеДмитрий Нестерук, Паттерны проектирования в XXI веке
Дмитрий Нестерук, Паттерны проектирования в XXI веке
 
Alexey Sintsov- SDLC - try me to implement
Alexey Sintsov- SDLC - try me to implementAlexey Sintsov- SDLC - try me to implement
Alexey Sintsov- SDLC - try me to implement
 
How to write clean & testable code without losing your mind
How to write clean & testable code without losing your mindHow to write clean & testable code without losing your mind
How to write clean & testable code without losing your mind
 
Sandboxie process isolation with kernel hooks
Sandboxie process isolation with kernel hooksSandboxie process isolation with kernel hooks
Sandboxie process isolation with kernel hooks
 
Visualizing MVC, and an introduction to Giotto
Visualizing MVC, and an introduction to GiottoVisualizing MVC, and an introduction to Giotto
Visualizing MVC, and an introduction to Giotto
 
Much ado about randomness. What is really a random number?
Much ado about randomness. What is really a random number?Much ado about randomness. What is really a random number?
Much ado about randomness. What is really a random number?
 
OWASP SD: Deserialize My Shorts: Or How I Learned To Start Worrying and Hate ...
OWASP SD: Deserialize My Shorts: Or How I Learned To Start Worrying and Hate ...OWASP SD: Deserialize My Shorts: Or How I Learned To Start Worrying and Hate ...
OWASP SD: Deserialize My Shorts: Or How I Learned To Start Worrying and Hate ...
 
Solid principles
Solid principlesSolid principles
Solid principles
 
From C++ to Objective-C
From C++ to Objective-CFrom C++ to Objective-C
From C++ to Objective-C
 
Java Bytecode Fundamentals - JUG.lv
Java Bytecode Fundamentals - JUG.lvJava Bytecode Fundamentals - JUG.lv
Java Bytecode Fundamentals - JUG.lv
 
The operation principles of PVS-Studio static code analyzer
The operation principles of PVS-Studio static code analyzerThe operation principles of PVS-Studio static code analyzer
The operation principles of PVS-Studio static code analyzer
 
New methods for exploiting ORM injections in Java applications
New methods for exploiting ORM injections in Java applicationsNew methods for exploiting ORM injections in Java applications
New methods for exploiting ORM injections in Java applications
 
Testing untestable code - IPC12
Testing untestable code - IPC12Testing untestable code - IPC12
Testing untestable code - IPC12
 
Android JNI
Android JNIAndroid JNI
Android JNI
 
OWASP Poland Day 2018 - Pedro Fortuna - Are your Java Script based protection...
OWASP Poland Day 2018 - Pedro Fortuna - Are your Java Script based protection...OWASP Poland Day 2018 - Pedro Fortuna - Are your Java Script based protection...
OWASP Poland Day 2018 - Pedro Fortuna - Are your Java Script based protection...
 

Semelhante a Static Analysis in IDEA

Building Testable PHP Applications
Building Testable PHP ApplicationsBuilding Testable PHP Applications
Building Testable PHP Applicationschartjes
 
Java Performance Tuning
Java Performance TuningJava Performance Tuning
Java Performance TuningMinh Hoang
 
HTML5 Developer Conference 2013: Javascript Insights
HTML5 Developer Conference 2013: Javascript InsightsHTML5 Developer Conference 2013: Javascript Insights
HTML5 Developer Conference 2013: Javascript InsightsAnn Robson
 
Pro typescript.ch03.Object Orientation in TypeScript
Pro typescript.ch03.Object Orientation in TypeScriptPro typescript.ch03.Object Orientation in TypeScript
Pro typescript.ch03.Object Orientation in TypeScriptSeok-joon Yun
 
PVS-Studio in 2021 - Error Examples
PVS-Studio in 2021 - Error ExamplesPVS-Studio in 2021 - Error Examples
PVS-Studio in 2021 - Error ExamplesAndrey Karpov
 
Singletons in PHP - Why they are bad and how you can eliminate them from your...
Singletons in PHP - Why they are bad and how you can eliminate them from your...Singletons in PHP - Why they are bad and how you can eliminate them from your...
Singletons in PHP - Why they are bad and how you can eliminate them from your...go_oh
 
Desing pattern prototype-Factory Method, Prototype and Builder
Desing pattern prototype-Factory Method, Prototype and Builder Desing pattern prototype-Factory Method, Prototype and Builder
Desing pattern prototype-Factory Method, Prototype and Builder paramisoft
 
Static code analysis: what? how? why?
Static code analysis: what? how? why?Static code analysis: what? how? why?
Static code analysis: what? how? why?Andrey Karpov
 
Arquillian Constellation
Arquillian ConstellationArquillian Constellation
Arquillian ConstellationAlex Soto
 
ChakraCore: analysis of JavaScript-engine for Microsoft Edge
ChakraCore: analysis of JavaScript-engine for Microsoft EdgeChakraCore: analysis of JavaScript-engine for Microsoft Edge
ChakraCore: analysis of JavaScript-engine for Microsoft EdgePVS-Studio
 
Applying Compiler Techniques to Iterate At Blazing Speed
Applying Compiler Techniques to Iterate At Blazing SpeedApplying Compiler Techniques to Iterate At Blazing Speed
Applying Compiler Techniques to Iterate At Blazing SpeedPascal-Louis Perez
 
Java EE 6 CDI Integrates with Spring & JSF
Java EE 6 CDI Integrates with Spring & JSFJava EE 6 CDI Integrates with Spring & JSF
Java EE 6 CDI Integrates with Spring & JSFJiayun Zhou
 
Mastering Mock Objects - Advanced Unit Testing for Java
Mastering Mock Objects - Advanced Unit Testing for JavaMastering Mock Objects - Advanced Unit Testing for Java
Mastering Mock Objects - Advanced Unit Testing for JavaDenilson Nastacio
 
Groovy on Grails by Ziya Askerov
Groovy on Grails by Ziya AskerovGroovy on Grails by Ziya Askerov
Groovy on Grails by Ziya AskerovVuqar Suleymanov
 
Construire une application JavaFX 8 avec gradle
Construire une application JavaFX 8 avec gradleConstruire une application JavaFX 8 avec gradle
Construire une application JavaFX 8 avec gradleThierry Wasylczenko
 
Finding bugs that matter with Findbugs
Finding bugs that matter with FindbugsFinding bugs that matter with Findbugs
Finding bugs that matter with FindbugsCarol McDonald
 
Atlassian Groovy Plugins
Atlassian Groovy PluginsAtlassian Groovy Plugins
Atlassian Groovy PluginsPaul King
 

Semelhante a Static Analysis in IDEA (20)

Building Testable PHP Applications
Building Testable PHP ApplicationsBuilding Testable PHP Applications
Building Testable PHP Applications
 
Java Performance Tuning
Java Performance TuningJava Performance Tuning
Java Performance Tuning
 
HTML5 Developer Conference 2013: Javascript Insights
HTML5 Developer Conference 2013: Javascript InsightsHTML5 Developer Conference 2013: Javascript Insights
HTML5 Developer Conference 2013: Javascript Insights
 
Pro typescript.ch03.Object Orientation in TypeScript
Pro typescript.ch03.Object Orientation in TypeScriptPro typescript.ch03.Object Orientation in TypeScript
Pro typescript.ch03.Object Orientation in TypeScript
 
PVS-Studio in 2021 - Error Examples
PVS-Studio in 2021 - Error ExamplesPVS-Studio in 2021 - Error Examples
PVS-Studio in 2021 - Error Examples
 
Singletons in PHP - Why they are bad and how you can eliminate them from your...
Singletons in PHP - Why they are bad and how you can eliminate them from your...Singletons in PHP - Why they are bad and how you can eliminate them from your...
Singletons in PHP - Why they are bad and how you can eliminate them from your...
 
Javascript Design Patterns
Javascript Design PatternsJavascript Design Patterns
Javascript Design Patterns
 
Desing pattern prototype-Factory Method, Prototype and Builder
Desing pattern prototype-Factory Method, Prototype and Builder Desing pattern prototype-Factory Method, Prototype and Builder
Desing pattern prototype-Factory Method, Prototype and Builder
 
Static code analysis: what? how? why?
Static code analysis: what? how? why?Static code analysis: what? how? why?
Static code analysis: what? how? why?
 
Arquillian Constellation
Arquillian ConstellationArquillian Constellation
Arquillian Constellation
 
ChakraCore: analysis of JavaScript-engine for Microsoft Edge
ChakraCore: analysis of JavaScript-engine for Microsoft EdgeChakraCore: analysis of JavaScript-engine for Microsoft Edge
ChakraCore: analysis of JavaScript-engine for Microsoft Edge
 
Applying Compiler Techniques to Iterate At Blazing Speed
Applying Compiler Techniques to Iterate At Blazing SpeedApplying Compiler Techniques to Iterate At Blazing Speed
Applying Compiler Techniques to Iterate At Blazing Speed
 
Java EE 6 CDI Integrates with Spring & JSF
Java EE 6 CDI Integrates with Spring & JSFJava EE 6 CDI Integrates with Spring & JSF
Java EE 6 CDI Integrates with Spring & JSF
 
Mastering Mock Objects - Advanced Unit Testing for Java
Mastering Mock Objects - Advanced Unit Testing for JavaMastering Mock Objects - Advanced Unit Testing for Java
Mastering Mock Objects - Advanced Unit Testing for Java
 
Grails
GrailsGrails
Grails
 
Grails
GrailsGrails
Grails
 
Groovy on Grails by Ziya Askerov
Groovy on Grails by Ziya AskerovGroovy on Grails by Ziya Askerov
Groovy on Grails by Ziya Askerov
 
Construire une application JavaFX 8 avec gradle
Construire une application JavaFX 8 avec gradleConstruire une application JavaFX 8 avec gradle
Construire une application JavaFX 8 avec gradle
 
Finding bugs that matter with Findbugs
Finding bugs that matter with FindbugsFinding bugs that matter with Findbugs
Finding bugs that matter with Findbugs
 
Atlassian Groovy Plugins
Atlassian Groovy PluginsAtlassian Groovy Plugins
Atlassian Groovy Plugins
 

Mais de HamletDRC

AST Transformations at JFokus
AST Transformations at JFokusAST Transformations at JFokus
AST Transformations at JFokusHamletDRC
 
10 Years of Groovy
10 Years of Groovy10 Years of Groovy
10 Years of GroovyHamletDRC
 
Java Boilerplate Busters
Java Boilerplate BustersJava Boilerplate Busters
Java Boilerplate BustersHamletDRC
 
New Ideas for Old Code - Greach
New Ideas for Old Code - GreachNew Ideas for Old Code - Greach
New Ideas for Old Code - GreachHamletDRC
 
Groovy Ast Transformations (greach)
Groovy Ast Transformations (greach)Groovy Ast Transformations (greach)
Groovy Ast Transformations (greach)HamletDRC
 
AST Transformations
AST TransformationsAST Transformations
AST TransformationsHamletDRC
 
Java Boilerplate Busters
Java Boilerplate BustersJava Boilerplate Busters
Java Boilerplate BustersHamletDRC
 
Ast transformations
Ast transformationsAst transformations
Ast transformationsHamletDRC
 

Mais de HamletDRC (8)

AST Transformations at JFokus
AST Transformations at JFokusAST Transformations at JFokus
AST Transformations at JFokus
 
10 Years of Groovy
10 Years of Groovy10 Years of Groovy
10 Years of Groovy
 
Java Boilerplate Busters
Java Boilerplate BustersJava Boilerplate Busters
Java Boilerplate Busters
 
New Ideas for Old Code - Greach
New Ideas for Old Code - GreachNew Ideas for Old Code - Greach
New Ideas for Old Code - Greach
 
Groovy Ast Transformations (greach)
Groovy Ast Transformations (greach)Groovy Ast Transformations (greach)
Groovy Ast Transformations (greach)
 
AST Transformations
AST TransformationsAST Transformations
AST Transformations
 
Java Boilerplate Busters
Java Boilerplate BustersJava Boilerplate Busters
Java Boilerplate Busters
 
Ast transformations
Ast transformationsAst transformations
Ast transformations
 

Último

Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
The Kubernetes Gateway API and its role in Cloud Native API Management
The Kubernetes Gateway API and its role in Cloud Native API ManagementThe Kubernetes Gateway API and its role in Cloud Native API Management
The Kubernetes Gateway API and its role in Cloud Native API ManagementNuwan Dias
 
99.99% of Your Traces Are (Probably) Trash (SRECon NA 2024).pdf
99.99% of Your Traces  Are (Probably) Trash (SRECon NA 2024).pdf99.99% of Your Traces  Are (Probably) Trash (SRECon NA 2024).pdf
99.99% of Your Traces Are (Probably) Trash (SRECon NA 2024).pdfPaige Cruz
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-pyJamie (Taka) Wang
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Adtran
 
100+ ChatGPT Prompts for SEO Optimization
100+ ChatGPT Prompts for SEO Optimization100+ ChatGPT Prompts for SEO Optimization
100+ ChatGPT Prompts for SEO Optimizationarrow10202532yuvraj
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 
Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Brian Pichman
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024SkyPlanner
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Will Schroeder
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 
All in AI: LLM Landscape & RAG in 2024 with Mark Ryan (Google) & Jerry Liu (L...
All in AI: LLM Landscape & RAG in 2024 with Mark Ryan (Google) & Jerry Liu (L...All in AI: LLM Landscape & RAG in 2024 with Mark Ryan (Google) & Jerry Liu (L...
All in AI: LLM Landscape & RAG in 2024 with Mark Ryan (Google) & Jerry Liu (L...Daniel Zivkovic
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesMd Hossain Ali
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostMatt Ray
 

Último (20)

Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
The Kubernetes Gateway API and its role in Cloud Native API Management
The Kubernetes Gateway API and its role in Cloud Native API ManagementThe Kubernetes Gateway API and its role in Cloud Native API Management
The Kubernetes Gateway API and its role in Cloud Native API Management
 
99.99% of Your Traces Are (Probably) Trash (SRECon NA 2024).pdf
99.99% of Your Traces  Are (Probably) Trash (SRECon NA 2024).pdf99.99% of Your Traces  Are (Probably) Trash (SRECon NA 2024).pdf
99.99% of Your Traces Are (Probably) Trash (SRECon NA 2024).pdf
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-py
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
 
100+ ChatGPT Prompts for SEO Optimization
100+ ChatGPT Prompts for SEO Optimization100+ ChatGPT Prompts for SEO Optimization
100+ ChatGPT Prompts for SEO Optimization
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 
Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 
All in AI: LLM Landscape & RAG in 2024 with Mark Ryan (Google) & Jerry Liu (L...
All in AI: LLM Landscape & RAG in 2024 with Mark Ryan (Google) & Jerry Liu (L...All in AI: LLM Landscape & RAG in 2024 with Mark Ryan (Google) & Jerry Liu (L...
All in AI: LLM Landscape & RAG in 2024 with Mark Ryan (Google) & Jerry Liu (L...
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
 

Static Analysis in IDEA

  • 1. IntelliJ IDEA Static Code Analysis Hamlet D'Arcy Canoo Engineering AG @HamletDRC http://hamletdarcy.blogspot.com
  • 2. Static Code Analysis Code Inspections JSR 305 and 308 Annotations Duplicate Detection Stack Trace Analysis Dataflow Analysis Dependency Analysis www.jetbrains.com/idea 2
  • 4. Static Code Analysis Code Inspections JSR 305 and 308 Annotations Duplicate Detection Stack Trace Analysis Dataflow Analysis Dependency Analysis www.jetbrains.com/idea 4
  • 5. class _01Example { private static long count = 0L; public synchronized void increment() { count++; } } www.jetbrains.com/idea 5
  • 6. class _02Example { private boolean active = false; public boolean isActive() { return active; } public synchronized void activate() { active = true; } } www.jetbrains.com/idea 6
  • 7. class _03Example { private final ReentrantLock lock = new ReentrantLock(); private boolean active = false; public boolean isActive() throws Exception { lock.lock(); boolean result = active; lock.unlock(); return result; } public void activate() { lock.lock(); active = true; lock.unlock(); } } www.jetbrains.com/idea 7
  • 8. class _04Example { private static final boolean DEFAULT = true; void myMethod(Boolean value) { if (value == null) System.out.println("value: null"); value = DEFAULT; System.out.println("received: " + value); } } www.jetbrains.com/idea 8
  • 9. class _05Example { Frame makeFrame(int height, int width) { Frame frame = new Frame(); frame.setSize(height, width); return frame; } Rectangle makeRectangle() { int x = 0; int y = 0; return new Rectangle(y, x, 20, 20); } } www.jetbrains.com/idea 9
  • 10. class _06Example { { try { doSomething(); } catch (UnsupportedOperationException e) { handleError(e); } catch (IllegalStateException e) { handleError(e); } catch (IllegalArgumentException e) { handleError(e); } } ... } www.jetbrains.com/idea 10
  • 11. class _07Example { private def Object lock = new Object() def method() { synchronized(lock) { // do something } } } www.jetbrains.com/idea 11
  • 12. class _08Example { var property: String = null def getProperty() { println(property) } } www.jetbrains.com/idea 12
  • 13. Correctness Multi-threaded correctness Malicious code vulnerability Bad practice Internationalization Performance Code style violations Dodgy * Bill Pugh, FindBugs www.jetbrains.com/idea 13
  • 14. … and more Suppress False Positives Define profiles and scopes Run on demand Run from command line Team City integration FindBugs, PMD & CheckStyle plugins Language and framework support... www.jetbrains.com/idea 14
  • 15. Supported Frameworks Android JSF Ant JSP Application Server Junit Inspections LESS CDI(Contexts and Maven Dependency OSGi Injection) RELAX NG CSS SCSS Faces Model Spring Model FreeMarker www.jetbrains.com/idea 15
  • 16. Write Your Own IntelliJ IDEA Static Analysis: Custom Rules with Structural Search & Replace On http://JetBrains.tv www.jetbrains.com/idea 16
  • 17. 10 Best Unknown Inspections Illegal package dependencies return of collection or array 'this' reference escapes field constructor call to 'Thread.run()' Field accessed in both expression.equals("literal") synched & unsynched rather than contexts "literal".equals(expression) non private field accessed in equals method does not check synched context class of parameter Synchronization on 'this' and method may be static 'synchronized' method http://hamletdarcy.blogspot.com/2008/04/10-best-idea-inspections-youre-not.html www.jetbrains.com/idea 17
  • 18. How it Works Searches AST for Bug Patterns www.jetbrains.com/idea 18
  • 19. How it Works @Override public void visitMethod(@NotNull final PsiMethod method) { super.visitMethod(method); if (method.hasModifierProperty(PsiModifier.ABSTRACT)) { return; } if (!RecursionUtils.methodMayRecurse(method)) { return; } if (!RecursionUtils.methodDefinitelyRecurses(method)) { return; } super.registerMethodError(method); } www.jetbrains.com/idea 19
  • 20. Static Code Analysis Code Inspections JSR 305 and 308 Annotations Duplicate Detection Stack Trace Analysis Dataflow Analysis Dependency Analysis www.jetbrains.com/idea 20
  • 21. @Immutable and @GuardedBy @Immutable public class GuardedByExample { private final Object lock = new Object(); @GuardedBy("lock") private final List<Object> myList = new ArrayList<Object>(); public Object getElement(int index) { synchronized (lock) { return myList.get(index); } } public void addElement(Object e) { synchronized (lock) { myList.add(e); } } } www.jetbrains.com/idea 21
  • 22. @Nullable and @NotNull public class NullableExample { @Nullable Integer getId() { return 1; } @NotNull String getName() { return "name"; } @Override public String toString() { if (getName() == null) { return getId().toString() + "<unknown>"; } else { return getId().toString() + getName(); } } } www.jetbrains.com/idea 22
  • 23. @Pattern class PatternExample { @Pattern("[a-zA-Z]+") String getName() { return "my name"; } } www.jetbrains.com/idea 23
  • 24. @Language public class LanguageExample { @Language("Groovy") String getScript() { return "5.times { i -> println "Hello $i" } "; } String getMarkup() { @Language("XML") String markup = "<root><body>Some Text</body></root>"; return markup; } } www.jetbrains.com/idea 24
  • 25. @Nls, @NonNls, @PropertyKey Resource bundle & i18n integration Extracting hard-coded String literals: http://goo.gl/VZDln Documentation: http://goo.gl/NWzsv www.jetbrains.com/idea 25
  • 26. Static Code Analysis Code Inspections JSR 305 and 308 Annotations Duplicate Detection Stack Trace Analysis Dataflow Analysis Dependency Analysis www.jetbrains.com/idea 26
  • 29. Duplicate Detection Anonymizes Local Variables, Fields, Methods, Types, and Literals Provides weighted/scored analysis Supports several languages More info: http://goo.gl/qmhhd www.jetbrains.com/idea 29
  • 30. Static Code Analysis Code Inspections JSR 305 and 308 Annotations Duplicate Detection Stack Trace Analysis Dataflow Analysis Dependency Analysis www.jetbrains.com/idea 30
  • 33. Analyze Stacktrace Copy and paste log files into IDEA ZKM Unscramble support (& others) More Info: http://goo.gl/A8i87 www.jetbrains.com/idea 33
  • 34. Static Code Analysis Code Inspections JSR 305 and 308 Annotations Duplicate Detection Stack Trace Analysis Dataflow Analysis Dependency Analysis www.jetbrains.com/idea 34
  • 37. Dataflow Analysis Code archeology to here – how a reference gets set from here – where a reference goes to More info: http://goo.gl/Cp92Q www.jetbrains.com/idea 37
  • 38. Static Code Analysis Code Inspections JSR 305 and 308 Annotations Duplicate Detection Stack Trace Analysis Dataflow Analysis Dependency Analysis www.jetbrains.com/idea 38
  • 41. UML Generation Dynamically generates diagram Standard Show/Hide options Integrated with Refactorings Dependency Analysis Shows all classes your code depends on Shows specific usages in your classes Allows jump to source www.jetbrains.com/idea 41
  • 42. Dependency Structure Matrix Analyzes structure of complex projects Shows module, package, class dependencies Shows cyclic & backwards dependencies Helps eliminate illegal dependencies www.jetbrains.com/idea 42
  • 43. Classes on top depend-on classes below www.jetbrains.com/idea 43
  • 44. * le click * CalculatorFacade uses: – Conversions, OperationsFactory & BinaryOperation www.jetbrains.com/idea 44
  • 45. CalculatorFacade is used by – CalculatorServlet & FPCalculatorServlet www.jetbrains.com/idea 45
  • 46. * le click * BinaryOperation is used 4 times by Facade – Darker color == more dependencies Green shows who BinaryOperation is “used by” Yellow shows who BinaryOperation “uses” www.jetbrains.com/idea 46
  • 47. Cyclic Dependencies can be highlighted Modules can be collapsed/expanded www.jetbrains.com/idea 47
  • 48. Dependency Structure Matrix Demos on JetBrains site & booth Feature Overview: http://goo.gl/0bcz3 JetBrains Blog Post: http://goo.gl/fdj26 Canoo Blog Post: http://goo.gl/M1hTY www.jetbrains.com/idea 48
  • 49. Static Code Analysis Code Inspections JSR 305 and 308 Annotations Duplicate Detection Stack Trace Analysis Dataflow Analysis Dependency Analysis www.jetbrains.com/idea 49
  • 50. Software Lifecycle Code Inspections JSR 305 and 308 Annotations Duplicate Detection Stack Trace Analysis Dataflow Analysis Dependency Analysis www.jetbrains.com/idea 50
  • 51. Software Lifecycle Code Inspections every second JSR 305 and 308 Annotations every second Duplicate Detection Stack Trace Analysis Dataflow Analysis Dependency Analysis www.jetbrains.com/idea 51
  • 52. Software Lifecycle Code Inspections every debug JSR 305 and 308 Annotations every debug Duplicate Detection Stack Trace Analysis Dataflow Analysis every debug Dependency Analysis www.jetbrains.com/idea 52
  • 53. Software Lifecycle Code Inspections every build JSR 305 and 308 Annotations Duplicate Detection Stack Trace Analysis Dataflow Analysis Dependency Analysis www.jetbrains.com/idea 53
  • 54. Software Lifecycle Code Inspections JSR 305 and 308 Annotations Duplicate Detection every day Stack Trace Analysis Dataflow Analysis Dependency Analysis www.jetbrains.com/idea 54
  • 55. Software Lifecycle Code Inspections JSR 305 and 308 Annotations Duplicate Detection Stack Trace Analysis Dataflow Analysis Dependency Analysis every release www.jetbrains.com/idea 55
  • 56. Learn More – Q & A My JetBrains.tv Screencasts: http://tv.jetbrains.net/tags/hamlet My IDEA blog: http://hamletdarcy.blogspot.com/search/label/IDEA Work's IDEA blog: http://www.canoo.com/blog/tag/idea/ Main blog: http://hamletdarcy.blogspot.com YouTube channel: http://www.youtube.com/user/HamletDRC Twitter: http://twitter.com/hamletdrc IDEA RefCard from DZone: http://goo.gl/Fg4Af IDEA Keyboard Stickers: JetBrains Booth Share-a-Canooie – http://people.canoo.com/share/ Hackergarten – http://www.hackergarten.net/ www.jetbrains.com/idea 56

Notas do Editor

  1. About Me http://www.manning.com/koenig2/ http://hamletdarcy.blogspot.com Twitter: @HamletDRC Groovy, CodeNarc, JConch Committer GPars, Griffon, Gradle, etc. Contributor GroovyMag, NFJS magazine author JetBrains Academy Member
  2. Static access on instance lock
  3. Field accessed in sync and non-sync context
  4. lock acquired &amp; not properly unlocked
  5. Suspicious Indentation of Control Statement
  6. Suspicious Variable/Parameter Name
  7. Suspicious Variable/Parameter Name
  8. Suspicious Variable/Parameter Name
  9. Suspicious Variable/Parameter Name
  10. - Command line &amp; CI integration - command line: need a valid .idea / .ipr file - http://www.jetbrains.com/idea/webhelp/running-inspections-offline.html - inspect.bat or inspect.sh in idea/bin - CI Integration: TeamCity has inspections built in
  11. - Mention WebStorm for other inspections
  12. - @GuardedBy and @Immutable - GuardedByExample.java - Add jcp classes to classpath - non final GuardedBy field, not guarded correctly - non final field in @Immutable class
  13. - http://www.jetbrains.com/idea/documentation/howto.html - Add annotations to classpath - Can be associated with other annotations (like Hibernate&apos;s) - Infer Nullity - http://www.jetbrains.com/idea/webhelp/inferring-nullity.html - http://blogs.jetbrains.com/idea/2011/03/more-flexible-and-configurable-nullublenotnull-annotations/
  14. - Enforces String against a regex
  15. - @Language - LanguageExample.java - Syntax checks language snippets - http://www.jetbrains.com/idea/webhelp/using-language-injections.html
  16. - http://www.jetbrains.com/idea/webhelp/dataflow-analysis.html - code archeology - better understand the inherited project code, interpret complicated parts of the code, find bottlenecks in the source, and more. - Dataflow to here - Shows how a reference gets set. ie Divide by zero example - Dataflow from here - Shows where a reference goes to. ie new Divide() example