Have you ever considered just not writing bugs?

Transcript

1. Have you ever considered just not writing bugs? Tagir Valeev

   1

2. 2

3. About me ✓15 years of Java programming experience ✓7 years

   in JetBrains (IntelliJ IDEA Java team technical lead) ✓Contributed to FindBugs static analyzer (~2014) ✓OpenJDK committer ✓Java Champion ✓Wrote a book about Java mistakes 3

4. 4 https://www.manning.com/books/100- java-mistakes-and-how-to-avoid-them https://www.amazon.com/dp/1633437965/

5. 5 Promotion Code (45% off) 100 Java Mistakes (both e-book

   and paper) https://www.manning.com/books/100-java- mistakes-and-how-to-avoid-them valeevmu2

6. 6 Bugs Huge and complex Tiny and local

7. 7

8. How to avoid bugs? 8 ✓ Code style ✓ Idiomatic

   code ✓ Avoid repetitions ✓ Code review ✓ Pair programming ✓ Assertions ✓ AI! ✓ Static analysis ✓ Dynamic analysis (Pathfinder) ✓ Testing ✓ Unit tests ✓ + Coverage control (JaCoCo) ✓ + Mutation coverage control (Pitest) ✓ Smoke tests ✓ Functional tests ✓ Integration tests ✓ Property tests ✓ …

9. Bad news: there’s no silver bullet 9

10. 10

11. Good news: Swiss cheese model 11 James Reason, 1990 https://en.wikipedia.org/wiki/Swiss_cheese_model

12. Initial capacity (StringBuilder) 12 static String indentString(String str, int indent)

    { int capacity = str.length() + indent < 0 ? 0 : indent; StringBuilder sb = new StringBuilder(capacity); for (int i = 0; i < indent; i++) { sb.append(' '); } sb.append(str); return sb.toString(); }

13. Initial capacity 13 static String indentString(String str, int indent) {

    int capacity = str.length() + indent < 0 ? 0 : indent; StringBuilder sb = new StringBuilder(capacity); for (int i = 0; i < indent; i++) { sb.append(' '); } sb.append(str); return sb.toString(); }

14. Initial capacity 14 static String indentString(String str, int indent) {

    int capacity = str.length() + indent < 0 ? 0 : indent; StringBuilder sb = new StringBuilder(capacity); for (int i = 0; i < indent; i++) { sb.append(' '); } sb.append(str); return sb.toString(); } 1. indent >= 0 → capacity = indent >= 0 2. -str.length() <= indent < 0 → capacity = indent < 0 3. indent < -str.length() → capacity = 0

15. Let’s ask AI 15

16. 16

17. 17

18. 18

19. What’s wrong here? 19 static String indentString(String str, int indent)

    { int capacity = str.length() + (indent < 0 ? 0 : indent); StringBuilder sb = new StringBuilder(capacity); for (int i = 0; i < indent; i++) { sb.append(' '); } sb.append(str); return sb.toString(); }

20. What’s wrong here? 20 static String indentString(String str, int indent)

    { int capacity = str.length() + indent < 0 ? 0 : indent; StringBuilder sb = new StringBuilder(capacity); for (int i = 0; i < indent; i++) { sb.append(' '); } sb.append(str); return sb.toString(); } ✓ Initial capacity is not easily testable! ✓ Manual algorithm implementation ✓ Action at a distance ✓ Premature optimization?

21. Asserts to the rescue? 21 ✓ Initial capacity is not

    easily testable! ✓ Manual algorithm implementation ✓ Action at a distance ✓ Premature optimization? static String indentString(String str, int indent) { int capacity = str.length() + indent < 0 ? 0 : indent; StringBuilder sb = new StringBuilder(capacity); for (int i = 0; i < indent; i++) { sb.append(' '); } sb.append(str); assert capacity == sb.length(); return sb.toString(); }

22. How to fix? 22 static String indentString(String str, int indent)

    { int capacity = str.length() + Math.max(0, indent); StringBuilder sb = new StringBuilder(capacity); for (int i = 0; i < indent; i++) { sb.append(' '); } sb.append(str); return sb.toString(); } ✓ Initial capacity is not easily testable! ✓ Manual algorithm implementation ✓ Action at a distance ✓ Premature optimization?

23. What’s wrong here? 23 static String indentStringAndLineBreak(String str, int indent)

    { int capacity = str.length() + Math.max(0, indent) + 1; StringBuilder sb = new StringBuilder(capacity); for (int i = 0; i < indent; i++) { sb.append(' '); } sb.append(str); sb.append('\n'); return sb.toString(); } ✓ Initial capacity is not easily testable! ✓ Manual algorithm implementation ✓ Action at a distance ✓ Premature optimization?

24. How to fix? 24 static String indentString(String str, int indent)

    { if (indent <= 0) return str; int capacity = str.length() + indent; StringBuilder sb = new StringBuilder(capacity); for (int i = 0; i < indent; i++) { sb.append(' '); } sb.append(str); return sb.toString(); } ✓ Initial capacity is not easily testable! ✓ Manual algorithm implementation ✓ Action at a distance ✓ Premature optimization?

25. Or probably this way? 25 static String indentString(String str, int

    indent) { if (indent <= 0) return str; return " ".repeat(indent) + str; } ✓ Initial capacity is not easily testable! ✓ Manual algorithm implementation ✓ Action at a distance ✓ Premature optimization?

26. What’s faster? 26 str indent No capacity (ns) Capacity (ns)

    String.repeat (ns) "s" 1 18.1 20.0 "very…long" 1 32.7 30.2 "你好" 1 26.4 27.0 "s" 10 24.7 26.6 "very…long" 10 37.3 35.7 "你好" 10 34.5 38.6 "s" 100 113.4 104.2 "very…long" 100 143.2 108.4 "你好" 100 203.6 193.8

27. What’s faster? 27 str indent No capacity (ns) Capacity (ns)

    String.repeat (ns) "s" 1 18.1 20.0 6.0 "very…long" 1 32.7 30.2 14.4 "你好" 1 26.4 27.0 9.2 "s" 10 24.7 26.6 15.4 "very…long" 10 37.3 35.7 20.6 "你好" 10 34.5 38.6 16.2 "s" 100 113.4 104.2 27.5 "very…long" 100 143.2 108.4 36.9 "你好" 100 203.6 193.8 34.2

28. Initial capacity (ArrayList) 28 List<String> trimAndAdd(List<String> input, String newItem) {

    List<String> result = new ArrayList<>(input.size() + newItem == null ? 0 : 1); for (String s : input) { result.add(s.trim()); } if (newItem != null) { result.add(newItem.trim()); } return result; }

29. Precedence again 29 List<String> trimAndAdd(List<String> input, String newItem) { List<String>

    result = new ArrayList<>(input.size() + newItem == null ? 0 : 1); for (String s : input) { result.add(s.trim()); } if (newItem != null) { result.add(newItem.trim()); } return result; }

30. Static analysis cheese slice helps 30

31. Write tests! import java.util.Set; class Utils { static String makeUniqueId(String

    id, Set<String> usedIds) { int i = 1; String uniqueId = id; while (usedIds.contains(uniqueId)) { uniqueId = id + "_" + i; } return uniqueId; } } 31

32. AI can do this! 32

33. public final class UtilsTest { @Test public void testMakeUniqueId() {

    String id = "Test"; Set<String> usedIds = new HashSet<>(); String newId = Utils.makeUniqueId(id, usedIds); assertEquals(id, newId); } @Test public void testMakeUniqueIdWithPresentId() { String id = "Test"; Set<String> usedIds = new HashSet<>(); usedIds.add(id); String newId = Utils.makeUniqueId(id, usedIds); assertNotEquals(id, newId); } } 33

34. Check coverage 34

35. Oops! @Test public void testMakeUniqueIdWithTwoConflicts() { String newId = Utils.makeUniqueId("Test",

    Set.of("Test", "Test_1")); assertEquals("Test_2", newId); } 35

36. Oops! @Test public void testMakeUniqueIdWithTwoConflicts() { String newId = Utils.makeUniqueId("Test",

    Set.of("Test", "Test_1")); assertEquals("Test_2", newId); } 36

37. @Test public void testMakeUniqueIdWithTwoConflicts() { String newId = Utils.makeUniqueId("Test", Set.of("Test",

    "Test_1")); assertEquals("Test_2", newId); } import java.util.Set; class Utils { static String makeUniqueId(String id, Set<String> usedIds) { int i = 1; String uniqueId = id; while (usedIds.contains(uniqueId)) { uniqueId = id + "_" + i; } return uniqueId; } } 37

38. import java.util.Set; class Utils { static String makeUniqueId(String id, Set<String>

    usedIds) { int i = 1; String uniqueId = id; while (usedIds.contains(uniqueId)) { uniqueId = id + "_" + i; } return uniqueId; } } Idempotent loop body 1. The condition is false initially. The loop is not executed at all. 2. The condition is true initially, but the body makes it false. The loop is executed only once. 3. The condition is true initially, and the body doesn’t change it. The loop is infinite, and the program hangs. 38

39. Static analysis helps here! 39

40. Rule: If you have a loop, your tests should test

    at least cases with 0, 1, and 2+ iterations. 40

41. Corner cases static void printInclusive(int from, int to) { for

    (int i = from; i <= to; i++) { System.out.println(i); } } 41

42. AI to the rescue? 42

43. AI to the rescue? static void printInclusive(int from, int to)

    { for (int i = from; i <= to; i++) { System.out.println(i); } } 43

44. Let’s protect ourselves static void printInclusive(int from, int to) {

    if (from > to) { throw new IllegalArgumentException("from > to"); } if (to - from < 0 || to - from > 1000) { throw new IllegalArgumentException("too many numbers to process"); } for (int i = from; i <= to; i++) { System.out.println(i); } } 44

45. Are there still mistakes? static void printInclusive(int from, int to)

    { if (from > to) { throw new IllegalArgumentException("from > to"); } if (to - from < 0 || to - from > 1000) { throw new IllegalArgumentException("too many numbers to process"); } for (int i = from; i <= to; i++) { System.out.println(i); } } 45

46. Hm… static void printInclusive(int from, int to) { if (from

    > to) { throw new IllegalArgumentException("from > to"); } if (to - from < 0 || to - from > 1000) { throw new IllegalArgumentException("too many numbers to process"); } for (int i = from; i <= to; i++) { System.out.println(i); } } Bullshit: printInclusive(-2_000_000_000, 2_000_000_000); More null-checks for the null-check god Doubtful but okaaaay OMG C’mon it’s just a sample Are you crazy? 46

47. Oops static void printInclusive(int from, int to) { if (from

    > to) { throw new IllegalArgumentException("from > to"); } if (to - from < 0 || to - from > 1000) { throw new IllegalArgumentException("too many numbers to process"); } for (int i = from; i <= to; i++) { System.out.println(i); } } public static void main(String[] args) { printInclusive(Integer.MAX_VALUE - 10, Integer.MAX_VALUE); } 47

48. Oops static void printInclusive(int from, int to) { if (from

    > to) { throw new IllegalArgumentException("from > to"); } if (to - from > 1000) { throw new IllegalArgumentException("too many numbers to process"); } for (int i = from; i <= to; i++) { System.out.println(i); } } public static void main(String[] args) { printInclusive(Integer.MAX_VALUE - 10, Integer.MAX_VALUE); } 48

49. How to fix it? static void printInclusive(int from, int to)

    { if (from > to) { throw new IllegalArgumentException("from > to"); } if (to - from < 0 || to - from > 1000) { throw new IllegalArgumentException("too many numbers to process"); } for (int i = from; i >= from && i <= to; i++) { System.out.println(i); } } public static void main(String[] args) { printInclusive(Integer.MAX_VALUE - 10, Integer.MAX_VALUE); } 49

50. Real life https://github.com/JetBrains/intellij-community/commit/b56a1fc16d446c92528994e0d333cbfa9ade21cd 50

51. Use Stream API! 51

52. Convert to Kotlin! (Ctrl+Alt+Shift+K) fun printInclusive(from: Int, to: Int) {

    require(from <= to) { "from > to" } require(to - from < 0 || to - from <= 1000) { "too many numbers to process" } for (i in from..to) { println(i) } } @JvmStatic fun main(args: Array<String>) { printInclusive(Int.MAX_VALUE - 10, Int.MAX_VALUE) } Output: 2147483637 2147483638 2147483639 2147483640 2147483641 2147483642 2147483643 2147483644 2147483645 2147483646 2147483647 52

53. Rule: You should have a language construct or library method

    for every useful and repeating task Task: iterate over closed range of numbers IntStream.rangeClosed(from, to) for (i in from..to) { … } for (int i = from; i <= to; i++) { … } 53

54. Clamping values static void printProgress(int percent) { if (percent >

    100) { percent = 100; } if (percent < 0) { percent = 0; } System.out.println("Progress: " + percent + "%"); } 54

55. Clamping values static void printProgress(int percent) { percent = percent

    < 0 ? 0 : percent > 100 ? 100 : percent; System.out.println("Progress: " + percent + "%"); } 55

56. Clamping values static void printProgress(int percent) { percent = Math.max(Math.min(percent,

    0), 100); System.out.println("Progress: " + percent + "%"); } 56

57. Clamping values static void printProgress(int percent) { percent = Math.max(Math.min(percent,

    0), 100); System.out.println("Progress: " + percent + "%"); } public static void main(String[] args) { printProgress(-10); printProgress(10); printProgress(50); printProgress(90); printProgress(130); } Output: Progress: 100% Progress: 100% Progress: 100% Progress: 100% Progress: 100% 57

58. Clamping values 58

59. AI to the rescue! 59

60. In the wild https://github.com/jenkinsci/jenkins/commit/e00f99251e0b 60

61. Real solution (Java 21) 61

62. Real solution (Java 21) static void printProgress(int percent) { percent

    = Math.clamp(percent, 0, 100); System.out.println("Progress: " + percent + "%"); } public static void main(String[] args) { printProgress(-10); printProgress(10); printProgress(50); printProgress(90); printProgress(130); } 62

63. Poor man template 63 private static final String TEMPLATE =

    "Hello USER_NAME!"; static void greetUser(String user) { String greeting = TEMPLATE.replaceAll("USER_NAME", user); System.out.println(greeting); }

64. Poor man template 64 private static final String TEMPLATE =

    "Hello USER_NAME!"; static void greetUser(String user) { String greeting = TEMPLATE.replaceAll("USER_NAME", user); System.out.println(greeting); } greetUser("John"); Hello John!

65. Poor man template 65 private static final String TEMPLATE =

    "Hello USER_NAME!"; static void greetUser(String user) { String greeting = TEMPLATE.replaceAll("USER_NAME", user); System.out.println(greeting); } greetUser("$1lly name"); Exception in thread "main" java.lang.IndexOutOfBoundsException: No group 1 at java.base/java.util.regex.Matcher.checkGroup(Matcher.java:1818) at java.base/java.util.regex.Matcher.start(Matcher.java:496) at java.base/java.util.regex.Matcher.appendExpandedReplacement(Matcher.java:1107) at java.base/java.util.regex.Matcher.appendReplacement(Matcher.java:1014) at java.base/java.util.regex.Matcher.replaceAll(Matcher.java:1200) at java.base/java.lang.String.replaceAll(String.java:3065) at com.example.Utils.greetUser(Utils.java:8) at com.example.Utils.main(Utils.java:13)

66. Convenience comes at a cost 66 String.replace: replaces all substrings

    String.replaceAll: replaces all regular expression matches public String replaceAll(String regex, String replacement) { return Pattern.compile(regex).matcher(this).replaceAll(replacement); } Rules: when designing your API, note that too many “convenient” methods may make things confusing. Avoid stringly-typed code.

67. Stringly-typed code 67 static int countPathComponents(String fileName) { String[] components

    = fileName.split(File.separator); return (int) Stream.of(components) .filter(Predicate.not(String::isEmpty)).count(); } countPathComponents("/etc/passwd") → 2

68. On Windows machine 68 static int countPathComponents(String fileName) { String[]

    components = fileName.split(File.separator); return (int) Stream.of(components) .filter(Predicate.not(String::isEmpty)).count(); } countPathComponents("C:\\tmp\\file.txt") Exception in thread "main" java.util.regex.PatternSyntaxException: Unescaped trailing backslash near index 1 \ at java.base/java.util.regex.Pattern.error(Pattern.java:2204) at java.base/java.util.regex.Pattern.compile(Pattern.java:1951) at java.base/java.util.regex.Pattern.<init>(Pattern.java:1576) at java.base/java.util.regex.Pattern.compile(Pattern.java:1101) at java.base/java.lang.String.split(String.java:3352) at java.base/java.lang.String.split(String.java:3443) at com.example.Utils.countPathComponents(Utils.java:12) at com.example.Utils.main(Utils.java:21)

69. Fix? 69 static int countPathComponents(String fileName) { return (int) Pattern.compile(File.separator,

    Pattern.LITERAL) .splitAsStream(fileName) .filter(Predicate.not(String::isEmpty)).count(); } countPathComponents("C:\\tmp\\file.txt")

70. Idiomatic? 70 static int countPathComponents(String fileName) { return Path.of(fileName).getNameCount(); }

71. Idiomatic! 71 static int countPathComponents(String fileName) { return Path.of(fileName).getNameCount(); }

    Rule (again): use proper types for your entities, and strong typing will help you to avoid bugs

72. Conclusion ✓ Use static analysis ✓ Write unit tests ✓

    Clear constructs for every idiom ✓ Avoid repetitions ✓ Consult AI when in doubt but don’t rely on it too much ✓ No premature optimizations ✓ Educate yourself, read books ☺ 72

73. Thank you 73

74. 74 Promotion Code (45% off) 100 Java Mistakes (both e-book

    and paper) https://www.manning.com/books/100-java- mistakes-and-how-to-avoid-them valeevmu2