In the daily development process will inevitably leave some bugs due to negligence, these bugs are buried in the program of time bombs, if not timely eradication will lead to program instability, abnormal or flashback phenomenon, resulting in a decline in user experience. So how do you find out the time bombs buried in the program?
The most headache for programmers is to find a bug, especially to find their own programs in the bug, because people's thinking is a misunderstanding, he is easy to fall into the development process at the time of thinking, so it is difficult to find buried in the program of the bug. Next, we will share a Bugs analysis tool findbugs.
FindBugs is a project supported by National Science Foundation that uses static analysis to find bugs in Java code, a static analysis tool that examines classes or jar files, Compare bytecode with a set of defect patterns to identify possible problems. With the static analysis tool, you can analyze the software without actually running the program. Rather than determining the intent of a program by parsing the form or structure of a class file, it is common to use the visitor pattern to identify whether the code conforms to some fixed specifications.
PS. FindBugs cannot parse a business logic bug in a program, so a bug in business logic needs to be looked up by developers based on specific business needs.
The findbugs can be used as a plugin on the compiler for the eclipse or IntelliJ idea environment. Here's how to use FindBugs in Android Studio.
Installing the FindBugs on the Androidstudio
Androidstudio offers two ways to install plug-ins online and offline.
Online installation findbugs:
First open the plugin in Androidstudio settings, enter FindBugs, as shown, click Browse Find, select Findbugs-idea and then click Install on the right The plugin button is installed (because FindBugs is installed here so there is no install plugin button on the right). Such as:
Offline installation findbugs:
First, download the FindBugs installation package for the IntelliJ idea Ring environment, findbugs-idea-0.9.997. Second, open the Androidstudio settings in the plugin, click the Install Pluginfrom Disk button to select just download the FindBugs installation package to install. Such as:
Basic use of FindBugs
After the FindBugs installation is complete, restart the Androidstudio and you will see the FindBugs interface window after the reboot, such as:
FindBugs supports bug analysis of package level, project level, module level, individual file level, and custom scope.
Attached: findbugs description of bug type
Bad Practice Practice
Some bad practices, listed below: He: class defines equals, but no hashcode, or class defines equals, Use Object.hashcode, or the class defines hashcode, but does not have equals, or the class defines hashcode, but uses object.equals; The class inherits equals, but uses Object.hashcode. Sql:statement's Execute method invokes a very literal string, or prepared Statement is generated by a very literal string. DE: The method terminates or does not handle the exception, in general, the exception should be handled or reported, or thrown by the method. Malicious code vulnerability may be under a malicious attack
If the code is exposed, potentially malicious code, here are a few: FI: The finalize of a class should be protected, not public. MS: The property is a mutable array; The property is a variable hashtable; The property should be package protected.
Correctness General correctness problems
The code that could lead to the error is listed below:
NP: null pointer is referenced; In the method's exception path, the null pointer is referenced; The method does not check whether the parameter Null;null value is generated and is referenced;
A null value is generated and is referenced in the exception path of the method;
Passed to the method a null parameter declared as @nonnull;
The return value of the method declared as @nonnull is actually null.
Nm: Class defines the Hashcode method, but does not actually overwrite the hashcode of the parent class object, the class defines the ToString method, but does not actually overwrite the ToString of the parent object, the obvious method is confused with the constructor, and the method name is easily confused.
The SQL: Method attempts to access a prepared statement 0 index, and the method attempts to access a ResultSet 0 index.
UwF: All write attributes are set to NULL, so that all reads are null, so that the property is necessary to exist, or the property is never write.
Dodgy dangerous.
Potentially dangerous code, which may cause errors during run-time, is listed below:
CI: Class declared as final but declared protected property.
DLS: Assigns a value to a local variable, but does not read the local variable; The local variable is assigned null, but the local variable is not read.
ICAST: integer number multiplication result is converted to long integer number, the integer type should be converted to long integer number and then multiplied.
INT: No necessary integer number comparison, such as X <= integer.max_value. NP: A direct reference to ReadLine, without judging whether it is null, a direct reference to a method invocation, and a method that may return null. REC: Captures exception directly, but may actually be runtimeexception. ST: Modify the class variable directly from the instance method, that is, the static property.
Performance Performance Issues
Code that could lead to poor performance, here are a few examples:
DM: The method calls the inefficient Boolean constructor, but should use Boolean.valueof (...). ;
Replace the new Integer (1) with a similar integer.tostring (1). toString;
The method calls the constructor of the inefficient float and should use the static ValueOf method.
SIC: If an inner class wants to be referenced in a wider area, it should be declared as static.
SS: If an instance property is not read, consider declaring it static.
UrF: If an attribute is never read, consider removing it from the class.
UuF: If an attribute is never used, consider removing it from the class.
Multithreaded correctness multi-threading correctness when multithreaded programming can lead to incorrect code, here are a few:
Esync: An empty synchronization block that is difficult to use correctly.
MWN: Error using notify, may cause illegalmonitorstateexception exception, or incorrect use of wait.
No: Use notify instead of Notifyall, just wake up one thread instead of all waiting threads.
SC: The constructor called Thread.Start, which may cause an error when the class is inherited.
Internationalization internationalization when using the upper or lowercase method on a string, if it is an international string, it may not be appropriate to convert.
FindBugs plugin in Android Studio makes it easy for you to find bugs (go)