Findbugs的OBL处理方法

原创 2015年11月12日 10:53:33

最近在整代码的持续集成,findbugs进行代码的静态检查。其中一个findbugs警告解决了好久,先看示例代码:

private void copyDataBase() {
        InputStream myInput = null;
        OutputStream myOutput = null;
        try {
            String inFileName = "";//your local db path
            // Open your local db as the input stream
            myInput = new FileInputStream(inFileName);
            // Path to the just created empty db
            String outFileName = ""//the new db file u want to create;
            // Open the empty db as the output stream
            myOutput = new FileOutputStream(outFileName);
            // transfer bytes from the inputfile to the outputfile
            byte[] buffer = new byte[1024];
            int length;
            while ((length = myInput.read(buffer)) > 0) {
                myOutput.write(buffer, 0, length);
            }
            // Close the streams
            myOutput.flush();
            myOutput.close();
            myOutput = null;
            myInput.close();
            myInput = null;
        } catch (IOException e) {
            e.printStackTrace();
        } finally {
            try {
                if(myInput != null) {
                    myInput.close();
                }
                if(myOutput != null) {
                    myOutput.close();
                }
            } catch (IOException e) {
                e.printStackTrace();
            }
            myInput = null;
            myOutput = null;
        }
    }

首先来看findbugs的警告:

OBL_UNSATISFIED_OBLIGATION, Priority: Normal

OBL: copyDataBase() may fail to clean up java.io.OutputStream

This method may fail to clean up (close, dispose of) a stream,
database object, or other resource requiring an explicit cleanup
operation.

In general, if a method opens a stream or other resource, the method
should use a try/finally block to ensure that the stream or resource
is cleaned up before the method returns.

This bug pattern is essentially the same as the **OS_OPEN_STREAM and
ODR_OPEN_DATABASE_RESOURCE** bug patterns, but is based on a different
(and hopefully better) static analysis technique. We are interested is
getting feedback about the usefulness of this bug pattern. To send
feedback, either: •send email to findbugs@cs.umd.edu •file a bug
report: http://findbugs.sourceforge.net/reportingBugs.html

In particular, the false-positive suppression heuristics for this bug
pattern have not been extensively tuned, so reports about false
positives are helpful to us.

See Weimer and Necula, Finding and Preventing Run-Time Error Handling
Mistakes, for a description of the analysis technique.

这里提示应该用try/finally来确保stream的clean up,但函数里也使用了finally,判断stream是否释放了,为什么还是报这样的警告呢?

然后再尝试在catch中也加入对stream的处理

 catch (IOException e) {
        e.printStackTrace();
        try {
            if(myInput != null) {
                myInput.close();
            }
            if(myOutput != null) {
                myOutput.close();
            }
        } catch (IOException e) {
            e.printStackTrace();
        }
        myInput = null;
        myOutput = null;
    }

然并卵,还是报同样的警告。
最后仔细研究了findbugs的提示“use a try/finally block”,是不是这里不能使用catch了呢?就尝试在函数抛出异常到外部处理了

private void copyDataBase() throws IOException {
        InputStream myInput = null;
        OutputStream myOutput = null;
        try {
            String inFileName = "";//your local db path
            // Open your local db as the input stream
            myInput = new FileInputStream(inFileName);
            // Path to the just created empty db
            String outFileName = ""//the new db file u want to create;
            // Open the empty db as the output stream
            myOutput = new FileOutputStream(outFileName);
            // transfer bytes from the inputfile to the outputfile
            byte[] buffer = new byte[1024];
            int length;
            while ((length = myInput.read(buffer)) > 0) {
                myOutput.write(buffer, 0, length);
            }
            // Close the streams
            myOutput.flush();
            myOutput.close();
            myOutput = null;
            myInput.close();
            myInput = null;
        } finally {
            try {
                if(myInput != null) {
                    myInput.close();
                }
                if(myOutput != null) {
                    myOutput.close();
                }
            } catch (IOException e) {
                e.printStackTrace();
            }
            myInput = null;
            myOutput = null;
        }
    }

重新findbugs检查下,发现不再报警告了。
可能findbugs的检查机制是只能在finally中处理stream的异常吧,所以这里不能出现catch,异常抛出外部处理当然就检查不到了。
但是findbugs这里也提了,这个警告可能也不需要调整修改,可能是错误的建议,可以反馈给findbugs。

In particular, the false-positive suppression heuristics for this bug
pattern have not been extensively tuned, so reports about false
positives are helpful to us.

这里仅分享下此findbugs警告的修改方法,不强制说一定要修改此警告。

转载请声明原文地址:
http://blog.csdn.net/sagittarius1988/article/details/49795795

版权声明:本文为博主原创文章,未经博主允许不得转载。

相关文章推荐

FINDBUGS错误: OBL_UNSATISFIED_OBLIGATION_EXCEPTION_EDGE

拷贝文件的函数,之前的写法: 039   // 复制文件 040   public static void copyfile(File from, Stri...

FindBugs扫描错误收集汇总(5.16)

1. EC_UNRELATED_TYPES Bug: Call to equals() comparing different types Pattern id: EC_UNRELATED_TYPES...

详解FindBugs的各项检测器

FindBugs是一个静态分析工具,在程序不需运行的情况下,分析class文件,将字节码与一组缺陷模式进行对比,试图寻找真正的缺陷或者潜在的性能问题。本文档主要详细说明FindBugs 2.0.3版本...

FindBugs Report安全代码检查工具问题解析

1、LI_LAZY_INIT_UPDATE_STATIC:Incorrect lazy initialization and update of static field Thismethod con...

FindBugs错误描述和解决方法

FindBugs常见错误描述和解决方法 (一) [DLS_DEAD_LOCAL_STORE] 描述: Dead store to 未使用的局部变量 解决方法:局部变量定义后未使用;...

两种方法轻松搞定-- Eclipse 安装FindBugs插件

1安装:首先到官方网站下载最新版本FindBugs    http://findbugs.sourceforge.net/downloads.html          ...

FindBugs错误描述和解决方法

FindBugs常见错误描述和解决方法 (一)[DLS_DEAD_LOCAL_STORE] 描述: Dead store to 未使用的局部变量 解决方法:局部变量定义后未使用;实例...
内容举报
返回顶部
收藏助手
不良信息举报
您举报文章:深度学习:神经网络中的前向传播和反向传播算法推导
举报原因:
原因补充:

(最多只允许输入30个字)