diff --git a/infer/tests/codetoanalyze/java/nullsafe-default/FieldOverAnnotated.java b/infer/tests/codetoanalyze/java/nullsafe-default/FieldOverAnnotated.java new file mode 100644 index 000000000..b3f4a6ad5 --- /dev/null +++ b/infer/tests/codetoanalyze/java/nullsafe-default/FieldOverAnnotated.java @@ -0,0 +1,55 @@ +/* + * Copyright (c) Facebook, Inc. and its affiliates. + * + * This source code is licensed under the MIT license found in the + * LICENSE file in the root directory of this source tree. + */ +package codetoanalyze.java.nullsafe_default; + +import javax.annotation.Nullable; + +/** + * The rule: if a nullable field is non-conditionally initialized in all constructors, it is + * overannotated. + */ +public class FieldOverAnnotated { + @Nullable String initializedInAllConstructorsIsBAD; + // if there are branches, but the field is initilized in all branches, + // it is still overannotated. + @Nullable String initilizedInAllConstructorsAndAllBranchesIsBAD; + @Nullable String initiliazedInSomeConstructorsIsOK; + @Nullable String conditionallyInitializedIsOK; + @Nullable String notInitializedIsOK; + // False positive: we set it is @Nullable so this is NOT overannotated but the issue is recorded. + @Nullable String FP_initializedInAllConstructorsButSetToNullInAPublicMethodShouldBeOK; + + FieldOverAnnotated(int a) { + initializedInAllConstructorsIsBAD = ""; + FP_initializedInAllConstructorsButSetToNullInAPublicMethodShouldBeOK = ""; + if (a == 0) { + // We initialize it in the other constructor, but here + // we initialize it only conditionally, hence @Nullable annotation is justified. + conditionallyInitializedIsOK = ""; + } + // check that initialization from both branches still counts as overannotated + if (a == 1) { + initilizedInAllConstructorsAndAllBranchesIsBAD = ""; + } else { + initilizedInAllConstructorsAndAllBranchesIsBAD = ""; + } + initiliazedInSomeConstructorsIsOK = ""; + } + + FieldOverAnnotated(int a, int b) { + initializedInAllConstructorsIsBAD = ""; + FP_initializedInAllConstructorsButSetToNullInAPublicMethodShouldBeOK = ""; + initilizedInAllConstructorsAndAllBranchesIsBAD = ""; + conditionallyInitializedIsOK = ""; + } + + public void setToNull() { + // False positive: we set it is @Nullable so this is NOT overannotated but + // the issue is recorded. + FP_initializedInAllConstructorsButSetToNullInAPublicMethodShouldBeOK = null; + } +} diff --git a/infer/tests/codetoanalyze/java/nullsafe-default/Makefile b/infer/tests/codetoanalyze/java/nullsafe-default/Makefile index aaba3f768..881f0b3a1 100644 --- a/infer/tests/codetoanalyze/java/nullsafe-default/Makefile +++ b/infer/tests/codetoanalyze/java/nullsafe-default/Makefile @@ -8,6 +8,7 @@ TESTS_DIR = ../../.. INFER_OPTIONS = \ --eradicate-only \ --eradicate-return-over-annotated \ + --eradicate-field-over-annotated \ --eradicate-condition-redundant \ --debug-exceptions INFERPRINT_OPTIONS = --issues-tests diff --git a/infer/tests/codetoanalyze/java/nullsafe-default/issues.exp b/infer/tests/codetoanalyze/java/nullsafe-default/issues.exp index a97564d67..954107b45 100644 --- a/infer/tests/codetoanalyze/java/nullsafe-default/issues.exp +++ b/infer/tests/codetoanalyze/java/nullsafe-default/issues.exp @@ -1,9 +1,11 @@ codetoanalyze/java/nullsafe-default/ButterKnife.java, codetoanalyze.java.nullsafe_default.ButterKnife$TestNotInitialized.(codetoanalyze.java.nullsafe_default.ButterKnife), 0, ERADICATE_FIELD_NOT_INITIALIZED, no_bucket, WARNING, [Field `ButterKnife$TestNotInitialized.notInitializedNormalIsBAD` is not initialized in the constructor and is not declared `@Nullable`] +codetoanalyze/java/nullsafe-default/ButterKnife.java, codetoanalyze.java.nullsafe_default.ButterKnife.(), 0, ERADICATE_FIELD_OVER_ANNOTATED, no_bucket, WARNING, [Field `ButterKnife.nullable` is always initialized in the constructor but is declared `@Nullable`] codetoanalyze/java/nullsafe-default/ButterKnife.java, codetoanalyze.java.nullsafe_default.ButterKnife.assignNullToNormalIsBAD():void, 1, ERADICATE_FIELD_NOT_NULLABLE, no_bucket, WARNING, [Field `ButterKnife.normal` can be null but is not declared `@Nullable`. (Origin: null constant at line 76)] codetoanalyze/java/nullsafe-default/ButterKnife.java, codetoanalyze.java.nullsafe_default.ButterKnife.convertingToNotNullableForNullableIsBAD():java.lang.String, 0, ERADICATE_RETURN_NOT_NULLABLE, no_bucket, WARNING, [Method `convertingToNotNullableForNullableIsBAD()` may return null but it is not annotated with `@Nullable`. (Origin: field ButterKnife.nullable at line 47)] codetoanalyze/java/nullsafe-default/ButterKnife.java, codetoanalyze.java.nullsafe_default.ButterKnife.dereferencingNullableIsBAD():void, 1, ERADICATE_NULLABLE_DEREFERENCE, no_bucket, WARNING, [The value of `ButterKnife.nullable` in the call to `length()` is nullable and is not locally checked for null. (Origin: field ButterKnife.nullable at line 33)] codetoanalyze/java/nullsafe-default/ButterKnife.java, codetoanalyze.java.nullsafe_default.ButterKnife.passingToNullableForNullableIsBAD():void, 1, ERADICATE_PARAMETER_NOT_NULLABLE, no_bucket, WARNING, [`ButterKnife.f(...)` needs a non-null value in parameter 1 but argument `ButterKnife.nullable` can be null. (Origin: field ButterKnife.nullable at line 61)] codetoanalyze/java/nullsafe-default/CapturedParam.java, codetoanalyze.java.nullsafe_default.CapturedParam.dereferencingNullableIsBAD(java.lang.Object):void, 1, ERADICATE_NULLABLE_DEREFERENCE, no_bucket, WARNING, [The value of `parameter` in the call to `toString()` is nullable and is not locally checked for null. (Origin: method parameter parameter)] +codetoanalyze/java/nullsafe-default/ConditionRedundant.java, codetoanalyze.java.nullsafe_default.ConditionRedundant.(), 0, ERADICATE_FIELD_OVER_ANNOTATED, no_bucket, WARNING, [Field `ConditionRedundant.fieldNullable` is always initialized in the constructor but is declared `@Nullable`] codetoanalyze/java/nullsafe-default/ConditionRedundant.java, codetoanalyze.java.nullsafe_default.ConditionRedundant.FP_ternary_NonnullInOneBranch_SecondBranch_ShouldBeOK(java.lang.String,java.lang.String,int):void, 2, ERADICATE_CONDITION_REDUNDANT, no_bucket, WARNING, [The condition s2 is always false according to the existing annotations.] codetoanalyze/java/nullsafe-default/ConditionRedundant.java, codetoanalyze.java.nullsafe_default.ConditionRedundant.assertNotNull_NonnullIsBAD(java.lang.String):void, 1, ERADICATE_CONDITION_REDUNDANT, no_bucket, WARNING, [The condition (s!=null) is always true according to the existing annotations.] codetoanalyze/java/nullsafe-default/ConditionRedundant.java, codetoanalyze.java.nullsafe_default.ConditionRedundant.checkArgument_NonnullIsBAd(java.lang.String):void, 1, ERADICATE_CONDITION_REDUNDANT, no_bucket, WARNING, [The condition s is always true according to the existing annotations.] @@ -55,6 +57,7 @@ codetoanalyze/java/nullsafe-default/CustomAnnotations.java, codetoanalyze.java.n codetoanalyze/java/nullsafe-default/FieldNotInitialized.java, codetoanalyze.java.nullsafe_default.FieldNotInitialized$InitCircular.(codetoanalyze.java.nullsafe_default.FieldNotInitialized), 0, ERADICATE_FIELD_NOT_INITIALIZED, no_bucket, WARNING, [Field `FieldNotInitialized$InitCircular.bad` is not initialized in the constructor and is not declared `@Nullable`] codetoanalyze/java/nullsafe-default/FieldNotInitialized.java, codetoanalyze.java.nullsafe_default.FieldNotInitialized$InitCircular.(codetoanalyze.java.nullsafe_default.FieldNotInitialized), 0, ERADICATE_FIELD_NOT_INITIALIZED, no_bucket, WARNING, [Field `FieldNotInitialized$InitCircular.stillBad` is not initialized in the constructor and is not declared `@Nullable`] codetoanalyze/java/nullsafe-default/FieldNotInitialized.java, codetoanalyze.java.nullsafe_default.FieldNotInitialized$InitIfNull.(codetoanalyze.java.nullsafe_default.FieldNotInitialized), 0, ERADICATE_FIELD_NOT_INITIALIZED, no_bucket, WARNING, [Field `FieldNotInitialized$InitIfNull.shouldBeGood_FIXME` is not initialized in the constructor and is not declared `@Nullable`] +codetoanalyze/java/nullsafe-default/FieldNotInitialized.java, codetoanalyze.java.nullsafe_default.FieldNotInitialized$InitWithOtherClass$OtherClass.(codetoanalyze.java.nullsafe_default.FieldNotInitialized$InitWithOtherClass), 0, ERADICATE_FIELD_OVER_ANNOTATED, no_bucket, WARNING, [Field `FieldNotInitialized$InitWithOtherClass$OtherClass.nullable` is always initialized in the constructor but is declared `@Nullable`] codetoanalyze/java/nullsafe-default/FieldNotInitialized.java, codetoanalyze.java.nullsafe_default.FieldNotInitialized$InitWithOtherClass.(codetoanalyze.java.nullsafe_default.FieldNotInitialized,codetoanalyze.java.nullsafe_default.FieldNotInitialized$InitWithOtherClass$OtherClass), 1, ERADICATE_FIELD_NOT_NULLABLE, no_bucket, WARNING, [Field `FieldNotInitialized$InitWithOtherClass.bad` can be null but is not declared `@Nullable`. (Origin: field FieldNotInitialized$InitWithOtherClass$OtherClass.nullable at line 182)] codetoanalyze/java/nullsafe-default/FieldNotInitialized.java, codetoanalyze.java.nullsafe_default.FieldNotInitialized$InitWithTheSameClass.(codetoanalyze.java.nullsafe_default.FieldNotInitialized,codetoanalyze.java.nullsafe_default.FieldNotInitialized$InitWithTheSameClass), 0, ERADICATE_FIELD_NOT_INITIALIZED, no_bucket, WARNING, [Field `FieldNotInitialized$InitWithTheSameClass.bad` is not initialized in the constructor and is not declared `@Nullable`] codetoanalyze/java/nullsafe-default/FieldNotInitialized.java, codetoanalyze.java.nullsafe_default.FieldNotInitialized$InitializationOrder.(codetoanalyze.java.nullsafe_default.FieldNotInitialized,int), 0, ERADICATE_FIELD_NOT_INITIALIZED, no_bucket, WARNING, [Field `FieldNotInitialized$InitializationOrder.o1` is not initialized in the constructor and is not declared `@Nullable`] @@ -81,11 +84,18 @@ codetoanalyze/java/nullsafe-default/FieldNotInitialized.java, codetoanalyze.java codetoanalyze/java/nullsafe-default/FieldNotInitialized.java, codetoanalyze.java.nullsafe_default.TestKnownInitializers$KnownInitializers.(codetoanalyze.java.nullsafe_default.TestKnownInitializers), 0, ERADICATE_FIELD_NOT_INITIALIZED, no_bucket, WARNING, [Field `TestKnownInitializers$KnownInitializers.initInUnknownMethodIsBAD` is not initialized in the constructor and is not declared `@Nullable`] codetoanalyze/java/nullsafe-default/FieldNotInitialized.java, codetoanalyze.java.nullsafe_default.TestKnownInitializers$SimplyOnCreateWontDoATrick.(codetoanalyze.java.nullsafe_default.TestKnownInitializers), 0, ERADICATE_FIELD_NOT_INITIALIZED, no_bucket, WARNING, [Field `TestKnownInitializers$SimplyOnCreateWontDoATrick.initInUnknownMethodIsBAD` is not initialized in the constructor and is not declared `@Nullable`] codetoanalyze/java/nullsafe-default/FieldNotNullable.java, codetoanalyze.java.nullsafe_default.CanAssignNullInCleanupMethods.assignNullInAnyOtherMethodIsBAD():void, 1, ERADICATE_FIELD_NOT_NULLABLE, no_bucket, WARNING, [Field `CanAssignNullInCleanupMethods.someObject` can be null but is not declared `@Nullable`. (Origin: null constant at line 44)] +codetoanalyze/java/nullsafe-default/FieldNotNullable.java, codetoanalyze.java.nullsafe_default.FieldNotNullable.(), 0, ERADICATE_FIELD_OVER_ANNOTATED, no_bucket, WARNING, [Field `FieldNotNullable.nullable` is always initialized in the constructor but is declared `@Nullable`] codetoanalyze/java/nullsafe-default/FieldNotNullable.java, codetoanalyze.java.nullsafe_default.FieldNotNullable.(), 4, ERADICATE_FIELD_NOT_NULLABLE, no_bucket, WARNING, [Field `FieldNotNullable.initializeNonNullableWithNullIsBAD` can be null but is not declared `@Nullable`. (Origin: null constant at line 52)] codetoanalyze/java/nullsafe-default/FieldNotNullable.java, codetoanalyze.java.nullsafe_default.FieldNotNullable.getNullable():java.lang.String, 0, ERADICATE_RETURN_OVER_ANNOTATED, no_bucket, WARNING, [Method `getNullable()` is annotated with `@Nullable` but never returns null.] codetoanalyze/java/nullsafe-default/FieldNotNullable.java, codetoanalyze.java.nullsafe_default.FieldNotNullable.setNullableToNotNullableIsBAD(java.lang.String):void, 1, ERADICATE_FIELD_NOT_NULLABLE, no_bucket, WARNING, [Field `FieldNotNullable.notNullable` can be null but is not declared `@Nullable`. (Origin: null constant at line 65)] codetoanalyze/java/nullsafe-default/FieldNotNullable.java, codetoanalyze.java.nullsafe_default.FieldNotNullable.setNullableToNotNullableIsBAD(java.lang.String):void, 2, ERADICATE_FIELD_NOT_NULLABLE, no_bucket, WARNING, [Field `FieldNotNullable.notNullable` can be null but is not declared `@Nullable`. (Origin: method parameter s)] codetoanalyze/java/nullsafe-default/FieldNotNullable.java, codetoanalyze.java.nullsafe_default.FieldNotNullable.setNullableToNotNullableIsBAD(java.lang.String):void, 3, ERADICATE_FIELD_NOT_NULLABLE, no_bucket, WARNING, [Field `FieldNotNullable.notNullable` can be null but is not declared `@Nullable`. (Origin: call to getNullable() at line 67)] +codetoanalyze/java/nullsafe-default/FieldOverAnnotated.java, codetoanalyze.java.nullsafe_default.FieldOverAnnotated.(int), 0, ERADICATE_FIELD_OVER_ANNOTATED, no_bucket, WARNING, [Field `FieldOverAnnotated.FP_initializedInAllConstructorsButSetToNullInAPublicMethodShouldBeOK` is always initialized in the constructor but is declared `@Nullable`] +codetoanalyze/java/nullsafe-default/FieldOverAnnotated.java, codetoanalyze.java.nullsafe_default.FieldOverAnnotated.(int), 0, ERADICATE_FIELD_OVER_ANNOTATED, no_bucket, WARNING, [Field `FieldOverAnnotated.initializedInAllConstructorsIsBAD` is always initialized in the constructor but is declared `@Nullable`] +codetoanalyze/java/nullsafe-default/FieldOverAnnotated.java, codetoanalyze.java.nullsafe_default.FieldOverAnnotated.(int), 0, ERADICATE_FIELD_OVER_ANNOTATED, no_bucket, WARNING, [Field `FieldOverAnnotated.initilizedInAllConstructorsAndAllBranchesIsBAD` is always initialized in the constructor but is declared `@Nullable`] +codetoanalyze/java/nullsafe-default/FieldOverAnnotated.java, codetoanalyze.java.nullsafe_default.FieldOverAnnotated.(int,int), 0, ERADICATE_FIELD_OVER_ANNOTATED, no_bucket, WARNING, [Field `FieldOverAnnotated.FP_initializedInAllConstructorsButSetToNullInAPublicMethodShouldBeOK` is always initialized in the constructor but is declared `@Nullable`] +codetoanalyze/java/nullsafe-default/FieldOverAnnotated.java, codetoanalyze.java.nullsafe_default.FieldOverAnnotated.(int,int), 0, ERADICATE_FIELD_OVER_ANNOTATED, no_bucket, WARNING, [Field `FieldOverAnnotated.initializedInAllConstructorsIsBAD` is always initialized in the constructor but is declared `@Nullable`] +codetoanalyze/java/nullsafe-default/FieldOverAnnotated.java, codetoanalyze.java.nullsafe_default.FieldOverAnnotated.(int,int), 0, ERADICATE_FIELD_OVER_ANNOTATED, no_bucket, WARNING, [Field `FieldOverAnnotated.initilizedInAllConstructorsAndAllBranchesIsBAD` is always initialized in the constructor but is declared `@Nullable`] codetoanalyze/java/nullsafe-default/InconsistentSubclassAnnotation.java, codetoanalyze.java.nullsafe_default.ExtendsExternalLibrary.externalMethod2(java.lang.Object):void, 0, ERADICATE_INCONSISTENT_SUBCLASS_PARAMETER_ANNOTATION, no_bucket, WARNING, [First parameter `object` of method `ExtendsExternalLibrary.externalMethod2(...)` is not `@Nullable` but is declared `@Nullable`in the parent class method `SomeExternalClass.externalMethod2(...)`.] codetoanalyze/java/nullsafe-default/InconsistentSubclassAnnotation.java, codetoanalyze.java.nullsafe_default.InconsistentSubclassAnnotation.implementInAnotherFile(java.lang.String):java.lang.String, 0, ERADICATE_INCONSISTENT_SUBCLASS_PARAMETER_ANNOTATION, no_bucket, WARNING, [First parameter `s` of method `InconsistentSubclassAnnotation.implementInAnotherFile(...)` is not `@Nullable` but is declared `@Nullable`in the parent class method `InconsistentSubclassAnnotationInterface.implementInAnotherFile(...)`.] codetoanalyze/java/nullsafe-default/InconsistentSubclassAnnotation.java, codetoanalyze.java.nullsafe_default.InconsistentSubclassAnnotation.overloadedMethod():java.lang.Object, 0, ERADICATE_INCONSISTENT_SUBCLASS_RETURN_ANNOTATION, no_bucket, WARNING, [Method `InconsistentSubclassAnnotation.overloadedMethod()` is annotated with `@Nullable` but overrides unannotated method `InconsistentSubclassAnnotationInterface.overloadedMethod()`.] @@ -126,6 +136,8 @@ codetoanalyze/java/nullsafe-default/NestedFieldAccess.java, codetoanalyze.java.n codetoanalyze/java/nullsafe-default/NestedFieldAccess.java, codetoanalyze.java.nullsafe_default.NestedFieldAccess$TestNullableChains.param_AccessWithoutNullCheckIsBad(codetoanalyze.java.nullsafe_default.NestedFieldAccess$C):void, 1, ERADICATE_NULLABLE_DEREFERENCE, no_bucket, WARNING, [The value of `c.s` in the call to `length()` is nullable and is not locally checked for null. (Origin: field NestedFieldAccess$C.s at line 65)] codetoanalyze/java/nullsafe-default/NestedFieldAccess.java, codetoanalyze.java.nullsafe_default.NestedFieldAccess$TestNullableChains.veryDeep_AccessWithoutNullCheckIsBad(codetoanalyze.java.nullsafe_default.NestedFieldAccess$CCC):void, 2, ERADICATE_NULLABLE_DEREFERENCE, no_bucket, WARNING, [The value of `ccc.cc.c.s` in the call to `length()` is nullable and is not locally checked for null. (Origin: field NestedFieldAccess$C.s at line 100)] codetoanalyze/java/nullsafe-default/NestedFieldAccess.java, codetoanalyze.java.nullsafe_default.NestedFieldAccess$TestNullableChains.veryDeep_IncompleteAccessViaOrEarlyReturnIsBad(codetoanalyze.java.nullsafe_default.NestedFieldAccess$CCC):void, 3, ERADICATE_NULLABLE_DEREFERENCE, no_bucket, WARNING, [The value of `ccc.cc.c.s` in the call to `length()` is nullable and is not locally checked for null. (Origin: field NestedFieldAccess$C.s at line 114)] +codetoanalyze/java/nullsafe-default/NullFieldAccess.java, codetoanalyze.java.nullsafe_default.NullFieldAccess.(), 0, ERADICATE_FIELD_OVER_ANNOTATED, no_bucket, WARNING, [Field `NullFieldAccess.nullable` is always initialized in the constructor but is declared `@Nullable`] +codetoanalyze/java/nullsafe-default/NullFieldAccess.java, codetoanalyze.java.nullsafe_default.NullFieldAccess.(), 0, ERADICATE_FIELD_OVER_ANNOTATED, no_bucket, WARNING, [Field `NullFieldAccess.nullableArray` is always initialized in the constructor but is declared `@Nullable`] codetoanalyze/java/nullsafe-default/NullFieldAccess.java, codetoanalyze.java.nullsafe_default.NullFieldAccess.testArray():void, 1, ERADICATE_NULLABLE_DEREFERENCE, no_bucket, WARNING, [Object `NullFieldAccess.nullableArray` is nullable and is not locally checked for null when accessing field `length`. (Origin: field NullFieldAccess.nullableArray at line 60)] codetoanalyze/java/nullsafe-default/NullFieldAccess.java, codetoanalyze.java.nullsafe_default.NullFieldAccess.testArray():void, 2, ERADICATE_NULLABLE_DEREFERENCE, no_bucket, WARNING, [Object `NullFieldAccess.nullableArray` is nullable and is not locally checked for null when accessing element at index `0`. (Origin: field NullFieldAccess.nullableArray at line 60)] codetoanalyze/java/nullsafe-default/NullFieldAccess.java, codetoanalyze.java.nullsafe_default.NullFieldAccess.testInterface():void, 2, ERADICATE_NULLABLE_DEREFERENCE, no_bucket, WARNING, [The value of `bad` in the call to `toString()` is nullable and is not locally checked for null. (Origin: field NullFieldAccess$I.nullable at line 52)]