Comments on: Static analysis for Ruby/Python

By: Igor Bronshteyn

Igor Bronshteyn — Sun, 29 May 2011 18:15:26 +0000

I can’t tell something regarding Ruby, but as for Python I could imagine 3 of 4 defects you mentioned:
* null pointer dereference – OK, let’s call it not NPD, but None-dereference
* array bounds violation – there’s an exception if your list index is out of range
* memory leaks – rare, but possible, if you have reference cycles (http://www.lshift.net/blog/2008/11/14/tracing-python-memory-leaks).

But I guess that all of these defects are quite rare, and one must take a start from a true-to-life defects, not just apply an approach to statically-typed languages here.

By: Delicious Bookmarks for March 20th through March 21st « Lâmôlabs

Delicious Bookmarks for March 20th through March 21st « Lâmôlabs — Sun, 21 Mar 2010 06:34:17 +0000

[...] Static analysis for Ruby/Python | >kloctalk – March 21st %(postalicious-tags)( tags: ruby python static analysis reek tools tips tricks guide )% [...]

By: Concept of inheritence? - Website Babble Webmaster Forums

Concept of inheritence? - Website Babble Webmaster Forums — Wed, 24 Feb 2010 14:33:57 +0000

[...] derived from multiple (two)childs of the parent class. __________________ bug identification | c++ static analysis | code [...]

By: Nick

Nick — Thu, 14 Jan 2010 08:57:42 +0000

Check out “Pex Microsoft”

It just shows what is going to come down the line when it comes to analysis tools.

Personally, the next big thing is going to be design by contract. DBC opens up software for lots of things. Interestingly it reduces the need for unit tests. After all, if the code is being tested for all cases you come across, rather than the handfull that are in unit tests, you are going to get better code as a result.

Combine that with Pex where it uses the debugging library to trace tests, and then uses this analysis to find cases that will test other paths through your code, and you are running at a level of testing far above that which can be achieved by hand

By: Mark

Mark — Wed, 13 Jan 2010 19:22:57 +0000

1. Memory leaks still happen in Ruby. Objects that contain references to them are not GC’d.
2. Joe Damato has been doing some interesting things with libdl:
http://timetobleed.com/extending-ltrace-to-make-your-rubypythonperlphp-apps-faster/
http://timetobleed.com/memprof-a-ruby-level-memory-profiler/
His blog is worth a good read regarding this topic

By: André Roberge

André Roberge — Wed, 13 Jan 2010 16:55:50 +0000

For python, you might want to include Clone Digger (http://clonedigger.sourceforge.net/).

By: Michael Peters

Michael Peters — Tue, 12 Jan 2010 15:35:45 +0000

Just to make your overview of dynamic languages more complete, Perl has Perl::Critic (http://search.cpan.org/perldoc?Perl::Critic) which is similar to Reek.

By: Astor

Astor — Tue, 12 Jan 2010 02:34:17 +0000

C has been around for so long and very prone to many issues so unique tools were created to help those issues. While python and ruby make programming fun and exciting for many more people than C. It’s still imperative that C has it’s suit of tools that make it bearable for the large extent of it’s programmers. Yes people like programming in C

By: Heikki Toivonen

Heikki Toivonen — Mon, 11 Jan 2010 22:51:49 +0000

I would love to have a tool that could do more heavy-weight analysis on Python code. For example, suppose you call foo() 100 times in your application, and check the return value 99 times. It would be nice if there was a tool that could flag you to take a look at that one call where you didn’t check the return value.

I am not even too concerned about things like eval or calling functions in other clever ways that would not be caught by static analyzers. If a tool caught the normal cases that would still be a big win.

By: Vidar Hokstad

Vidar Hokstad — Mon, 11 Jan 2010 13:50:27 +0000

It’s not just that Ruby developers want different things, but that almost everything a typical static analysis tool does in C/C++ is next to impossible to check for in Ruby without first making a lot of assumptions which may or may not hold.

Doing a “proper” static analysis tool + type inference in Ruby isn’t *impossible* but it would require the user to make a lot of promises to the checker about what you do (or don’t do).

For example, in the presence of a single eval() that takes a user provided string in a Ruby program, you *can’t* statically determine what type an object has, or what method a class has, or how many arguments (and of what type) a method takes. Effectively the world becomes almost entirely unknown past that point. The way around that is for the developer to effectively say “yeah, but we only ever feed this eval() code that is restricted to these types of effects: A, B, C”

The same is the case for a lot of things, such as runtime “require” of files based on a string that may not be possible to statically determine.

Handling that kind of user annotation adds a *lot* of complexity. You can of course provide reasonable defaults. E.g. it’s reasonable 99.9% of the time to assume nobody will add instance variables to FixNum’s, or overload the “+” method of String to do something other than concatenation, even in the presence of eval().

But there’s a big grey area of things that may not be common, but that happens. Getting a Ruby-tool like this as comprehensive as one for C is a *huge* task.

By: Paddy3118

Paddy3118 — Tue, 30 Jun 2009 14:40:55 +0000

Hi,
You should make the point that there can be very little that a static, compile-time checker can do except suggest problems, as the code can be changed dramatically at run time. objects are typed rather than variable names; containers such as lists and dicts can have values of more than one type; duck typing; …., and when you get right down to it, you need the tests anyway.

It would be great if you could break into a running program and do some type analysis for dynamic languages.

- Paddy.

By: Denis Sidorov

Denis Sidorov — Tue, 30 Jun 2009 12:50:23 +0000

@Kevin: Yes, most of the Ruby projects doing program analysis (including Reek) are pretty young. I guess one of the reasons is that ParseTree API was introduced not very long ago.

And, I’m certainly not trying to judge :) I’d like see if Ruby can break yet another stereotype and re-define program analysis (e.g. the way it redefined Web Frameworks). It is particularly interesting how Ruby error detection tools would approach the infamous “false positive” problem – an inherent weakness of all static analysis tools, when a real error/flaw could sometimes be buried under a pile of falsely reported issues.

BTW, have you tried Reek on some large Ruby codebases, like Rails? How many code smells were found? Got any interesting ideas on how to triage the detected smells?

By: Kevin Rutherford

Kevin Rutherford — Mon, 29 Jun 2009 14:12:14 +0000

Hi, Thanks for the brief objective look at Reek! Please bear in mind that Reek is very much a work in progress (look at its Issues page on github and you’ll see I have many more code smells and other checks still to add). As you suspect, it is also intended as an experiment, to see just how far we can go without static analysis in Ruby.

But I think the main thing to note is that a number of such tools have sprung up for Ruby in the last year, possibly indicating a lot about the maturing of the Ruby community.