Optimizing Java code with IBM static tools, part 1th: Getting Started with tools

What is BEAM?

A statement about the abbreviation BEAM

In the purpose of brevity, this article uses the abbreviation-beam of the tool name, which is simply the acronym for the tool's "Checking Tool for Bugs Errors and mistakes", rather than the name of the tool.

IBM Checking Tool for Bugs Errors and mistakes (with its initials BEAM later in this article) is a static analysis tool developed by IBM that can be used to analyze and find some of the less-easily discovered in C, C + +, and Java code Potential errors to improve the quality of your code. Compared with the dynamic analysis tools and other static analysis tools, it has some valuable features.

Comparison of the same dynamic analysis tools

First, BEAM can analyze the code directly, without the need to run code or compile links to code, so it's relatively easy. For example, running it doesn't need to write any test cases for the code, and dynamic analysis requires a lot of test cases only for unit tests, and these test cases can only test a single piece of code, and the reusability is very low, and basically each class needs a different test case. So it is time-consuming and costly to write enough unit test cases to test large software products.

Second, the tool can identify code flaws and security vulnerabilities that may be missed by unit tests and professional code reviews, such as memory leaks, illegal database access and illegal memory access, and so on, according to statistics, BEAM can find an error in an average of 1000 lines of code that has been tested.

Again, it can be run early in development to check the code to detect defects early in the product development and help reduce development costs. At the same time, it helps developers find their own coding style defects early in product development, and make early improvements to prevent the same type of errors from being repeated at the end of the project.

Comparison with other static analysis tools

Like other static analysis tools, BEAM is also the syntax of the code scan, through the algorithm to check the code analysis, and some bug patterns to compare, and finally identify the problem area, output analysis results. However, compared with other static analysis tools, it has some unique advantages.

First of all, it imitates the use of Javac, syntax and Javac similar, support many javac commonly used command parameters, and have the same semantics, such as-classpath,-source,-d, and so on, it also imitate Javac accept the same source file, but not compile, Instead, the analysis examines these source files. Developers who are accustomed to Javac can easily learn to use them.

Second, many static analysis tools are less accurate at error, and many of the code that is marked as wrong by these tools is actually correct, adding to the programmer's workload and potentially masking real errors. BEAM uses additional theorem proofs (theorem proving) techniques to determine whether a potential error is a real mistake, which reduces the amount of work the programmer needs to determine the authenticity of the error. For example:

Listing 1. code example

int　Average(int　Sum,　int　N)
　 {
　　　 return　Sum　/　N;
　 }