SpotBugs Report

Project Information

Project: ActiveMQ :: Memory Usage Test Plugin

SpotBugs version: 4.8.3

Code analyzed:



Metrics

547 lines of code analyzed, in 7 classes, in 2 packages.

Metric Total Density*
High Priority Warnings 3 5.48
Medium Priority Warnings 21 38.39
Total Warnings 24 43.88

(* Defects per Thousand lines of non-commenting source statements)



Contents

Summary

Warning Type Number
Bad practice Warnings 4
Internationalization Warnings 1
Malicious code vulnerability Warnings 7
Performance Warnings 10
Dodgy code Warnings 2
Total 24

Warnings

Click on a warning row to see full context information.

Bad practice Warnings

Code Warning
CT Exception thrown in class org.apache.activemq.tool.MemConsumer at new org.apache.activemq.tool.MemConsumer(ConnectionFactory, Destination) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.
CT Exception thrown in class org.apache.activemq.tool.MemConsumer at new org.apache.activemq.tool.MemConsumer(ConnectionFactory, Destination, String) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.
CT Exception thrown in class org.apache.activemq.tool.MemProducer at new org.apache.activemq.tool.MemProducer(ConnectionFactory, Destination) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.
RV Exceptional return value of java.io.File.mkdirs() ignored in org.apache.activemq.tool.ReportGenerator.startGenerateReport()

Internationalization Warnings

Code Warning
Dm Found reliance on default encoding in org.apache.activemq.tool.ReportGenerator.startGenerateReport(): new java.io.PrintWriter(OutputStream)

Malicious code vulnerability Warnings

Code Warning
EI org.apache.activemq.tool.MemoryMonitoringTool.getDataOutputStream() may expose internal representation by returning MemoryMonitoringTool.dataDoutputStream
EI org.apache.activemq.tool.MemoryMonitoringTool.getTestSettings() may expose internal representation by returning MemoryMonitoringTool.testSettings
EI org.apache.activemq.tool.ReportGenerator.getTestSettings() may expose internal representation by returning ReportGenerator.testSettings
EI org.apache.activemq.tool.ReportGenerator.getWriter() may expose internal representation by returning ReportGenerator.writer
EI2 org.apache.activemq.tool.MemoryMonitoringTool.setDataOutputStream(DataOutputStream) may expose internal representation by storing an externally mutable object into MemoryMonitoringTool.dataDoutputStream
EI2 org.apache.activemq.tool.MemoryMonitoringTool.setTestSettings(Properties) may expose internal representation by storing an externally mutable object into MemoryMonitoringTool.testSettings
EI2 org.apache.activemq.tool.ReportGenerator.setTestSettings(Properties) may expose internal representation by storing an externally mutable object into ReportGenerator.testSettings

Performance Warnings

Code Warning
Bx Boxing/unboxing to parse a primitive new org.apache.activemq.tool.JMSMemtest(Properties)
Bx Primitive boxed just to call toString in org.apache.activemq.tool.JMSMemtest.getSysTestSettings()
Bx Primitive boxed just to call toString in org.apache.activemq.tool.JMSMemtest.getSysTestSettings()
Bx new org.apache.activemq.tool.JMSMemtest(Properties) invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead
Bx org.apache.activemq.tool.JMSMemtest.getSysTestSettings() invokes inefficient new Integer(int) constructor; use Integer.valueOf(int) instead
Bx org.apache.activemq.tool.JMSMemtest.getSysTestSettings() invokes inefficient new Long(long) constructor; use Long.valueOf(long) instead
Bx Boxing/unboxing to parse a primitive org.apache.activemq.tool.MemoryMonitoringTool.startMonitor()
Bx org.apache.activemq.tool.MemoryMonitoringTool.startMonitor() invokes inefficient new Integer(String) constructor; use Integer.valueOf(String) instead
Dm new org.apache.activemq.tool.JMSMemtest(Properties) invokes inefficient Boolean constructor; use Boolean.valueOf(...) instead
UuF Unused field: org.apache.activemq.tool.MemConsumer.ctr

Dodgy code Warnings

Code Warning
Eq org.apache.activemq.tool.MemConsumer doesn't override MemMessageIdList.equals(Object)
ICAST Result of integer multiplication cast to long in org.apache.activemq.tool.JMSMemtest.resetConnection(int)

Details

DM_BOXED_PRIMITIVE_FOR_PARSING: Boxing/unboxing to parse a primitive

A boxed primitive is created from a String, just to extract the unboxed primitive value. It is more efficient to just call the static parseXXX method.

DM_BOXED_PRIMITIVE_TOSTRING: Method allocates a boxed primitive just to call toString

A boxed primitive is allocated just to call toString(). It is more effective to just use the static form of toString which takes the primitive value. So,

Replace...With this...
new Integer(1).toString()Integer.toString(1)
new Long(1).toString()Long.toString(1)
new Float(1.0).toString()Float.toString(1.0)
new Double(1.0).toString()Double.toString(1.0)
new Byte(1).toString()Byte.toString(1)
new Short(1).toString()Short.toString(1)
new Boolean(true).toString()Boolean.toString(true)

DM_NUMBER_CTOR: Method invokes inefficient Number constructor; use static valueOf instead

Using new Integer(int) is guaranteed to always result in a new object whereas Integer.valueOf(int) allows caching of values to be done by the compiler, class library, or JVM. Using of cached values avoids object allocation and the code will be faster.

Values between -128 and 127 are guaranteed to have corresponding cached instances and using valueOf is approximately 3.5 times faster than using constructor. For values outside the constant range the performance of both styles is the same.

Unless the class must be compatible with JVMs predating Java 5, use either autoboxing or the valueOf() method when creating instances of Long, Integer, Short, Character, and Byte.

CT_CONSTRUCTOR_THROW: Be wary of letting constructors throw exceptions.

Classes that throw exceptions in their constructors are vulnerable to Finalizer attacks

A finalizer attack can be prevented, by declaring the class final, using an empty finalizer declared as final, or by a clever use of a private constructor.

See SEI CERT Rule OBJ-11 for more information.

DM_BOOLEAN_CTOR: Method invokes inefficient Boolean constructor; use Boolean.valueOf(...) instead

Creating new instances of java.lang.Boolean wastes memory, since Boolean objects are immutable and there are only two useful values of this type.  Use the Boolean.valueOf() method (or Java 5 autoboxing) to create Boolean objects instead.

DM_DEFAULT_ENCODING: Reliance on default encoding

Found a call to a method which will perform a byte to String (or String to byte) conversion, and will assume that the default platform encoding is suitable. This will cause the application behavior to vary between platforms. Use an alternative API and specify a charset name or Charset object explicitly.

EI_EXPOSE_REP: May expose internal representation by returning reference to mutable object

Returning a reference to a mutable object value stored in one of the object's fields exposes the internal representation of the object.  If instances are accessed by untrusted code, and unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different. Returning a new copy of the object is better approach in many situations.

EI_EXPOSE_REP2: May expose internal representation by incorporating reference to mutable object

This code stores a reference to an externally mutable object into the internal representation of the object.  If instances are accessed by untrusted code, and unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different. Storing a copy of the object is better approach in many situations.

EQ_DOESNT_OVERRIDE_EQUALS: Class doesn't override equals in superclass

This class extends a class that defines an equals method and adds fields, but doesn't define an equals method itself. Thus, equality on instances of this class will ignore the identity of the subclass and the added fields. Be sure this is what is intended, and that you don't need to override the equals method. Even if you don't need to override the equals method, consider overriding it anyway to document the fact that the equals method for the subclass just return the result of invoking super.equals(o).

ICAST_INTEGER_MULTIPLY_CAST_TO_LONG: Result of integer multiplication cast to long

This code performs integer multiply and then converts the result to a long, as in:

long convertDaysToMilliseconds(int days) { return 1000*3600*24*days; }

If the multiplication is done using long arithmetic, you can avoid the possibility that the result will overflow. For example, you could fix the above code to:

long convertDaysToMilliseconds(int days) { return 1000L*3600*24*days; }

or

static final long MILLISECONDS_PER_DAY = 24L*3600*1000;
long convertDaysToMilliseconds(int days) { return days * MILLISECONDS_PER_DAY; }

RV_RETURN_VALUE_IGNORED_BAD_PRACTICE: Method ignores exceptional return value

This method returns a value that is not checked. The return value should be checked since it can indicate an unusual or unexpected function execution. For example, the File.delete() method returns false if the file could not be successfully deleted (rather than throwing an Exception). If you don't check the result, you won't notice if the method invocation signals unexpected behavior by returning an atypical return value.

UUF_UNUSED_FIELD: Unused field

This field is never used.  Consider removing it from the class.