Giter Site home page Giter Site logo

codegex's Introduction

Hi there 👋

Xiaoven Cheung's GitHub Stats Top Languages

codegex's People

Contributors

codegex-analysis avatar ericlee543 avatar suarez12138 avatar wuqihan837 avatar xiaoven avatar zhouyinn avatar

codegex's Issues

False positive for BIT_SIGNED_CHECK

fastjson/src/main/java/com/alibaba/fastjson/util/UTF8Decoder.java

int uc = ((b1 & 0x07) << 18) | ((b2 & 0x3f) << 12) | ((b3 & 0x3f) << 06) | (b4 & 0x3f);

原因

现在的 pattern 为

\(\s*([~-]?(?:(?P<aux1>\((?:[^()]++|(?&aux1))*\))|[\w.-])++)\s*&\s*([~-]?(?:(?&aux1)|[\w.])++)\s*\)\s*([><=!]+)\s*0

它匹配上述例子中的 (b3 & 0x3f) << 0 部分。应在逻辑中加入判断 ([><=!]+) 部分提取到的是否是 >, <, >=, <=, ==, != 之一,如果不是,则返回

FPs for DLS_OVERWRITTEN_INCREMENT 

// https://github.com/tcgone/carddb/pull/100/files#diff-6c19d66c31bb9986c633ad36b5edc2518ae400fb7d585b8a99c4cad7e3d6d5ddR394
card.order = order++;

False positives for UI_INHERITANCE_UNSAFE_GETRESOURCE 

// https://github.com/apache/lucene-solr/blob/0a22341ee21ea24fed0d38a58136314472a1c587/lucene/analysis/common/src/test/org/apache/lucene/analysis/hunspell/SpellCheckerTest.java#L42
InputStream affixStream =
        Objects.requireNonNull(getClass().getResourceAsStream(name + ".aff"), name);
// https://github.com/apache/lucene-solr/blob/0a22341ee21ea24fed0d38a58136314472a1c587/lucene/analysis/common/src/test/org/apache/lucene/analysis/hunspell/SpellCheckerTest.java#L44
InputStream dictStream =
        Objects.requireNonNull(getClass().getResourceAsStream(name + ".dic"), name);

FPs due to match in string

NM_FUTURE_KEYWORD_USED_AS_IDENTIFIER

// https://github.com/OpenAPITools/openapi-generator/pull/8505/files
        typeMapping.put("enum", "NSString");

// https://github.com/SufficientlySecure/calendar-import-export/pull/91/files
Log.d(TAG, "Ignore enum-property: " + evName + "=" + dbName + ": " + ignored.toString());

    private static final String ASYNCAPI_JSON_HYPERSCHEMA = "{\n" +
             "      \"enum\": [\n" +

False positives for NM_FIELD_NAMING_CONVENTION 

//https://github.com/tlaplus/tlaplus/pull/574/files https://github.com/tlaplus/tlaplus/pull/574/files #107
public static final BoolValue ValTrue = new BoolValue(true);
BoolValue.ValTrue;

False Positive of NM_SAME_SIMPLE_NAME_AS_SUPERCLASS for inner class

link

public class ICUCollationKeywordFieldMapper extends FieldMapper {
    public static class Builder extends FieldMapper.Builder {
        ...
    }
}

在 spotbugs 中,外层的 ICUCollationKeywordFieldMapper 没有和 FieldMapper 重simple name时, 内部类的重名是不会报warnigns 的。

考虑判断 class definition statement 前面的空格数目?如果有空格,就把 priority 降至 ignore?

Enhance DMI_COLLECTIONS_SHOULD_NOT_CONTAIN_THEMSELVES by local search

目前 DMI_COLLECTIONS_SHOULD_NOT_CONTAIN_THEMSELVESSA_SELF_COMPARISON 都会识别 contains 方法。可以通过搜索 object 的用法来辅助判断它是否是 collection,如果是,则报 DMI_COLLECTIONS_SHOULD_NOT_CONTAIN_THEMSELVES.

Example

下面的例子会同时报 DMI_COLLECTIONS_SHOULD_NOT_CONTAIN_THEMSELVESSA_SELF_COMPARISON

void tmp(Collection c){
        if (c.contains(c)){
            System.out.println("collection yes");
        } else{
            System.out.println("no");
        }
    }

希望能改一下 local search 机制,在 engine 初始化 detector 的时候,检查 detector 是否需要 local search,如需要,则把 patch_set 信息传给它,让它在自己的 class 内加工保存自己需要用的信息, 而不是像现在local search 方法和相关变量都定义和保存在 engine 内

Precise line number for DMI_RANDOM_USED_ONLY_ONCE

rocketmq/tools/src/main/java/org/apache/rocketmq/tools/monitor/MonitorService.java#137

    private String instanceName() {
        String name =
            System.currentTimeMillis() + new Random().nextInt() + this.monitorConfig.getNamesrvAddr();

        return "MonitorService_" + name.hashCode();
    }

Improve by using get_exact_lineno method.

False positive for FI_EXPLICIT_INVOCATION 

// https://github.com/eclipsesource/J2V8/pull/504/files#diff-a892003576f3e242006668a1b63c89dff9144c4e4b343020847ad103b53e6b03R79
        @Override protected void finalize() {
            try {
                super.finalize();
            } catch (Throwable t) { }

            if (!receiver.isReleased()) {
                receiver.release();
            }

            if (!function.isReleased()) {
                function.release();
            }
        }
  • 方法1: 检查 object 是不是名为 super
  • 方法2: 加一个search before功能,从指定行开始往前遍历匹配,看看最近的method signature 是否名为 finalize

FPs for NM_FIELD_NAMING_CONVENTION

如果 ImageView.ScaleType.CENTER 是定义在 library 的,那么即使我们用了 online search,也是搜索不到的

        ImageRequest imageRequest = new ImageRequest(
                img_urls.get(i),
                listener2, 50, 50, ImageView.ScaleType.CENTER,
                Bitmap.Config.ARGB_8888, null);
        queue.add(imageRequest);
    }

Self computation 优先级问题和正则 disjoint groups 带来的问题

目前的正则

(\b\w[\w.]*(?P<aux1>\((?:[^()]++|(?&aux1))*\))*)\s*([|^&-])\s*([\w.]+(?&aux1)*)

问题

由于正则匹配提取的是 disjoint groups, 会造成 False Negatives

  • 对于 return i | j & j; 提取的groups为 i | j
  • 对于 return i | j & j | z; 提取的groups为 i | j j | z ,但其实 & 的优先级更高,j & j 本应该会触发 warnings 的

FPs of RV_EXCEPTION_NOT_THROWN). 

// https://github.com/AzureSDKAutomation/azure-sdk-for-java/pull/7314/files
@@ -733,6 +734,7 @@ public WorkspaceInner createOrUpdate(
                    new IllegalArgumentException(
                        "Parameter this.client.getSubscriptionId() is required and cannot be null."));

原因:该 exception 作为参数传递,但是 patch 没有显示它前面的 method ,导致它被单独划分一个 statement。

解决办法:做括号匹配,再检查分号

False positives for SA_SELF_COMPUTATION 

// https://github.com/apache/pulsar/blob/85675c8c31ec7529c7877778b73ddeea72772a2c/pulsar-broker/src/test/java/org/apache/pulsar/broker/stats/ConsumerStatsTest.java#L182
long expectUnacked = msgOutCounter - (i - i % cumulativeInterval);

False Negative for VA_FORMAT_STRING_USES_NEWLINE

link

if (expectedSha.equals(sha) == false) {
            final String exceptionMessage = String.format(
                Locale.ROOT,
                "SHA has changed! Expected %s for %s but got %s."
                    + "\nThis usually indicates a corrupt dependency cache or artifacts changed upstream."
                    + "\nEither wipe your cache, fix the upstream artifact, or delete %s and run updateShas",
                expectedSha,
                jarName,
                sha,
                shaFile
            );

False Negative for RC_REF_COMPARISON_BAD_PRACTICE_BOOLEAN

link

public static Parameter<Boolean> norms(boolean defaultValue, Function<FieldMapper, Boolean> initializer) {
        return Parameter.boolParam("norms", true, initializer, defaultValue)
            .setMergeValidator((o, n, c) -> o == n || (o && n == false));  // norms can be updated from 'true' to 'false' but not vv
    }

False positive for CNT_ROUGH_CONSTANT_VALUE 

// https://github.com/alibaba/fastjson/pull/2655/files#diff-16b3c16c736dce233aa4cfbdf1fce6e9485df5afc86c5434697bff31facb36d2R11
	private String[] jstrUnionOfRightArray = { " [ ]", "[\"Today\"]", "[1234]", "[-0]", "[1.2333]", " [3.14e+0]",
			" [-3.14E-0]", "[0e0]", "[true]", "[false]", "[null]", "[\"\\u1234\"]", " [{\"name\":\"test\"}]",
			"[{}, [{}, []]]   " , "    "};

FN: UI_INHERITANCE_UNSAFE_GETRESOURCE

org/nanohttpd/junit/protocols/http/LoadKeyStoreTest.java

    @Test
    public void loadKeyStoreFromResources() throws Exception {
        String keyStorePath = "/keystore.jks";
        InputStream resourceAsStream = this.getClass().getResourceAsStream(keyStorePath);

原因

不明。在 regex101 检查表达式是可以匹配的,或许需要检查 parser 划分结果?

False positive for DM_STRING_VOID_CTOR

例子

// https://github.com/nus-cs2103-AY1920S1/duke/pull/307/files?file-filters%5B%5D=.java
String content = new String(Files.readAllBytes(Paths.get(filePath)), "UTF-8");

// https://github.com/pablocrcdev/CRC_Guard_App/pull/1/files?file-filters%5B%5D=.java#diff-99e535000b086879e264018751474845afd0da622128af12b630f61b308f959cL242
text = new String(payload, languageCodeLength + 1, payload.length - languageCodeLength - 1, textEncoding);

//https://github.com/apache/nifi/pull/3576/files#diff-e7b9c3cbb08b7642d1c779ec35a7db494b152e7749d2ee17d47ec430c1b1f4bbR457
final String spec = new String(Files.readAllBytes(Paths.get("src/test/resources/TestJoltTransformJson/chainrSpec.json")));

// https://github.com/code-differently/Assessment-PAIN/pull/15/files#diff-478b2349e8da512b9f501d8ece255e9445998876e9bac0eeb9fd8e5f69af77c2R11
data = new String(Files.readAllBytes(Paths.get("RawData.txt")));

// https://github.com/NayeeC/Production-Practice/pull/9/files#diff-c437294bd5b8e57a04746fd38d05769992a55dbe2e6b9c85032dd08a85127a38R23
return new String(src.getBytes("iso-8859-1"), "utf-8");

现在没有考虑两个参数的情况, 但是怎么排除两个参数的情况呢?

String 的constructors们

False positive for STCAL_STATIC_CALENDAR_INSTANCE 

https://github.com/sstrickx/yahoofinance-api/pull/152/files#diff-8d68307bdbd437a4c6e7bece19d314248059d2a5d13240a33b631ab83af4b2abR236
    public static Calendar parseDateTime(String date, String time, TimeZone timeZone) {
        String datetime = date + " " + time;
        SimpleDateFormat format = new SimpleDateFormat("M/d/yyyy h:mma", Locale.US);

// https://github.com/jverein/jverein/pull/62/files#diff-edd5519d9f886de3c35f794f0dc70bb8c178ca8ff216110e21ad254ff2083d2aR199
  public static GregorianCalendar getBeginnGeschaeftsjahr(GregorianCalendar date) {
    GregorianCalendar BeginnGeschaeftsjahr = new GregorianCalendar();

识别 field 定义

FN and FP for ES_COMPARING_STRINGS_WITH_EQ with special character

False Negative

com/alibaba/fastjson/parser/deserializer/FieldDeserializer.java

if (collection == Collections.emptySet()
                                    || collection == Collections.emptyList()
                                    || collectionClassName == "java.util.ImmutableCollections$ListN"
                                    || collectionClassName == "java.util.ImmutableCollections$List12"
                                    || collectionClassName.startsWith("java.util.Collections$Unmodifiable")) {
                                // skip
                                return;
                            }

原因

现在的pattern为

r'((?:(?P<aux1>\((?:[^()]++|(?&aux1))*\))|[\w."])++)\s*[!=]=\s*((?:(?&aux1)|[\w."])+)'

其中 [\w."] 部分不能匹配 $ 符号(java 命名规则允许使用字符中比较少用的字符)

False Positive

nanohttpd/websocket/src/test/java/org/nanohttpd/junit/protocols/websockets/WebSocketResponseHandlerTest.java

this.headers.put("sec-websocket-key", "x3JJHMbDL1EzLkh9GBhXDw==");

原因

等号两边匹配结果 "x3JJHMbDL1EzLkh9GBhXDw".

is_str_with_quotes 方法现在只判断字符串开头和结尾字符是否为 ", 没有判断字符串长度,导致只包含" 的字符串蒙混过关。

Wrong line number for switch-case

switch (c) {
        case 'a':
        case 'A':
            if (csName == "ASCII" || equalEncodings(csName, "ASCII")) {
                return CS_US_ASCII;
            }
            break;

        case 'c':

尽量使用 get_exact_lineno 方法

ES_COMPARING_STRINGS_WITH_EQ

遇到一个不知道什么版本的 Java 项目,我们的 parser 不能准确地划分它的 statements,但是如果用 get_exact_lineno 还是可以得到准确的行数的

#else
     public #class($command.name)(#class($command.getProperty("Requires").getValue()) subsystem) {
     public #class($command.name)(#if($command.getProperty("DoubleSupplier 1").getValue() != "None")DoubleSupplier doublesupplier1, #end#if($command.getProperty("DoubleSupplier 2").getValue() != "None")DoubleSupplier doublesupplier2, #end#class($command.getProperty("Requires").getValue()) subsystem) {

 #end
#set($params = $command.getProperty("Parameters").getValue())
#macro( klass $cmd )#if( "#type($cmd)" == "" )CommandBase#else#type($cmd)#end#end
 import edu.wpi.first.wpilibj2.command.CommandBase;

FPs for SA_SELF_COMPUTATION

operator priority 问题

// https://github.com/Vardan2020/VardanHomeWork/pull/20/files#diff-ee711ac873a4cd67ccdf1c4453d4051d8c456f9e7e5b731d021a06c401b5a6c1R7
if (a > b & b>c) {

考虑过滤掉 if 等 condition 语句?@stan6

Ehance UI_INHERITANCE_UNSAFE_GETRESOURCE

该 pattern 需要在检查到 getResource 方法调用后,再添加两个搜索功能:

  1. 本地全局搜索:搜索 pull request里的 patches 是否 “extends 所在文件名”

  2. 网络搜索:通过 Github API (可以用 PyGithub) 发送搜索请求,在 repo 中搜索 “extends 所在文件名”

原因:如果检测到调用到那个 class 没有子类的话,是不造成问题的

False Positive

测试文件一般没有子类
animated-gif-lib-for-java/src/test/java/com/madgag/gif/fmsware/TestAnimatedGifEncoder.java

 private byte[] getExpectedBytes(String name) throws IOException {
        File expectedFile = new File(getClass().getResource(name).getFile());
private BufferedImage getImage(String name) throws IOException {
        return ImageIO.read(new File(getClass().getResource(name).getFile()));
    }

FPs for NM_CLASS_NAMING_CONVENTION 

// https://github.com/Catch-PS/Algorithm-PS/pull/25/files
// Section11/programmers_Ïù¥Ï§ëÏö∞ÏцÏàúÏúÑÌÅê_kgh.java   缺少韩语支持,不清楚是哪个文件,以下两个都要试一下
 public MaxHeap(int value) {

static int convertTimeToInt(String s){

        public MinHeap(int value) {

False positive for SE_NONSTATIC_SERIALVERSIONID

Examples

// https://github.com/EriolEandur/Animations/pull/2/files#diff-142800dac9917f3c0745c03ab73c4d007f454a841d1d17fa32294da970897172R230
public static long getSerialVersionUID() {
        return serialVersionUID;
    }

// https://github.com/mhagnumdw/bean-info-generator/pull/5/files#diff-71bf0b35fa483782180f548a1a7d6cc4b3822ed12aa4bb86640f80dde9df3077R13
   public static final BeanMetaInfo serialVersionUID = new BeanMetaInfo("serialVersionUID");

调研

SpotBugs 实现链接

if ((flags & mask) == mask && "I".equals(fieldSig)) {

Spotbugs 似乎只当变量类型为int使才报warnings

'I' 的解释看这里

解决办法

  1. 对例子1,先匹配是否是 return 语句,如果是则跳过

  2. 对例子2,应该检查类型是否是 int 等数字类型?如果不是就可能是故意的

False Positive of BIT_AND_ZZ

Examples:

private static int varintSize(int paramInt)
    {
        if ( ( paramInt & 0xFFFFFF80 ) == 0 )
        {
            return 1;
        }
        if ( ( paramInt & 0xFFFFC000 ) == 0 )
        {
            return 2;
        }
        if ( ( paramInt & 0xFFE00000 ) == 0 )
        {
            return 3;
        }
        if ( ( paramInt & 0xF0000000 ) == 0 )
        {
            return 4;
        }
        return 5;
    }

Cause

It is a regression caused by refactoring in 5584cdb .

The regex before was

\(\s*((?:(?P<aux1>\((?:[^()]++|(?&aux1))*\))|[\w.])++)\s*&\s*((?:(?&aux1)|[\w.])+)\s*\)\s*>\s*0
\(\s*((?:(?P<aux1>\((?:[^()]++|(?&aux1))*\))|[\w.])++)\s*&\s*0\s*\)\s*==\s*0

But now it is

\(\s*(?:(?P<aux1>\((?:[^()]++|(?&aux1))*\))|[\w.])++\s*&\s*(?:(?&aux1)|[\w.])+\s*\)\s*(>|==)\s*0

which replaces the 0 right after & with a non-capturing group.

Fix or improvement

Although the old regex wouldn't cause false positives, their ability is limited. First, they only learn the zero value as 0, and don't understand 0x00000000. Second, the position of 0 relative to & is fixed.

Instead using old regex, I suggest to capture the oprands and try to convert them into integer to see if one of them is zero value.

False Positive of NM_SAME_SIMPLE_NAME_AS_INTERFACE for generic type

NM_SAME_SIMPLE_NAME_AS_INTERFACE

elasticsearch/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/async/AsyncResponse.java

public interface AsyncResponse<T extends AsyncResponse<?>> extends Writeable {
    /**
     * When this response will expire as a timestamp in milliseconds since epoch.
     */
    long getExpirationTime();

NM_SAME_SIMPLE_NAME_AS_SUPERCLASS

RxJava/src/main/java/io/reactivex/rxjava3/observers/BaseTestConsumer.java

public abstract class BaseTestConsumer<T, U extends BaseTestConsumer<T, U>> {

False positive for ES_COMPARING_STRINGS_WITH_EQ

Examples

// https://github.com/rxp90/jsymspell/pull/3/files?file-filters%5B%5D=.java#diff-423e657b915a047bfecd389dcc05d1f71336871ed156c158b730f3bb6c35d15fR42
        "abcd == abcde - {e} (distance 1), abcd == abcdef - {ef} (distance 2)"

// https://github.com/hornstein/boardcad-java/pull/5/files#diff-7e74924bbc85100b71c52a1f86b2f7053fdf3474c989e53f27854651d49d359eR674
		if (string.startsWith("(cp") == false)

// https://github.com/VikaAdamovska/java-elementary-lesson25-spring-web/pull/1/files#diff-afa4c3044f61274747787df8b223c11d9be17cb312d506ba52b23349da7e9a99R22
childLogger.info("INFO == INFO");

False positive: Skip comments when read lines

Examples

// https://github.com/pablocrcdev/CRC_Guard_App/pull/1/files#diff-b337f2d2b5d4833ee0c2ab0b4fdb3c5646236b84d13867ea55279add0ea4a321R30
@Override
    public void onReceive(final Context context, Intent intent) {
       /*  dbhelper = new DatabaseHandler(context, "RG", null, 1);
        mURL = dbhelper.Obt_url();
        if (mURL == ""){  
            mURL = "http://186.96.89.66:9090/crccoding/f?p=2560:9999";
            Log.i("SQLL","Url vacio");
        }else{
            Log.i("SQLL","Url cargado   "+mURL);
        }*/
        WebView gv = new WebView(context);
        gv.setWebViewClient(new mWebClient());
        gv.getSettings().setJavaScriptEnabled(true);
        gv.addJavascriptInterface(new WebInterface(context, gvGPS, null), "Android");
        gv.loadUrl(mURL);
    }

false positive for if (mURL == ""){ in comments

如何实现 EQ_OTHER_USE_OBJECT

Eq: equals() method defined that doesn’t override Object.equals(Object) (EQ_OTHER_USE_OBJECT)

Examples

没找到
编译失败的写法
只要方法名、参数个数与顺序、参数类型与Object.equals方法相同,不管怎么改返回值和权限修饰符,都会编译失败。

boolean equals(Object obj)
public Boolean equals(Object obj)

报 EQ_SELF_USE_OBJECT:

class Custom{
    public boolean equals(Custom c){...}
}
实现思路

spotbugs 实现

- 变量解释
	- hasEqualsObject: 当方法满足 `public boolean equals(Object)` 时为 true,意为有正确重写Object类中的 equals 方法
	- hasEqualsSelf: equals 方法只有参数类型不满足标准写法,且参数是当前所在类类型而非Object类型时为 true
	- hasEqualsOther: 当参数类型为其他
	- usesDefaultEquals: 当该 equals 方法继承自 java.lang.Object,而不是其它 class 重新定义的

- 步骤:
	- !hasEqualsObject && !hasEqualsSelf && hasEqualsOther
	- usesDefaultEquals

对于参数类型,我们只能判断是否是 Object; 对于参数类型是所在类的情况,对应的是 EQ_SELF_USE_OBJECT pattern. 故决定暂时搁置该 pattern。

欢迎大家提出自己的想法。

有趣的 Bug Instances

  1. 我们特有的 False Positive (如 regex的不准确而造成的、无法获取上下文信息造成的等等)
  2. spotbugs 和我们都有的 False Positive
  3. spotbugs 特有的 False Negative (我们没有)
  4. 我们特有的 False Negative (spotbugs 没有)
  5. spotbugs 特有的 FPs (如由于 representation 造成的)

False positive for VA_FORMAT_STRING_USES_NEWLINE

System.out.printf 不是要检测的方法

Examples

// https://github.com/annsh4/moduleASD/pull/7/files#diff-e0abdcac712be84d9244bb56e857e1e026c6e6486f1daa2f3c7c800f976bbc0dR121
        System.out.printf("|%-6s|%-12s|%-12s|\n", "№ з/п", "Вхідний бал", "Результат округлення");

建议

参考SpoBugs实现的那几个packages的方法

https://github.com/spotbugs/spotbugs/blob/07bf864b83083c467e29f1b2de58a2cf5aa5c0d6/spotbugs/src/main/java/edu/umd/cs/findbugs/detect/FormatStringChecker.java#L107-L113

可以考虑使用 anti-pattern 来排除

FPs for NM_METHOD_NAMING_CONVENTION

Comments

parser 的问题,整个 hunk 都是 * 开头的

// https://github.com/r4b3rt/pinpoint/pull/233/files
@@ -223,8 +232,11 @@
 * <tr><td>9202</td><td>ElasticsearchBBossExecutor</td></tr>

Parser error 

2021-02-09 14:13:08.525 | ERROR    | rparser:parse:520 - [Parser Error] oshi-core/src/main/java/oshi/software/os/OperatingSystem.java
'NoneType' object has no attribute 'append_sub_line'
Traceback (most recent call last):
  File "/Users/audrey/Documents/GitHub/rbugs/rparser.py", line 516, in parse
    _parse_hunk(hunk_content, patch.hunks[i - 1])
  File "/Users/audrey/Documents/GitHub/rbugs/rparser.py", line 404, in _parse_hunk
    _finish_vt_statement(line_obj, del_statement, hunk, '+')
  File "/Users/audrey/Documents/GitHub/rbugs/rparser.py", line 161, in _finish_vt_statement
    vt_stmt.append_sub_line(line_obj)
AttributeError: 'NoneType' object has no attribute 'append_sub_line'

2021-02-09 14:14:22.717 | ERROR    | rparser:parse:520 - [Parser Error] sdks/java/core/src/main/java/org/apache/beam/sdk/state/MapState.java
'NoneType' object has no attribute 'append_sub_line'
Traceback (most recent call last):
  File "/Users/audrey/Documents/GitHub/rbugs/rparser.py", line 516, in parse
    _parse_hunk(hunk_content, patch.hunks[i - 1])
  File "/Users/audrey/Documents/GitHub/rbugs/rparser.py", line 404, in _parse_hunk
    _finish_vt_statement(line_obj, del_statement, hunk, '+')
  File "/Users/audrey/Documents/GitHub/rbugs/rparser.py", line 161, in _finish_vt_statement
    vt_stmt.append_sub_line(line_obj)
AttributeError: 'NoneType' object has no attribute 'append_sub_line'

FPs for SA_SELF_COMPARISON 

// https://github.com/PowerOlive/Mysplash/pull/1/files
return newModel instanceof AppObject && ((AppObject) newModel).iconId == iconId;
if (disjunction.get(t).variable == variable)
if (this.matriz[fila][col].valor == valor){

False Negative for RC_REF_COMPARISON_BAD_PRACTICE_BOOLEAN

link

if (isHidden == null || isHidden == Boolean.FALSE) {
                final boolean matched = template.patterns().stream().anyMatch(patternMatchPredicate);
                if (matched) {
                    matchedTemplates.add(template);
                }
            }

用 regex.search 找到第一个匹配就返回了

False positives for SA_SELF_COMPARISON 

// https://github.com/apache/ignite/blob/102382ecb9c0b61de629d56e275c115e260bdb34/modules/calcite/src/test/java/org/apache/ignite/internal/processors/query/calcite/CalciteQueryProcessorTest.java#L148
List<List<?>> res = sql(sql);

Wrong line number 

// https://github.com/AzureSDKAutomation/azure-sdk-for-java/pull/7321/files#diff-2f2d2be29e8a2e9cdb228b73c747e370dd61449d3220804837b029f856f52edfR24
@JsonSubTypes({
    @JsonSubTypes.Type(
        name = "#Microsoft.Media.SelectAudioTrackByAttribute",
        value = SelectAudioTrackByAttribute.class),
    @JsonSubTypes.Type(name = "#Microsoft.Media.SelectAudioTrackById", value = SelectAudioTrackById.class)   // wrong line no
})

False positive for IL_CONTAINER_ADDED_TO_ITSELF 

// https://github.com/powsybl/powsybl-core/pull/1316/files#diff-ec7fd47ba0877273594bf79f852d46fde2adb8c2319c39467c7fe162d4c0c80bR34
        Substation substation = network.newSubstation()
                .setId("S")
                .add();

需要判断 object 和 参数不为空

FPs for SA_SELF_ASSIGNMENT

也可以说是 parser 的问题,因为 parser 没有考虑到 hunk 所有的行从头到尾都是注释的情况

// https://github.com/checkstyle/checkstyle/pull/9246/files#diff-9bedac2996d0bc061df6fd8e1d2e6486e6009c22fd97ecaa0f2d81fca5e6cda5R91
@@ -89,53 +89,144 @@
 * <pre>
 * &lt;module name=&quot;RequireThis&quot;/&gt;
 * </pre>
 * <p>Example:</p>
  * <pre>
 * public class Test {
 *     // overlapping by method argument
 *     c = c;            // violation, reference to instance variable "c" requires "this"

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.