Even in a tiny snippet of code like the one below, things can go wrong in a number of ways: Null pointers are notorious for causing bugs in programs. Moreover, NPEs are no longer a leading cause of crashes in both alpha and beta channels, which is a direct reflection of improved developer experience and development velocity. Taking Instagram, one of Meta’s largest Android apps, as an example, we observed a 27 percent reduction in production NPE crashes during the 18 months of code transformation. Figure 1: Percent null-safe code over time (approx.).
Over the course of two years, we developed Nullsafe, a static analyzer for detecting NPE errors in Java, integrated it into the core developer workflow, and ran a large-scale code transformation to make many million lines of Java code Nullsafe-compliant. In 2019, we started a project called 0NPE with the goal of addressing this challenge within our apps and significantly improving null-safety of Java code through static analysis. These techniques are essential but have their own limitations in terms of time-to-signal and coverage. Since Java doesn’t provide tools to express and check nullness invariants, developers have to rely on testing and dynamic analysis to improve reliability of their code. On Android, NullPointerException (NPE) errors are the largest cause of app crashes on Google Play. Null dereferencing is a common type of programming error in Java. This shows the value of static analysis in solving real-world problems at scale. Nullsafe has helped significantly reduce the overall number of NPE errors and improved developers’ productivity.Interoperability with legacy code and gradual deployment model were key to Nullsafe’s wide adoption and allowed us to recover some null-safety properties in the context of an otherwise null-unsafe language in a multimillion-line codebase.We developed a new static analysis tool called Nullsafe that is used at Meta to detect NullPointerException (NPE) errors in Java code.
0 kommentar(er)
