fb-contrib icon indicating copy to clipboard operation
fb-contrib copied to clipboard

Published 20 hours ago verified publisher icon mebigfatguy

HCP_HTTP_REQUEST_RESOURCES_NOT_FREED_LOCAL java11 false positive?

Open mattnelson opened this issue 7 years ago • 3 comments

Started getting what I think is a false positive for HCP_HTTP_REQUEST_RESOURCES_NOT_FREED_LOCAL when compiling with java11(release target of 8).

spotsbugs plugin output

<BugInstance instanceOccurrenceNum='0'
instanceHash='7e03132bf99997c95ca9d9ceb3d8957e'
rank='14'
abbrev='HCP'
category='CORRECTNESS'
priority='3'
type='HCP_HTTP_REQUEST_RESOURCES_NOT_FREED_LOCAL'
instanceOccurrenceMax='0'>

sample code

try (final CloseableHttpClient client = HttpClients.createDefault()) {
  final HttpPost post =
      new HttpPost("https://awesome.com/cool");

  final StringEntity bodyEntity = new StringEntity(mapper.writeValueAsString(request));
  bodyEntity.setContentType(MediaType.APPLICATION_JSON);
  post.setEntity(bodyEntity);

  try (final CloseableHttpResponse response = client.execute(post)) {

    if (response.getStatusLine().getStatusCode() != HttpStatus.SC_OK) {
      throw new RuntimeException("bad stuff");
    }

    final Object object = mapper.readValue(response.getEntity().getContent(), Object.class);
    return object;
  }
} catch (final IOException e) {
  throw new RuntimeException("bad stuff", e);
}

mattnelson avatar Sep 17 '18 23:09 mattnelson

Have you read the description of HCP_HTTP_REQUEST_RESOURCES_NOT_FREED_LOCAL at http://fb-contrib.sourceforge.net/bugdescriptions.html ? Garbage collection will not free up all the resources held by a HttpRequest. You need to explicitly reset your HttpPost.

ThrawnCA avatar Sep 18 '18 00:09 ThrawnCA

Maybe false positive was too harsh. I'm more wondering why this violation started reporting when the only thing changed was the java version. Posted my current versions below. The threshold is configured to Low which explains why this bug was reported. But why did it take a change in java version to start reporting? This bug also appears to have a checkered past on its legitimacy(#59)

<spotbugs.version>3.1.7</spotbugs.version>
<spotbugs.plugin.version>3.1.6</spotbugs.plugin.version>
<findbugs.fb-contrib.plugin.version>7.4.3.sb</findbugs.fb-contrib.plugin.version>
...
<threshold>Low</threshold>

mvn -v
Apache Maven 3.5.4 (1edded0938998edf8bf061f1ceb3cfdeccf443fe; 2018-06-17T13:33:14-05:00)
Maven home: /usr/local/Cellar/maven/3.5.4/libexec
Java version: 11, vendor: Oracle Corporation, runtime: /Library/Java/JavaVirtualMachines/jdk-11.jdk/Contents/Home
Default locale: en_US, platform encoding: UTF-8
OS name: "mac os x", version: "10.12.6", arch: "x86_64", family: "mac"

mattnelson avatar Sep 18 '18 15:09 mattnelson

But why did it take a change in java version to start reporting?

I couldn't say for certain, but perhaps a difference in the resulting bytecode?

ThrawnCA avatar Sep 21 '18 00:09 ThrawnCA