What's New in Teams Calling, Meetings and Devices March 2024
Presentations Unusual Java Bugs And Detecting Them Using Foss Tools
1. Unusual Java Bugs
and Fighting them Using FOSS Tools
S G Ganesh
Research Engineer
Siemens (Corporate Technology), Bangalore
Open Source India W eek
The TechZone: Developer Track—Bangalore
12-Feb-2008
2. Why Static Analysis Tools
Too much buggy software out there in the
market
Open source is better, but still …
Important to improve the quality of the
software
“ilities” : reliability, security, maintainability etc.
Testing is not enough
Cannot check all paths, possibilities, practices
3. Why Static Analysis Tools (contd..)
Benefits of Static Analysis Tools
Can cover code not covered by testing or dynamic
analysis
No instrumentation needed, no tests to develop and run
Usually easy to use
Run in your IDE, by just clicking a button
Code review is not sufficient
Can catch usual/obvious mistakes
A static analysis tool can often find unusual bugs
4. Why Bugs Happen in Code?
Everyone makes mistakes
Including experts
only that novices make more mistakes
Compiler catches syntax/(some) semantic
errors
Not sufficient. E.g. how about errors in usage?
We are often asked to ‘Get-the-code-
working’
So, after that, we spend rest of the time fixing
the bugs ;-)
5. Why Java FOSS Tools?
Many high quality FOSS tools available
Java is free and widely used
Java programs also suffer quality issues like
code developed in C/C++
No pointers, automatic memory management etc
helps less experienced programmers much
Still, Java software suffers quality problems like
security, maintainability etc.
Significantly improve quality of software
before software is tested or released to users
6. Finding Uncommon Bugs
We’ll see a buggy code example
not usual bug like null pointer access or bad
cast
unusual bugs like misuse of language features,
synchronization issues etc.
… and then see how a FOSS static
analysis tool catches it
We’ll see simple bugs first
… and then move on to more difficult ones
7. What does this code print?
class LongVal {
public static void main(String []s) {
long l = 0x1l;
System.out.format(quot;%xquot;, l);
}
}
8. Here is the output …
$ java LongVal
1
$
The program prints 1 and not 11 – why?
9. Bug: ‘l’ and ‘1’ looks alike!
The antic tool detects it:
$antic –java LongVal.java
LongVal.java:3:26: May be 'l' is used
instead of '1' at the end of integer
constant
Programmer, possibly by mistake, typed
‘l’ (english letter ell) instead of ‘1’ (number
one)!
long l = 0x1l;
10. Introducing Jlint/Antic
Antic is meant for finding problems related to C
syntax
Like this problem we saw now
Works on java source files
Jlint is for Java inconsistencies and bugs
Can find difficult synchronization issues also
Works on built class files
Simple to use tool
Used from command line
Available from http://jlint.sourceforge.net
11. What does this code print?
class NaNTest {
public static void main(String []s) {
double d = getVal();
if(d == Double.NaN)
System.out.println(quot;d is NaNquot;);
}
private static double getVal() {
return Double.NaN;
}
}
12. Here is the output…
$ java NaNTest
$
It does not print anything!
14. Bug: (NaN == NaN) is false!
FindBugs names this bug as: “Doomed test for
equality to NaN”
This code checks to see if a floating point value
is equal to the special Not A Number value (d ==
Double.NaN).
special semantics of NaN: no value is equal to
NaN, including NaN.
d == Double.NaN is always false
Correct check: Use Double.isNaN(x)
15. Introducing FingBugs
Detects problems like correctness,
multithreading issues, performance
problems, bad practices etc
Less number of false positives
No source files needed
Runs on Java class/jar files
You can run it on huge code-bases
Runs in a nice GUI
Get from: http://findbugs.sourceforge.net/
19. PMD Detects It
$pmd Test.java text design
Test.java:3 Overridable method 'foo'
called during object construction
20. Bug: Ctor calls overridden method!
Constructors do not support runtime
polymorphism
Because derived objects are not constructed yet
when base class constructor executes.
Virtual method foo is called from the base class
constructor
Overridden foo calls toString method from i
which is not initialized yet
Results in NullPointerException
21. Introducing PMD
PMD checks for problems like:
Possible bugs, design rule violations
Duplicate, sub-optimal or dead code
Suggestions for Migration to newer JDK versions,
J2EE, JavaBeans, JSP, JUnit rules
Works on Java source files
Command-line
Or as plugin for Eclipse, JBuilder, JCreator etc.
Get from: http://pmd.sourceforge.net/
26. Bug: Multiple locks can deadlock!
Locks: basic Java synchronization mechanism
Ensures exclusive ownership for a thread while
executing critical section
Incorrect
synchronization can lead to deadlocks
Deadlocks are ‘non-deterministic’
Hence difficult to detect, reproduce and fix
Acquiring multiple locks is prone to deadlock
Particularly if not done in same order
or if sleep() in Thread is called
Inthis program, foo and bar acquire locks in
opposite order and hence deadlock occurs
27. Introducing QJ-Pro
QJ-Pro checks for problems like:
Conformance to coding standards, coding best
practices
Misuse of features, APIs etc
Works on Java source files
Easy to use in standalone GUI version
Or Eclipse, JBuilder, JDeveloper plugins or Ant job
Get from: http://qjpro.sourceforge.net/
29. Other FOSS Java Tools
CheckStyle
Checks for adherance to coding standards such as
Sun’s
Get it from http://checkstyle.sourceforge.net/
JCSC (Java Coding Style Checker)
Checks for coding style adherance &
… and also checks for common bugs
Get it from http://checkstyle.sourceforge.net/
There are many more
Classycle, Condenser, DoctorJ, JarAnalyzer…
30. Banish the Bug!
Tools are free
why don’t you use it for getting rid of bugs
Ensure high-quality of software
By detecting and fixing bugs early in s/w lifecycle
31. Thank You!
Some Links:
Code Snippet Of the Day (CodeSOD)
http://thedailywtf.com/Series/CodeSOD.aspx
List of Open Source Java code analyzers
http://java-source.net/open-source/code-analyzers
Enough bugging you!
Time for Q & A now