2. Agenda
• Self Introduction - 自己紹介
• About FlawDetector – ソフト紹介
• Implementation of FlawDetector
– 実装
• Future Work – 追加開発について
3. Self-‐Introduc.on
• 2009〜2013
Fujitsu
Limited.
–
developed
cloud
system
(using
Ruby)
• 2013
Digital
Iden.ty
Inc.
– develop
web
api for
smart
phone
app
(using
Ruby)
• Rikiya
Ayukawa
(@twginriki)
–
hobbies
– Thinking
and
Making
something
for
effec.ve
soOware
developing
– Equity
investment
–
Thank
you
Abenomics!
3
6. Have you ever seen
“flaw” codes such as
• Determine if a variable is not nil or
false twice. This confuses us a little.
• Typo a variable name. This will causes
an exception.
bar = nil
begin
…
rescue
puts ba # raise NoMethodError
end
def foo(bar)
return unless bar
… # no_assignemnt_bar
if bar # <- redundant check
…
end
end
7. FlawDetector is a tool that can (will) detect
these “flaw” codes by static analysis
def foo(bar)
return unless bar
… # no_assignemnt_bar
if bar # <- redundant check
…
end
end
$ flaw_detector file.rb
msgid,file,line,short_desc,long_desc,details
RCN_REDUNDANT_FALSECHECK_OF_TRUE_VALUE,file.rb,4, …
I will make the tool detect typo
within this year.
8. You can try it:
$ gem install flaw_detector
$ flaw_detector <rb file>
※ It only works on ruby-1.9 .
I will release next version for ruby 2.0
this weekend.
9. Cases to gems
・gem
json
(pull
request
#170)
depth
=
state.depth
-=
1
result
<<
state.object_nl
-
result
<<
state.indent
*
depth
if
indent
if
indent
+
result
<<
state.indent
*
depth
if
indent
result
<<
'}'
result
・gem
diff-lcs
(pull
request
#19)
return
0
unless
diffs
-
if
(@format
==
:report)
and
diffs
+
if
@format
==
:report
output
<<
"Files
#{file_old}
and
#{file_new}
differn"
return
1
end
I run FlawDetector for 15 OSS and found flaw code
in 2 OSS. I sent pull requests and these were merged.
11. Just like
FindBugs…
FindBugs
• Is a static analysis tool of java
bytecode
• Detects bugs with 400 bug patterns
These patterns ideas are very useful
Bug pattern list:
http://findbugs.sourceforge.net/
bugDescriptions.html
13. FlawDetector
works
1. Compile rbfile to RubyVM bytecodes
• RubyVM::InstructionSequence.compile
2. Construct code flow information as
BasicBlock, CFG, Dominator tree.
3. Calculate value of variables and
regard a bytecode which raise error
or is redundant as flaw
16. I will implement bug patterns close
to FindBugs
It requires below features:
• Support to detect “flaw” in block (such as
each, map, collect, etc…)
• Static analysis for code pathes by using
result of already tested another path by
RSpec exmaple
• Type assertion with yard annotation
(ex: @param varname [Type] …)
17. Need your help
協力者募集中!
• Issue Reporting
• Implementation
• Documentation
• …etc
Twitter: @twginriki
Github: ginriki