#263 OS_OPEN_STREAM enhancement for getResourceAsStream

closed-invalid
5
2012-02-10
2012-02-06
No

The java.lang.Class.getResourceAsStream(String) method produces an InputStream object and leaves a file descriptor open if the InputStream is not closed. FindBugs does not seem to key off of this pattern for the OS_OPEN_STREAM detector.

Discussion

  • Keith Lea

    Keith Lea - 2012-02-08
    • assigned_to: nobody --> kano
    • status: open --> pending-works-for-me
     
  • Keith Lea

    Keith Lea - 2012-02-08

    Hmm I can't reproduce with 2.0.0. Here's the code:

    public class Bug3485034 {
    public void go() throws IOException {
    InputStream stream = Bug3485034.class.getResourceAsStream("");
    System.out.println(stream.read());
    }
    }

    I get the warning:

    Method may fail to clean up stream or resource
    sfBugs.Bug3485034.go() may fail to clean up java.io.InputStream
    At Bug3485034.java:[lines 6-10]

     
  • William Pugh

    William Pugh - 2012-02-09

    test case

     
  • William Pugh

    William Pugh - 2012-02-09

    See attached test case; we report this issue as both a OBL_UNSATISFIED_OBLIGATION and a OS_OPEN_STREAM warning.

    Which version of FindBugs are you using? Can you provide a test case?

     
  • William Pugh

    William Pugh - 2012-02-09
    • assigned_to: kano --> wpugh
     
  • Derek Hunter

    Derek Hunter - 2012-02-09

    We are using the FindBugs Eclipse plugin version 2.0.0.20111221 which should be using FindBugs 2.0.0. The project is configured properly and other bugs are showing up like DMI_BIGDECIMAL_CONSTRUCTED_FROM_DOUBLE and SE_BAD_FIELD but neither of the OBL_UNSATISFIED_OBLIGATION or OS_OPEN_STREAM show up. We have previously seen these under the old FindBugs plugin but since upgrading it looks like they don't show up anymore.

     
  • Derek Hunter

    Derek Hunter - 2012-02-09
    • status: pending-works-for-me --> open-works-for-me
     
  • Derek Hunter

    Derek Hunter - 2012-02-10

    So my apologies. This appears to be an Eclipse plugin flaw combined with the new "Bug Rank" feature. With the latest release of the Eclipse plugin it does not properly translate the 1.3.9 configuration files into new 2.0.0 configuration files and it downgrades the "minimum report level" setting and only reports things between 1-15 on the "Bug Rank" scale despite having previously set the configuration to maximum reporting so it was ignoring the OBL_UNSATISFIED_OBLIGATION or OS_OPEN_STREAM bugs that were being reported correctly by the Find Bugs engine.

    What I do find troubling is that memory leak bugs like OBL_UNSATISFIED_OBLIGATION or OS_OPEN_STREAM are considered of such low importance to be ranked at level 16 below things like SE_BAD_FIELD and DMI_BIGDECIMAL_CONSTRUCTED_FROM_DOUBLE. We had this bug bring down an enterprise server in a few minutes (as memory/resource leaks will do) so I would consider this much more imporant than DMI_BIGDECIMAL_CONSTRUCTED_FROM_DOUBLE which really who cares about the 18th decimal place. I write both scientific and financial software so precision is something important to me and even I would consider this a lesser bug than a memory/resource leak.

    On a side note, is there a listing of the bugs and their "Bug Rank" somewhere? The page the discusses the new 2.0.0 features (http://findbugs.sourceforge.net/findbugs2.html) has no reference to the "Bug Rank" details.

     
  • Derek Hunter

    Derek Hunter - 2012-02-10
    • status: open-works-for-me --> closed-invalid
     

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks