Static Analysis with PMD

by Tom Copeland
02/12/2003

What is PMD?

PMD is a utility for finding problems in Java code. PMD does this using static analysis; that is, analyzing the source code without actually running the program. PMD comes with a number of ready-to-run rules that you can run on your own source code to find unused variables, unnecessary object creation, empty catch blocks, and so forth. You can also write your own rules to enforce coding practices specific to your organization. For example, if you're doing EJB programming, you could write a PMD rule that would flag any creation of Thread or Socket objects. If you're feeling generous, you can donate that rule back to PMD for anyone to use.

Background

PMD was initially written in support of Cougaar, a Defense Advanced Research Projects Agency (DARPA) project billed as "An Open Source Agent Architecture for Large-scale, Distributed Multi-Agent Systems." DARPA agreed that the utility could be open sourced, and since its release on SourceForge, it has been downloaded over 14,000 times and has garnered over 130,000 page views. More importantly, though, numerous PMD rule suggestions and IDE plugins have been written by open source developers and contributed back to the core PMD project.

Installing and Running

You can download PMD in either a binary release or with all of the source code; both are available in .zip files on the PMD web site. Assuming you've downloaded the latest PMD binary release, unzip the archive to any directory. Then it's up to you how to use it--if you simply want to run PMD on a directory of Java source files, you can run it from a command line like this (the command should be all on one line):

C:\data\pmd\pmd>java -jar lib\pmd-1.02.jar c:\j2sdk1.4.1_01\src\java\util 

   text rulesets/unusedcode.xml



c:\j2sdk1.4.1_01\src\java\util\AbstractMap.java 650 

    Avoid unused local variables such as 'v'    



c:\j2sdk1.4.1_01\src\java\util\Date.java        438  

    Avoid unused local variables such as 'millis'   



// etc, etc, remaining errors skipped

You can also run PMD using Ant, Maven, or an assortment of Integrated Development Environments (IDEs) including jEdit, Netbeans, Eclipse, Emacs, IDEAJ, and JBuilder.

Built-in Rules

So what rules come with PMD? Well, here are some examples:

Unused code is always bad:

public class Foo {

   // an unused instance variable

   private List bar = new ArrayList(500);

}

Why are we returning a concrete class here when an interface--i.e., List--would do just as well?
```
public ArrayList getList() {

   return new ArrayList();

}
```

Nothing's being done inside the if success block ... this could be rewritten for clarity:

public void doSomething(int y) {

   if (y >= 2) { 

   } else {

      System.out.println("Less than two");

   }

}

Why are we creating a new String object? Just use String x = "x"; instead.
```
String x = new String("x");
```

There are many other rules, but you get the idea. Static analysis rules can catch the things that would make an experienced programer say "Hmm, that's not good."

How it Works: JavaCC/JJTree

At the heart of PMD is the JavaCC parser generator, which PMD uses in conjunction with an Extended Backus-Naur Formal (EBNF) grammar and JJTree to parse Java source code into an Abstract Syntax Tree (AST). That was a big sentence with a lot of acronyms, so let's break it down into smaller pieces.

Java source code is, at the end of the day, just plain old text. As your compiler will tell you, however, that plain text has to be structured in a certain way in order to be valid Java code. That structure can be expressed in a syntactic metalanguage called EBNF and is usually referred to as a "grammar." JavaCC reads the grammar and generates a parser that can be used to parse programs written in the Java programming language.

There's another layer, though. JJTree, an add-on to JavaCC, enhances the JavaCC-generated parser by decorating it with an Abstract Syntax Tree (AST)--a semantic layer on top of the stream of Java tokens. So instead of getting a sequence of tokens like System, ., out, ., and println, JJTree serves up a tree-like hierarchy of objects. Here's a simple code snippet and the corresponding AST:

Source Code

public class Foo {

	public void bar() {

		System.out.println("hello world");

	}

}

Abstract Syntax Tree

CompilationUnit

 TypeDeclaration

  ClassDeclaration

   UnmodifiedClassDeclaration

    ClassBody

     ClassBodyDeclaration

      MethodDeclaration

       ResultType

       MethodDeclarator

        FormalParameters

       Block

        BlockStatement

         Statement

          StatementExpression

           PrimaryExpression

            PrimaryPrefix

             Name

            PrimarySuffix

             Arguments

              ArgumentList

               Expression

                PrimaryExpression

                 PrimaryPrefix

                  Literal

Your code can traverse this tree using the Visitor pattern--the object tree generated by JJTree supports this.

[1] [2] Next

Close To Top

Prev Article-Java: Java Swing: Menus and Toolbars, Part 4

Next Article-Java: Java Swing: Menus and Toolbars, Part 5

Now: Tutorial for Web and Software Design > Java > Java Basic > Java Content

Photoshop Tutorial

	Special Effect
	3D Effect
	Photoshop Articles

Programming Tutorial

	C/C++ Tutorial
	Visual Basic
	C# Tutorial

Database Tutorial

	MySQL Tutorial
	MS SQL Tutorial
	Oracle Tutorial

Geek Tutorial

	Blogging Tutorial
	RSS Tutorial
	Podcasting Tutorial

Graphic Design Tutorial

	Coreldraw Tutorial
	Illustrator Tutorial
	3D Tutorials

Webmaster Articles

	Domain Service
	Web Hosting
	Site Promotion

Java Tutorial/ Articles

	Java Servlets
	JavaEE Tutorial
	JavaBeans Tutorial

XML Tutorial/ Articles

	XML Style
	AJAX Tutorial
	XML Mobile

Flash Tutorial/ Articles

	Flash Video
	Action Script
	Flash Articles

OS Tutorial/ Articles

	Linux Tutorial
	Symbian Tutorial
	MacOS Tutorial

Personal Tech

	Hardware Tutorial
	Software Tutorial
	Online Auction