Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix findbugs and activate in Travis #3

Open
sbesson opened this issue Oct 10, 2016 · 3 comments
Open

Fix findbugs and activate in Travis #3

sbesson opened this issue Oct 10, 2016 · 3 comments
Assignees
@jburel

Comments

@sbesson
Copy link
Member

sbesson commented Oct 10, 2016

Follow-up task of #1, activating mvn findbugs:check in Travis requires to fix 30 bugs in the code base

[INFO] --- findbugs-maven-plugin:3.0.4:check (default-cli) @ ome-common ---
[INFO] BugInstance size is 30
[INFO] Error size is 0
[INFO] Total bugs: 30
[INFO] loci.common.BZip2Handle.isBZip2File(String) may fail to clean up java.io.InputStream on checked exception [loci.common.BZip2Handle, loci.common.BZip2Handle, loci.common.BZip2Handle] Obligation to clean up resource created at BZip2Handle.java:[line 86] is not dischargedPath continues at BZip2Handle.java:[line 87]Path continues at BZip2Handle.java:[line 88] OBL_UNSATISFIED_OBLIGATION_EXCEPTION_EDGE
[INFO] loci.common.BZip2Handle.isBZip2File(String) ignores result of java.io.FileInputStream.read(byte[]) [loci.common.BZip2Handle] At BZip2Handle.java:[line 88] RR_NOT_CHECKED
[INFO] Nullcheck of ByteArrayHandle.buffer at line 112 of value previously dereferenced in loci.common.ByteArrayHandle.setLength(long) [loci.common.ByteArrayHandle, loci.common.ByteArrayHandle] At ByteArrayHandle.java:[line 109]Redundant null check at ByteArrayHandle.java:[line 112] RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE
[INFO] loci.common.ByteArrayHandle.read(ByteBuffer, int, int) ignores result of loci.common.ByteArrayHandle.read(byte[]) [loci.common.ByteArrayHandle] At ByteArrayHandle.java:[line 171] RR_NOT_CHECKED
[INFO] loci.common.ByteArrayHandle.readUTF() ignores result of loci.common.ByteArrayHandle.read(byte[]) [loci.common.ByteArrayHandle] At ByteArrayHandle.java:[line 362] RR_NOT_CHECKED
[INFO] loci.common.CRC.CRC_32_TABLE should be package protected [loci.common.CRC] At CRC.java:[line 64] MS_PKGPROTECT
[INFO] Switch statement found in loci.common.DateTools.convertDate(long, int, String, boolean) where default case is missing [loci.common.DateTools] At DateTools.java:[lines 144-158] SF_SWITCH_NO_DEFAULT
[INFO] loci.common.GZipHandle.isGZipFile(String) may fail to clean up java.io.InputStream on checked exception [loci.common.GZipHandle, loci.common.GZipHandle, loci.common.GZipHandle] Obligation to clean up resource created at GZipHandle.java:[line 83] is not dischargedPath continues at GZipHandle.java:[line 84]Path continues at GZipHandle.java:[line 85] OBL_UNSATISFIED_OBLIGATION_EXCEPTION_EDGE
[INFO] loci.common.GZipHandle.isGZipFile(String) ignores result of java.io.FileInputStream.read(byte[]) [loci.common.GZipHandle] At GZipHandle.java:[line 85] RR_NOT_CHECKED
[INFO] loci.common.IniList.flattenIntoHashMap() makes inefficient use of keySet iterator instead of entrySet iterator [loci.common.IniList] At IniList.java:[line 75] WMI_WRONG_MAP_ITERATOR
[INFO] loci.common.IniWriter.saveINI(IniList, String, boolean, boolean) makes inefficient use of keySet iterator instead of entrySet iterator [loci.common.IniWriter] At IniWriter.java:[line 87] WMI_WRONG_MAP_ITERATOR
[INFO] loci.common.Location.equals(Object) does not check for null argument [loci.common.Location] At Location.java:[lines 518-528] NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT
[INFO] Should loci.common.Location$ListingsResult be a _static_ inner class? [loci.common.Location$ListingsResult] At Location.java:[lines 86-89] SIC_INNER_SHOULD_BE_STATIC
[INFO] loci.common.NIOFileHandle.defaultBufferSize should be package protected [loci.common.NIOFileHandle] At NIOFileHandle.java:[line 66] MS_PKGPROTECT
[INFO] loci.common.NIOFileHandle.defaultRWBufferSize should be package protected [loci.common.NIOFileHandle] At NIOFileHandle.java:[line 71] MS_PKGPROTECT
[INFO] loci.common.NIOFileHandle.readFully(byte[]) ignores result of loci.common.NIOFileHandle.read(byte[]) [loci.common.NIOFileHandle] At NIOFileHandle.java:[line 361] RR_NOT_CHECKED
[INFO] loci.common.NIOFileHandle.readFully(byte[], int, int) ignores result of loci.common.NIOFileHandle.read(byte[], int, int) [loci.common.NIOFileHandle] At NIOFileHandle.java:[line 367] RR_NOT_CHECKED
[INFO] loci.common.NIOInputStream.findString(boolean, int, String[]) may fail to close stream [loci.common.NIOInputStream] At NIOInputStream.java:[line 249] OS_OPEN_STREAM
[INFO] Unread public/protected field: loci.common.NIOInputStream.filename [loci.common.NIOInputStream] At NIOInputStream.java:[line 81] URF_UNREAD_PUBLIC_OR_PROTECTED_FIELD
[INFO] Unused public or protected field: loci.common.NIOInputStream.channel [loci.common.NIOInputStream] In NIOInputStream.java UUF_UNUSED_PUBLIC_OR_PROTECTED_FIELD
[INFO] loci.common.RandomAccessInputStream.findString(boolean, int, String[]) may fail to close stream [loci.common.RandomAccessInputStream] At RandomAccessInputStream.java:[line 323] OS_OPEN_STREAM
[INFO] loci.common.RandomAccessInputStream.skipBits(long) ignores result of loci.common.RandomAccessInputStream.skipBytes(int) [loci.common.RandomAccessInputStream] At RandomAccessInputStream.java:[line 393] SR_NOT_CHECKED
[INFO] loci.common.ReflectedUniverse.setVar(String, boolean) invokes inefficient Boolean constructor; use Boolean.valueOf(...) instead [loci.common.ReflectedUniverse] At ReflectedUniverse.java:[line 333] DM_BOOLEAN_CTOR
[INFO] loci.common.ReflectedUniverse.getVar(String) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead [loci.common.ReflectedUniverse] At ReflectedUniverse.java:[line 395] DM_NUMBER_CTOR
[INFO] loci.common.ReflectedUniverse.getVar(String) invokes inefficient new Long(String) constructor; use Long.valueOf(String) instead [loci.common.ReflectedUniverse] At ReflectedUniverse.java:[line 399] DM_NUMBER_CTOR
[INFO] loci.common.ReflectedUniverse.setVar(String, byte) invokes inefficient new Byte(byte) constructor; use Byte.valueOf(byte) instead [loci.common.ReflectedUniverse] At ReflectedUniverse.java:[line 338] DM_NUMBER_CTOR
[INFO] new loci.common.ReflectedUniverse(URL[]) creates a java.net.URLClassLoader classloader, which should be performed within a doPrivileged block [loci.common.ReflectedUniverse] At ReflectedUniverse.java:[line 85] DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED
[INFO] Null passed for non-null parameter of new java.util.zip.ZipInputStream(InputStream) in loci.common.ZipHandle.resetStream() [loci.common.ZipHandle, loci.common.ZipHandle] Method invoked at ZipHandle.java:[line 175]Known null at ZipHandle.java:[line 170] NP_NULL_PARAM_DEREF
[INFO] loci.common.ZipHandle.isZipFile(String) ignores result of loci.common.IRandomAccess.read(byte[]) [loci.common.ZipHandle] At ZipHandle.java:[line 130] RR_NOT_CHECKED
[INFO] Incorrect lazy initialization of static field loci.common.services.ServiceFactory.defaultFactory in new loci.common.services.ServiceFactory() [loci.common.services.ServiceFactory] At ServiceFactory.java:[lines 78-79] LI_LAZY_INIT_STATIC
[INFO]
@sbesson sbesson mentioned this issue Oct 17, 2016
Merged
@melissalinkert
Copy link
Member

See also https://trello.com/c/UP6SA0d3/31-findbugs-301 and https://trello.com/c/eKY4jQVH/180-findbugs-evaluate-spotbugs. The current version of findbugs-maven-plugin (3.0.5) uses Findbugs 3.0.1: https://github.com/gleclaire/findbugs-maven-plugin/blob/findbugs-maven-plugin-3.0.5/pom.xml#L121

Many of the bugs noted above would be ignored by https://github.com/openmicroscopy/bioformats/blob/develop/excludebugs.xml. Before going too far with this, it might be worth discussing to what extent we want to have unified exclude rules for all repositories.

@jburel
Copy link
Member

jburel commented Apr 9, 2024
edited
Loading

Considering how old findbugs is (latest release was in 06 March 2015) if
we should consider a different bug finder system

@melissalinkert
Copy link
Member

Spotbugs would be one option, as it's a continuation of Findbugs. Adding this to the pom.xml and running mvn spotbugs:check seems to work:

      <plugin>
        <groupId>com.github.spotbugs</groupId>
        <artifactId>spotbugs-maven-plugin</artifactId>
        <version>4.8.4.0</version>
        <configuration>
          <threshold>high</threshold>
        </configuration>
        <dependencies>
          <dependency>
            <groupId>com.github.spotbugs</groupId>
            <artifactId>spotbugs</artifactId>
            <version>4.8.4</version>
          </dependency>
        </dependencies>
      </plugin>

Omitting the configuration block will fail with a bunch of medium-priority warnings (similar to the original issue description).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jburel jburel

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@melissalinkert @jburel @sbesson