[jira] [Commented] (SSHD-724) Fix errors flagged by infer static analyzer

Sun, 25 Dec 2016 10:00:06 -0800 

    [ 
https://issues.apache.org/jira/browse/SSHD-724?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15776809#comment-15776809
 ] 

Goldstein Lyor commented on SSHD-724:
-------------------------------------

The initiative is more than welcome, but a random samping of the so called 
reported "errors" yields that they are false alarms. In other words, if one 
looks at the code the reported "error" is not there, because the claim:

{quote}
could be null and is dereferenced
{quote}

is incorrect if one reads the Javadoc (which of course the static analyzer has 
no way of knowing) - and the same applies for the several reported "resource 
leaks". I would love to have a static analyzer integrated as part of the build 
- but it has to be configurable so it would not yield 100's of "errors" that 
look like noise and may hide the real ones.

P.S. I would have preferred having [Findbugs|http://findbugs.sourceforge.net/] 
report since it also has a _Maven_ plugin.and allows more fine-grained control 
over what is an error and what is not.

> Fix errors flagged by infer static analyzer
> -------------------------------------------
>
>                 Key: SSHD-724
>                 URL: https://issues.apache.org/jira/browse/SSHD-724
>             Project: MINA SSHD
>          Issue Type: Improvement
>    Affects Versions: 1.3.0
>            Reporter: David Ostrovsky
>              Labels: findbugs, static-analysis
>             Fix For: 1.4.0
>
>
> Running infer static analyzer: [1] on latest master produces 113 errors:
> [davido@wizball sshd]$ git describe
> sshd-1.3.0-51-g4f0f4dc
> [davido@wizball sshd]$ uname -a
> Linux wizball 4.8.6-300.fc25.x86_64 #1 SMP Tue Nov 1 12:36:38 UTC 2016 x86_64 
> x86_64 x86_64 GNU/Linux
> [davido@wizball sshd]$ java -version
> openjdk version "1.8.0_111"
> OpenJDK Runtime Environment (build 1.8.0_111-b16)
> OpenJDK 64-Bit Server VM (build 25.111-b16, mixed mode)
> [davido@localhost sshd]$ infer -- mvn package
> [...]
> ...too many issues to display (limit=10 exceeded), please see 
> /home/davido/projects/sshd/infer-out/bugs.txt or run `inferTraceBugs` for the 
> remaining issues.
> Summary of the reports
>   NULL_DEREFERENCE: 82
>      RESOURCE_LEAK: 31
> The full report can be found here: [2].
> [1] http://fbinfer.com
> [2] http://paste.openstack.org/show/593308



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to