'Batik and FindBugs'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       batik-dev
Subject:    Batik and FindBugs
From:       Robert Gurol <robert.gurol () signavio ! com>
Date:       2013-05-08 14:47:48
Message-ID: CAPxgbL6gX5ptV8MGtXbWQD=bU2EOwJH0VEK3+9BP7d9D2H-2Lg () mail ! gmail ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


Hi,

quite some time ago on the batik dev mailing list, a suggestion was made to
use the Java Byte Code checker FindBugs (http://findbugs.sourceforge.net)
to assist development for Batik.

I recently investigated an issue with the software I work on, running
FindBugs on batik as well. I think you may find the results interesting - I
will attach them as both a browseable html file (zipped, its browser URL is
referred to as <HTML_FILE> in the following for fragment addressing) and
FindBugs 2.0.2 project files (in case you want to use the (free) FindBugs
GUI software, cf. http://findbugs.sourceforge.net/downloads.html).

To mention a few issues that are found, let me give you some I noticed
among the ones output by FindBugs:
* In many places, String or Integer comparisons are done using the ==
operator where the equals(...) method may be more appropriate
(<HTML_FILE>#ES_COMPARING_STRINGS_WITH_EQ). Even if constants are used
throughout the code, the assumption that the variable will not get re-boxed
etc should not be made.

* this piece of code in org.apache.batik.util.Service may throw unexpected
NPEs (first if should use "!=") (<HTML_FILE>#NP_LOAD_OF_KNOWN_NULL_VALUE)
if ( br == null ){
    try{
        br.close();
    } catch ( IOException ignored ){}
    br = null;
}

* many static fields are not final (potentially dangerous issue with regard
to multiple instances of a class running)
(<HTML_FILE>#MS_SHOULD_BE_FINAL)

* MacRenderer, where there was some synchronization issue in the past, may
cause trouble as the synchronization variable may get re-assigned (Only
shows up in my IDE FindBugs plugin output somehow, sorry.
MacRenderer.workImg field,
http://findbugs.sourceforge.net/bugDescriptions.html#ML_SYNC_ON_FIELD_TO_GUARD_CHANGING_THAT_FIELD;
 similar AbstractDocument.elementsById
http://findbugs.sourceforge.net/bugDescriptions.html#ML_SYNC_ON_UPDATED_FIELD
)

Of course, the FindBugs GUI (or, alternatively, its Eclipse IDE plugin
equivalent) provides a much better breakdown, and provides functionality
for sorting, searching and classifying the issues found by different
criteria; the HTML is just there to give you a zero-threshold impression.
Filtering may also filter issues by severity, in case you are upset by the
sheer number of "mostly harmless" issues reported.

I'll gladly answer any FindBugs questions that may come up.

If any of the issues seem relevant for my own Batik use case (cf. users
mailing list), I'll gladly write a fix and submit a patch.

Best regards,

Robert



-- 
________________________________________________________

Besuchen Sie uns/Meet us:

Process Solutions Day <http://www.gfo-kongress.de/>: 2013: 14.+15.05.2013
in Frankfurt, Germany
Signavio Customer
Day<http://www.signavio.com/de/events/signavio-ladt-zum-kundentag-in-berlin-ein/>:
13.09.2013 in Berlin, Germany
Frankfurter Buchmesse <http://www.buchmesse.de/>: 09.-13.10.2013 in
Frankfurt, Germany
Messekongress "IT für
Versicherungsunternehmen"<http://www.assekuranz-messekongress.de/portal/de/messekongresse/it/aktuelles_2/index.xhtml>:
 26.+27.11.2013
in Leipzig, Germany
________________________________________________________


Robert Gurol
Software Developer
robert.gurol@signavio.com
T +49 30 488 172 50
F +49 30 250 43 747

Signavio GmbH
Goethestr. 2-3
10623 Berlin

HRB 121584 B Amtsgericht Charlottenburg, Ust-ID: DE265675123
Geschäftsführer: Dr. Gero Decker, Torben Schreiter
________________________________________________________

Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte
Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail
irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und
vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte
Weitergabe dieser E-Mail ist nicht gestattet.

This e-mail may contain confidential and/or privileged information. If you
are not the intended recipient (or have received this e-mail in error)
please notify the sender immediately and destroy this e-mail. Any
unauthorised copying, disclosure or distribution of the material in this
e-mail is strictly forbidden.


[Attachment #5 (text/html)]

<div dir="ltr"><div>Hi,<br></div><div><br></div><div>quite some time ago on the batik \
dev mailing list, a suggestion was made to use the Java Byte Code checker FindBugs \
(<a href="http://findbugs.sourceforge.net">http://findbugs.sourceforge.net</a>) to \
assist development for Batik. </div> <div><br></div><div>I recently investigated an \
issue with the software I work on, running FindBugs on batik as well. I think you may \
find the results interesting - I will attach them as both a browseable html file \
(zipped, its browser URL is referred to as &lt;HTML_FILE&gt; in the following for \
fragment addressing) and FindBugs 2.0.2 project files (in case you want to use the \
(free) FindBugs GUI software, cf. <a \
href="http://findbugs.sourceforge.net/downloads.html">http://findbugs.sourceforge.net/downloads.html</a>).</div>
 <div><br></div><div>To mention a few issues that are found, let me give you some I \
noticed among the ones output by FindBugs: </div><div>* In many places, String or \
Integer comparisons are done using the == operator where the equals(...) method may \
be more appropriate (&lt;HTML_FILE&gt;#ES_COMPARING_STRINGS_WITH_EQ). Even if \
constants are used throughout the code, the assumption that the variable will not get \
re-boxed etc should not be made. </div> <div><br></div><div>* this piece of code in \
org.apache.batik.util.Service may throw unexpected NPEs (first if should use \
&quot;!=&quot;) (&lt;HTML_FILE&gt;#NP_LOAD_OF_KNOWN_NULL_VALUE)</div><div>if ( br == \
null ){</div><div>  try{</div><div>        br.close();</div><div>    } catch ( \
IOException ignored ){}</div><div>    br = \
null;</div><div>}</div><div><br></div><div>* many static fields are not final \
(potentially dangerous issue with regard to multiple instances of a class \
running)</div> <div>(&lt;HTML_FILE&gt;#MS_SHOULD_BE_FINAL)</div><div><br></div><div>* \
MacRenderer, where there was some synchronization issue in the past, may cause \
trouble as the synchronization variable may get re-assigned (Only shows up in my IDE \
FindBugs plugin output somehow, sorry. MacRenderer.workImg field, <a \
href="http://findbugs.sourceforge.net/bugDescriptions.html#ML_SYNC_ON_FIELD_TO_GUARD_C \
HANGING_THAT_FIELD">http://findbugs.sourceforge.net/bugDescriptions.html#ML_SYNC_ON_FIELD_TO_GUARD_CHANGING_THAT_FIELD</a>; \
similar AbstractDocument.elementsById <a \
href="http://findbugs.sourceforge.net/bugDescriptions.html#ML_SYNC_ON_UPDATED_FIELD">h \
ttp://findbugs.sourceforge.net/bugDescriptions.html#ML_SYNC_ON_UPDATED_FIELD</a>)</div>
 <div><br></div><div>Of course, the FindBugs GUI (or, alternatively, its Eclipse IDE \
plugin equivalent) provides a much better breakdown, and provides functionality for \
sorting, searching and classifying the issues found by different criteria; the HTML \
is just there to give you a zero-threshold impression. Filtering may also filter \
issues by severity, in case you are upset by the sheer number of &quot;mostly \
harmless&quot; issues reported. </div> <div><br></div><div>I&#39;ll gladly answer any \
FindBugs questions that may come up. </div><div><br></div><div>If any of the issues \
seem relevant for my own Batik use case (cf. users mailing list), I&#39;ll gladly \
write a fix and submit a patch.</div> <div><br></div><div>Best \
regards,</div><div><br></div><div>Robert</div><div><br></div><div><br></div><div><br></div>-- \
<br><div dir="ltr"><div><div \
style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
 <div><div>________________________________________________________<br></div><div><br></div><div><div><font \
color="#000000">Besuchen Sie uns/Meet us:</font></div><div><font \
color="#000000"><br></font></div><div><font color="#000000"><a \
href="http://www.gfo-kongress.de/" style="color:rgb(17,85,204)" \
target="_blank">Process Solutions Day</a>: 2013: 14.+15.05.2013 in Frankfurt, \
Germany</font></div> <div><a \
href="http://www.signavio.com/de/events/signavio-ladt-zum-kundentag-in-berlin-ein/" \
style="color:rgb(17,85,204)" target="_blank">Signavio Customer Day</a>: 13.09.2013 in \
Berlin, Germany<br></div><font color="#000000"><a href="http://www.buchmesse.de/" \
style="color:rgb(17,85,204)" target="_blank">Frankfurter Buchmesse</a>: \
09.-13.10.2013 in Frankfurt, Germany </font></div> <div><font color="#000000"><a \
href="http://www.assekuranz-messekongress.de/portal/de/messekongresse/it/aktuelles_2/index.xhtml" \
style="color:rgb(17,85,204)" target="_blank">Messekongress &quot;IT für \
Versicherungsunternehmen&quot;</a>: 26.+27.11.2013 in Leipzig, Germany<br> \
</font></div><div><font \
color="#000000">________________________________________________________</font></div></div><div><br></div><div><br></div></div>Robert \
Gurol<br> Software Developer<br>
<a href="mailto:robert.gurol@signavio.com" \
target="_blank">robert.gurol@signavio.com</a> <br>

T +49 30 488 172 50<br>

F +49 30 250 43 747<br><br>Signavio GmbH<br>Goethestr. 2-3<br>10623 \
Berlin<br><br></div> <div>HRB 121584 B Amtsgericht Charlottenburg, <span \
style="font-family:arial,sans-serif;font-size:13px;border-collapse:collapse">Ust-ID: \
DE265675123</span><br> </div><span \
style="font-family:arial,sans-serif;font-size:13px;border-collapse:collapse"><span \
style="border-collapse:separate;font-family:arial;font-size:small">Geschäftsführer: \
Dr. Gero Decker, Torben Schreiter</span></span><br> <div><span \
style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">______________________________</span><span \
style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">__________________________</span> \
<br> <div><br></div>
Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte<br>
Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail<br>
irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und<br>
vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte<br>
Weitergabe dieser E-Mail ist nicht gestattet.<br>
<br>
This e-mail may contain confidential and/or privileged information. If you<br>
are not the intended recipient (or have received this e-mail in error)<br>
please notify the sender immediately and destroy this e-mail. Any<br>
unauthorised copying, disclosure or distribution of the material in this<br>
e-mail is strictly forbidden.</div></div>
</div>

--089e0141a20288255804dc360487--


["batik FindBugs GUI files.zip" (application/zip)]
["findbugs_output_browseable_html.zip" (application/zip)]

---------------------------------------------------------------------
To unsubscribe, e-mail: batik-dev-unsubscribe@xmlgraphics.apache.org
For additional commands, e-mail: batik-dev-help@xmlgraphics.apache.org

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic