Skip to first unread message
Petr Vilčinský
Dec 11, 2017, 4:36:48 AM12/11/17
to SonarQube
Hi,
I want to report a problem.
Sonar Java analyzer does not recognize that "strings" array is initialized and reports squid:S2259 bug.
If I replace the for loop with while and break then the bug is not reported.
Petr
I want to report a problem.
Sonar Java analyzer does not recognize that "strings" array is initialized and reports squid:S2259 bug.
If I replace the for loop with while and break then the bug is not reported.
public int method() {
String[] strings = null;
for(int x = 0; x < 10; x++){
strings = new String[1];
}
return strings.length * 10;
}
Petr
Petr Vilčinský
Dec 14, 2017, 1:17:18 AM12/14/17
to SonarQube
Hi,
did anyone reviewed that?
Is it a known bug?
Thanks,
Petr
Dne pondělí 11. prosince 2017 10:36:48 UTC+1 Petr Vilčinský napsal(a):
did anyone reviewed that?
Is it a known bug?
Thanks,
Petr
Dne pondělí 11. prosince 2017 10:36:48 UTC+1 Petr Vilčinský napsal(a):
Petr Vilčinský
Jan 3, 2018, 2:20:19 AM1/3/18
to SonarQube
Hello,
could you please review this bug and open defect?
Thanks
Dne čtvrtek 14. prosince 2017 7:17:18 UTC+1 Petr Vilčinský napsal(a):
could you please review this bug and open defect?
Thanks
Dne čtvrtek 14. prosince 2017 7:17:18 UTC+1 Petr Vilčinský napsal(a):
Michael Gumowski
Jan 3, 2018, 4:14:13 AM1/3/18
to Petr Vilčinský, SonarQube
Hello Petr,
This is a known limitation of the symbolic execution engine (SE) of the SonarJava analyzer, on which is based rule S2259.
To give you a little bit more details, our SE engine usually assumes that for each loop it encounters, two options are possible:
- Enter the loop and explore its body (a certain number of times);
- Directly bypass it, considering the stop condition as being false from start.
Of course, this is a simplification and a wide approximation of the real loop behavior, which can shows its limits in cases similar to yours. "While(true) { }" is a particular case handled differently, discarding false branch, reason while the issue is disappearing in that case. We definitely want to rework the way we handle loop, in particular when dealing with integer literals, but nothing formally planned yet.
Anyway, I created the following ticket in order to keep in mind this specific limitation and the consequent FP: SONARJAVA-2606
Cheers,
Michael
--
You received this message because you are subscribed to the Google Groups "SonarQube" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sonarqube+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sonarqube/961cee69-167d-41fc-8582-20a79ad0a5f7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
Michael Gumowski | SonarSource
Reply all
Reply to author
Forward
0 new messages