Reputation: 17648
Java Static analysis : Getting started
Hi I wanted to start playing around with static analysis of java source code. As a start , it seems simplest to directly parse my source tree, however assume that there are API's out there for this. In particular it would be nice to have an API which allowed code such as this :
for (MetaClass m : mySourcePackage.getClasses())
{
System.out.println(m.getMethods().size());
...
}
Of course, for any given class, you can do this using reflection - but I'm more interested in statically analyzing a whole source code package, from scratch - and iterating through classes one by one (for example, to evaluate things like test coverage, maximum lines, etc....).
Are there any high quality open source frameworks for doing such meta-analyses (or, maybe, is it possible to launch the JVM with a certain class path and do such an analysis inside the JVM)?
Please keep in mind that I'm NOT particularly worried about gotchas such as DI and reflection (at least, not at this point).
Upvotes: 1
Views: 1250
Answers (4)
Reputation: 61
error prone is another good tool to look at, it is used by google and has very low ratio of false positive,
https://github.com/google/error-prone
the code is very well structured,
e.g. you can see here how the array equal check is implemented
Upvotes: 2
Reputation: 614
Javalib / Sawja is an library for writing static analyzers for Java in Caml.
It provides many of the building blocks needed for static analysis, including primitives to:
- parse Java bytecode
- create and manipulate intermediate representations
- manipulate individual instructions, methods, classes, and whole programs
- handle class hierarchies and control flow algorithms
Documentation is quite good, and if I recall correctly the distribution includes several examples to get you started.
Given all this, implementing the kind of source code metrics that you describe should be quick and easy. For instance, below is a short, untested snippet that aims at counting the number of methods in a given class:
open Sawja_pack
open Javalib_pack
let size methodmap =
JBasics.MethodMap.fold (fun _ _ count -> count+1) methodmap 0
let main classname classpath =
let interface_or_class = Javalib.get_class classpath (JBasics.make_cn classname) in
let all_concrete_methods= Javalib.get_concrete_methods interface_or_class in
print_int (size all_concrete_methods);
exit 0
Upvotes: 1
Reputation: 6621
Findbugs can be consider as a framework for static analysis. You could implement new detectors that have their specific objectives. "How To" tutorial
Also, here are some libraries that cover the objectives you mention :
Upvotes: 3
Reputation: 1854
If you are interested in static analysis for test coverage of your code you can use Cobertura - and eCobertura plug-in for Eclipse IDE.
Upvotes: 0
Related Questions
- Integrating static analysis tools with each other?
- Java code coverage missed instructions?
- On Code-Coverage
- Java test coverage: who covers what?
- Java method calls / line statics
- Java static code analysis
- Java - Code Coverage
- coverage java tool
- unit testing - per test code coverage for java
- Java Code Use Checker