IntelliJ IDEA Static Code Analysis
2y ago
27 Views
1 Downloads
666.60 KB
56 Pages
Report/dmca
Download PDF

Transcription

IntelliJ IDEAStatic Code AnalysisHamlet D'ArcyCanoo Engineering AG@HamletDRChttp://hamletdarcy.blogspot.com

Static Code AnalysisCode InspectionsJSR 305 and 308 AnnotationsDuplicate DetectionStack Trace AnalysisDataflow AnalysisDependency Analysiswww.jetbrains.com/idea2

About Mewww.jetbrains.com/idea3

Static Code AnalysisCode InspectionsJSR 305 and 308 AnnotationsDuplicate DetectionStack Trace AnalysisDataflow AnalysisDependency Analysiswww.jetbrains.com/idea4

class 01Example {private static long count 0L;public synchronized void increment() {count ;}}www.jetbrains.com/idea5

class 02Example {private boolean active false;public boolean isActive() {return active;}public synchronized void activate() {active true;}}www.jetbrains.com/idea6

class 03Example {private final ReentrantLock lock new ReentrantLock();private boolean active false;public boolean isActive() throws Exception {lock.lock();boolean result active;lock.unlock();return result;}public void activate() {lock.lock();active true;lock.unlock();}}www.jetbrains.com/idea7

class 04Example {private static final boolean DEFAULT true;void myMethod(Boolean value) {if (value null)System.out.println("value: null");value DEFAULT;System.out.println("received: " value);}}www.jetbrains.com/idea8

class 05Example {Frame makeFrame(int height, int width) {Frame frame new Frame();frame.setSize(height, width);return frame;}Rectangle makeRectangle() {int x 0;int y 0;return new Rectangle(y, x, 20, 20);}}www.jetbrains.com/idea9

class 06Example {{try {doSomething();} catch (UnsupportedOperationException e) {handleError(e);} catch (IllegalStateException e) {handleError(e);} catch (IllegalArgumentException e) {handleError(e);}}.}www.jetbrains.com/idea10

class 07Example {private def Object lock new Object()def method() {synchronized(lock) {// do something}}}www.jetbrains.com/idea11

class 08Example {var property: String nulldef getProperty() {println(property)}}www.jetbrains.com/idea12

CorrectnessMulti-threaded correctnessMalicious code vulnerabilityBad practiceInternationalizationPerformanceCode style violationsDodgy* Bill Pugh, FindBugswww.jetbrains.com/idea13

and more Suppress False PositivesDefine profiles and scopesRun on demandRun from command lineTeam City integrationFindBugs, PMD & CheckStyle pluginsLanguage and framework support.www.jetbrains.com/idea14

Supported FrameworksAndroidAntApplication Server InspectionsCDI(Contexts and DependencyInjection)CSSFaces ModelFreeMarkerGoogle App Engine,Google Web ToolkitGroovyGuiceHibernateHTMLJ2MEJava avenOSGiRELAX NGSCSSSpring ModelSpring Web ServicesSQLTestNGVelocityJava WebServicesWebflow ModelWSDLXMLXpathXSLT. and many more15

Write Your OwnIntelliJ IDEA Static Analysis:Custom Rules with Structural Search & ReplaceOn http://JetBrains.tvwww.jetbrains.com/idea16

10 Best Unknown Inspections Illegal packagedependencies'this' reference escapesconstructorField accessed in bothsynched & unsynchedcontextsnon private field accessedin synched contextSynchronization on 'this'and 'synchronized' method return of collection or arrayfield call to 'Thread.run()' expression.equals("literal")rather than"literal".equals(expression) equals method does notcheck class of parameter method may be om/idea17

How it Works Searches AST for Bug Patternswww.jetbrains.com/idea18

How it Works@Overridepublic void visitMethod(@NotNull final PsiMethod method) {super.visitMethod(method);if (method.hasModifierProperty(PsiModifier.ABSTRACT)) {return;}if (!RecursionUtils.methodMayRecurse(method)) {return;}if (!RecursionUtils.methodDefinitelyRecurses(method)) tbrains.com/idea19

Static Code AnalysisCode InspectionsJSR 305 and 308 AnnotationsDuplicate DetectionStack Trace AnalysisDataflow AnalysisDependency Analysiswww.jetbrains.com/idea20

@Immutable and @GuardedBy@Immutablepublic class GuardedByExample {private final Object lock new Object();@GuardedBy("lock")private final List Object myList new ArrayList Object ();public Object getElement(int index) {synchronized (lock) {return myList.get(index);}}}public void addElement(Object e) {synchronized (lock) {myList.add(e);}}www.jetbrains.com/idea21

@Nullable and @NotNullpublic class NullableExample {@Nullable Integer getId() {return 1;}@NotNull String getName() {return "name";}}@Override public String toString() {if (getName() null) {return getId().toString() " unknown ";} else {return getId().toString() getName();}}www.jetbrains.com/idea22

@Patternclass PatternExample {@Pattern("[a-zA-Z] ")String getName() {return "my name";}}www.jetbrains.com/idea23

@Languagepublic class LanguageExample {@Language("Groovy")String getScript() {return "5.times { i - println \"Hello i\" } ";}}String getMarkup() {@Language("XML")String markup " root body Some Text /body /root ";return markup;}www.jetbrains.com/idea24

@Nls, @NonNls, @PropertyKey Resource bundle & i18n integration Extracting hard-coded String literals:http://goo.gl/VZDln Documentation: http://goo.gl/NWzsvwww.jetbrains.com/idea25

Static Code AnalysisCode InspectionsJSR 305 and 308 AnnotationsDuplicate DetectionStack Trace AnalysisDataflow AnalysisDependency Analysiswww.jetbrains.com/idea26

Duplicate Detection Anonymizes Local Variables, Fields,Methods, Types, and Literals Provides weighted/scored analysis Supports several languages More info: http://goo.gl/qmhhdwww.jetbrains.com/idea29

Static Code AnalysisCode InspectionsJSR 305 and 308 AnnotationsDuplicate DetectionStack Trace AnalysisDataflow AnalysisDependency Analysiswww.jetbrains.com/idea30

Analyze Stacktrace Copy and paste log files into IDEA ZKM Unscramble support (& others) More Info: http://goo.gl/A8i87www.jetbrains.com/idea33

Static Code AnalysisCode InspectionsJSR 305 and 308 AnnotationsDuplicate DetectionStack Trace AnalysisDataflow AnalysisDependency Analysiswww.jetbrains.com/idea34

Dataflow Analysis Code archeology to here – how a reference gets set from here – where a reference goes to More info: http://goo.gl/Cp92Qwww.jetbrains.com/idea37

Static Code AnalysisCode InspectionsJSR 305 and 308 AnnotationsDuplicate DetectionStack Trace AnalysisDataflow AnalysisDependency Analysiswww.jetbrains.com/idea38

UML Generation Dynamically generates diagram Standard Show/Hide options Integrated with RefactoringsDependency Analysis Shows all classes your code depends on Shows specific usages in your classes Allows jump to sourcewww.jetbrains.com/idea41

Dependency Structure Matrix Analyzes structure of complex projects Shows module, package, classdependencies Shows cyclic & backwards dependencies Helps eliminate illegal dependencieswww.jetbrains.com/idea42

Classes on top depend-on classes belowwww.jetbrains.com/idea43

* le click *CalculatorFacade uses:– Conversions, OperationsFactory & BinaryOperationwww.jetbrains.com/idea44

CalculatorFacade is used by– CalculatorServlet & FPCalculatorServletwww.jetbrains.com/idea45

* le click *BinaryOperation is used 4 times by Facade– Darker color more dependenciesGreen shows who BinaryOperation is “used by”Yellow shows who BinaryOperation “uses”www.jetbrains.com/idea46

Cyclic Dependencies can be highlightedModules can be collapsed/expandedwww.jetbrains.com/idea47

Dependency Structure Matrix Demos on JetBrains site & booth Feature Overview: http://goo.gl/0bcz3 JetBrains Blog Post: http://goo.gl/fdj26 Canoo Blog Post: http://goo.gl/M1hTYwww.jetbrains.com/idea48

Static Code AnalysisCode InspectionsJSR 305 and 308 AnnotationsDuplicate DetectionStack Trace AnalysisDataflow AnalysisDependency Analysiswww.jetbrains.com/idea49

Software LifecycleCode InspectionsJSR 305 and 308 AnnotationsDuplicate DetectionStack Trace AnalysisDataflow AnalysisDependency Analysiswww.jetbrains.com/idea50

Software LifecycleCode Inspections every secondJSR 305 and 308 AnnotationsDuplicate DetectionStack Trace AnalysisDataflow AnalysisDependency Analysiswww.jetbrains.com/ideaevery second51

Software LifecycleCode Inspections every debugJSR 305 and 308 AnnotationsDuplicate DetectionStack Trace AnalysisDataflow Analysis every debugDependency Analysiswww.jetbrains.com/ideaevery debug52

Software LifecycleCode Inspections every buildJSR 305 and 308 AnnotationsDuplicate DetectionStack Trace AnalysisDataflow AnalysisDependency Analysiswww.jetbrains.com/idea53

Software LifecycleCode InspectionsJSR 305 and 308 AnnotationsDuplicate Detection every dayStack Trace AnalysisDataflow AnalysisDependency Analysiswww.jetbrains.com/idea54

Software LifecycleCode InspectionsJSR 305 and 308 AnnotationsDuplicate DetectionStack Trace AnalysisDataflow Analysisevery releaseDependency Analysiswww.jetbrains.com/idea55

Learn More – Q & A My JetBrains.tv Screencasts: http://tv.jetbrains.net/tags/hamletMy IDEA blog: ork's IDEA blog: http://www.canoo.com/blog/tag/idea/Main blog: http://hamletdarcy.blogspot.comYouTube channel: http://www.youtube.com/user/HamletDRCTwitter: http://twitter.com/hamletdrcIDEA RefCard from DZone: http://goo.gl/Fg4AfIDEA Keyboard Stickers: JetBrains Booth Share-a-Canooie – http://people.canoo.com/share/ Hackergarten – 56

IntelliJ IDEA Static Code Analysis Hamlet D'Arcy Canoo

Related Books

JetBrains TeamCity Comparison

JetBrains TeamCity Comparison

What is Electricity? - Learn at SparkFun Electronics

What is Electricity? - Learn at SparkFun Electronics

HP Fortify Static Code Analyzer - WordPress

HP Fortify Static Code Analyzer - WordPress

Tutorial #2: Linear-Static Analysis.

Tutorial #2: Linear-Static Analysis.

selenium - RIP Tutorial

selenium - RIP Tutorial

Tutorial 1: Introduction to the Android Development .

Tutorial 1: Introduction to the Android Development .

android-studio

android-studio

TECH LINE INCIDENT REPORT - CONFIDENTIAL

TECH LINE INCIDENT REPORT - CONFIDENTIAL

INTERNATIONAL CODE COUNCIL 2012/2013 CODE

INTERNATIONAL CODE COUNCIL 2012/2013 CODE

hing you need to know Make your idea happen

hing you need to know Make your idea happen

CCNP Security FIREWALL Notes - 13Cubed

CCNP Security FIREWALL Notes - 13Cubed

PopularTags

Recent Views