如何解决 Findbugs 问题“保证取消引用 Null 值” NP_GUARANTEED_DEREF
您好,我有一些代码被 Findbugs 报告为存在 NP_GUARANTEED_DEREF 问题。 现在看看我的代码,我不太明白它出了什么问题,任何人都可以建议问题是什么。
public void test() {
String var = "";
int index = 2;
if (index == -1) {
var = String.class.getName();
if (var.length() == 0) {
var = null;
}
} else {
var = Integer.class.getName();
if (var.length() == 0) {
var = null;
}
}
if (var == null) {// FINBUGS reports on this line NP_GUARANTEED_DEREF
/*
* There is a statement or branch that if executed guarantees that a value
* is null at this point, and that value that is guaranteed to be
* dereferenced (except on forward paths involving runtime exceptions).
*/
throw new NullPointerException("NULL");
}
}
现在深入研究 Findbugs 中的错误,它突出显示了对 var = null; 的两个赋值作为错误的原因,但我不太明白为什么。我实际上并没有对 var 对象做任何事情,我只是在做 Null 检查。该示例取自真实的生产代码,但删除了重现错误不需要的任何内容。我想知道这是否是误报。如果不是,什么是适当的解决方案。
以下是 Findbugs 错误详细信息的链接: http://findbugs.sourceforge.net/bugDescriptions.html #NP_GUARANTEED_DEREF
[更新] 收到有关此问题的一些反馈后,我现在已将此问题记录为 Sourceforge 上 Findbugs Bugtracker 中的误报,链接为 https://sourceforge.net/tracker/?func=detail&aid=3277814&group_id=96405&atid=614693
关于该问题的对话将在那里继续。
Hi I have got some code that is reported as having the NP_GUARANTEED_DEREF issue by Findbugs.
Now looking at my code I don't quite understand what is wrong with it, can anyone suggest what the problem is.
public void test() {
String var = "";
int index = 2;
if (index == -1) {
var = String.class.getName();
if (var.length() == 0) {
var = null;
}
} else {
var = Integer.class.getName();
if (var.length() == 0) {
var = null;
}
}
if (var == null) {// FINBUGS reports on this line NP_GUARANTEED_DEREF
/*
* There is a statement or branch that if executed guarantees that a value
* is null at this point, and that value that is guaranteed to be
* dereferenced (except on forward paths involving runtime exceptions).
*/
throw new NullPointerException("NULL");
}
}
Now drilling into the Error in Findbugs it highlights the two assignments to var = null; as cause for the bug but I don't quite understand why. It is not like I am actually doing anything with the var object I am just doing a Null check. The example is taken from real production code but stripped of anything that wasn't needed to reproduce the error. What I am wondering if this is a false positive or not. And if not what would be an appropriate fix.
Here is the link to the Findbugs Bug Detail: http://findbugs.sourceforge.net/bugDescriptions.html#NP_GUARANTEED_DEREF
[UPDATE] After recieving some feedback on this issue I have now logged this as a False Positive in the Findbugs Bugtracker on Sourceforge the link is https://sourceforge.net/tracker/?func=detail&aid=3277814&group_id=96405&atid=614693
Conversation about the problem will continue there.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
我懂了。我可以在我的计算机上确认相同的 FB 行为。看起来确实很奇怪。有趣的是,如果将
throw new NullPointerException替换为throw new RuntimeException,错误标记就会消失。现在我想我明白他们的意思了。该消息的措辞并不准确,但他们警告您提防 NPE。我猜他们认为明确抛弃 NPE 是一种不好的做法。
I see. I can confirm the same FB behavior on my computer. Looks strange indeed. What's funny, that if you replaced
throw new NullPointerExceptionwiththrow new RuntimeExceptionthe bug marker would disappear.Now I think I understand what they've meant. The wording of the message is not exact, but they are warning you against a NPE. I guess they consider explicitly throwing NPE a bad practice.
这是 FindBugs 中的一个错误,将此问题发布到他们的问题跟踪器页面上。 findbugs.sf.net
It is a bug in FindBugs, post this issue on their issue tracker page. findbugs.sf.net
好的,FindBugs 正在寻找的是保证会导致空指针异常的语句或分支。最初,我们只寻找空值的取消引用。我们后来增强了分析,将
if (x == null) throw new NullPointerException()视为与显式取消引用 x 相同。这主要是为了帮助过程间分析,因此对其参数进行显式空值检查的方法将与在没有显式空值检查的情况下取消引用其参数的方法进行相同的处理,并在为此类参数传递空值时报告错误。
因此,我们的错误消息中的一些文本可能需要更新,但我们确实没有发现许多导致混乱的实际情况。
我不太确定上面代码的目的是什么。当您将 null 分配给 var 时,您正在创建一种情况,该情况将导致进一步显式抛出空指针异常。这真的是您想要的行为吗?
OK, what FindBugs is looking for is a statement or branch that is guaranteed to lead to a null pointer exception. Originally, we only looked for dereferences of null values. We later augmented the analysis to treat
if (x == null) throw new NullPointerException()the same as an explicit dereference of x. This was primarily to help interprocedural analysis, so that methods that had explicit null checks for their parameters would treated the same as methods that dereference their parameters without explicit null checks, and report errors when null values are passed for such parameters.
So some of the text in our error msgs might need to be updated, but we really haven't found many realistic cases where it causes confusion.
I'm not quite sure what the purpose of the above code is. At the points where are you assigning null to var, you are creating a situation that will lead to an explicit throw of a null pointer exception further down. Is that really the behavior you want?
仔细查看错误消息的定义这里,它说:
这让我认为它要么只是让你知道 var 将为 null,要么实际上让 findbugs 认为 var 在 if 语句中被引用。
您发布的代码看起来不错,我会仔细检查 var 是否在真实代码中未被访问。
我唯一可能改变的就是像这样向后写比较:
这样,如果您省略
='s/ 之一,那么很明显Looking closer into the definition of the error message here, it says:
Which makes me think it is either just letting you know var is going to be null or something actually is making findbugs think that var is referenced inside the if statement.
The code you posted looks fine, I would double check that var is not accessed in the true code.
The only thing I might change is to write the comparision backwards like so:
That way it is obvious if you leave out one of the
='s/