Folks these issues reported by find-bugs have existed for some time. I am not confident in picking them up now for 4.3 as it may break code that assumed old way of working. We can take them up for 4.3 maintenance release. I wish we had done this exercise and not waited until now.
I will pick Hugo's commit for which he called -1. Thanks Animesh -----Original Message----- From: Trippie [mailto:trip...@gmail.com] On Behalf Of Hugo Trippaers Sent: Tuesday, January 28, 2014 1:29 AM To: dev Subject: Re: Findbugs report on 4.3-forward Hey Animesh, I agree with Daan here. We focussed on the bugs with a findbugs annotation of scariest. I think that would warrant them to be included in the 4.3 release, so please cherry-pick them all. Cheers, Hugo On 28 jan. 2014, at 09:32, Daan Hoogland <daan.hoogl...@gmail.com> wrote: > Animesh, > > I took up a lot of messages from findbugs in the server package over > the weekend. Not that I will attach my soul to the shipping of my > fixes but some of them are == vs eq and some are really nasty > nullpointer issues (a chack after first use is very common). You can > cherry-pick them or not. I don't think you should leave any of them > behind. Even with David being right we should go against him at every > convenient time, running the risk of being called his wife. > > On Tue, Jan 28, 2014 at 6:25 AM, Ian Duffy <i...@ianduffy.ie> wrote: >> Hi Animesh, >> >> Can you cherry-pick the below commit from from 4.3-forward to 4.3 branch? >> >> Fix findbug issues within LDAP authenticator commit >> 92b4f66d73562e4211d2d787554ff229dbeb5705 >> >> Thanks, >> Ian >> >> On 28 January 2014 03:48, Animesh Chaturvedi >> <animesh.chaturv...@citrix.com>wrote: >> >>> Hugo I was reviewing your commits to 4.3-forward and looked at your >>> commits >>> >>> >>> https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;a=commit;h= >>> f18c5a1910b6370585a1d61638b8310c3ecba5ef >>> >>> https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;a=commit;h= >>> 60ac12780bfa1604902a89d5dc7937a8b9334e0d >>> I think you want the last one which has fixes for NetUtils and >>> XenServerStorageMotionStrategy for which you had put -1 in first RC >>> but the commit includes more files. Can you make limited changes >>> directly to 4.3? I want to build another RC later tonight >>> >>> Animesh >>> >>> >>> -----Original Message----- >>> From: Animesh Chaturvedi [mailto:animesh.chaturv...@citrix.com] >>> Sent: Monday, January 27, 2014 1:30 PM >>> To: dev@cloudstack.apache.org >>> Subject: RE: Findbugs report on 4.3-forward >>> >>> Agreed >>> >>> We need to fix the most important ones for 4.3. There may be >>> assumptions in the code which we may not know and may get broken if >>> these issues are fixed late. I will pull in the one Hugo casted his >>> -1 for the first vote, any others? >>> >>> Animesh >>> >>> -----Original Message----- >>> From: David Nalley [mailto:da...@gnsa.us] >>> Sent: Monday, January 27, 2014 11:46 AM >>> To: dev@cloudstack.apache.org >>> Subject: Re: Findbugs report on 4.3-forward >>> >>> So just curious if I am the only one concerned about a ton of fixes >>> going in at the last minute. If the fixes are for serious bugs and >>> we have consensus around their severity being high enough, indeed lets fix >>> things. >>> My concern is that much of the QA we do is manual; and while we are >>> getting better; fixing tons of things at the last minute may have >>> unintended consequences that we don't know about and won't easily find. >>> >>> I yearn for the day when our automated testing is broad enough that >>> we can do fixes right up to the wire and know that things still >>> work, I am just not sure that I have confidence that we are there yet. >>> Thoughts? I am being paranoid? >>> >>> --David >>> >>> On Mon, Jan 27, 2014 at 3:11 AM, Daan Hoogland >>> <daan.hoogl...@gmail.com> >>> wrote: >>>> Animesh, I commented the once i made yesterday with findbugs: >>>> >>>> I allready send a few and will get you a list of the rest later today. >>>> >>>> regards, >>>> >>>> On Mon, Jan 27, 2014 at 3:48 AM, Animesh Chaturvedi >>>> <animesh.chaturv...@citrix.com> wrote: >>>>> Good job fellas. I see a number of commits 20+ into 4.3-forward branch. >>> Are their specific commits you want me to pick up out of these? >>>>> >>>>> Animesh >>>>> >>>>> -----Original Message----- >>>>> From: Daan Hoogland [mailto:daan.hoogl...@gmail.com] >>>>> Sent: Sunday, January 26, 2014 2:41 AM >>>>> To: dev >>>>> Subject: Re: Findbugs report on 4.3-forward >>>>> >>>>> I didn't get very far last night and will be looking at the server >>> package again this afternoon. >>>>> >>>>> bon appétit, >>>>> >>>>> On Sun, Jan 26, 2014 at 1:36 AM, Ian Duffy <i...@ianduffy.ie> wrote: >>>>>> Hi, >>>>>> >>>>>> Fixed the issues highlighted in the ldap user authentication package. >>>>>> >>>>>> Have pushed to 4.3-forward. >>>>>> >>>>>> Thanks, >>>>>> Ian >>>>>> >>>>>> >>>>>> On 25 January 2014 22:26, Daan Hoogland <daan.hoogl...@gmail.com> >>> wrote: >>>>>> >>>>>>>> or reply to this mail with the filename you are working on >>>>>>> I'll be looking at the server package as it seems to contain the >>>>>>> most issues. >>>>>>> >>>>>>> On Sat, Jan 25, 2014 at 4:00 PM, Hugo Trippaers >>>>>>> <h...@trippaers.nl> >>> wrote: >>>>>>>> I've also added a job to master with the Findbugs report and >>>>>>>> the >>>>>>> cobertura code coverage report. >>>>>>>> >>>>>>>> Good stuff, we have a 12% coverage of our classes with unit tests. >>>>>>>> Huge >>>>>>> improvement over the last release where we had 4% iirc. We have >>>>>>> 306 reports from Findbugs, of which the majority are >>>>>>> internationalization >>> issues. >>>>>>> (String.getBytes without charset mostly). On the coverity site >>>>>>> we have >>>>>>> 6000+ issues still open, but at least that number is relatively >>>>>>> 6000+ stable, we >>>>>>> fix as much issues as we introduce and it's untuned so we can >>>>>>> assume a large number of false positives there. >>>>>>>> >>>>>>>> I think that on average the automated tools tell us that code >>>>>>>> quality is >>>>>>> improving, which a good thing. Combined with the functional >>>>>>> testing and the simulator build we can prove that we are doing >>>>>>> quite well on the code quality angle. >>>>>>>> >>>>>>>> http://jenkins.buildacloud.org/job/build-master-slowbuild/ >>>>>>>> >>>>>>>> >>>>>>>> Cheers, >>>>>>>> >>>>>>>> Hugo >>>>>>>> >>>>>>>> >>>>>>>> On 25 jan. 2014, at 14:13, Daan Hoogland >>>>>>>> <daan.hoogl...@gmail.com> >>>>>>> wrote: >>>>>>>> >>>>>>>>> H Hugo, >>>>>>>>> >>>>>>>>> I'll spend some time on it tonight. Do you have a work load >>>>>>>>> distribution scheme or is it random access? >>>>>>>>> ;) >>>>>>>>> >>>>>>>>> regards >>>>>>>>> >>>>>>>>> On Sat, Jan 25, 2014 at 12:39 PM, Hugo Trippaers >>>>>>>>> <h...@trippaers.nl> >>>>>>> wrote: >>>>>>>>>> Hey all, >>>>>>>>>> >>>>>>>>>> I've made Jenkins run the findbugs analysis on 4.3-forward. >>>>>>>>>> Is there >>>>>>> somebody who is willing to help triage the findings? Maybe there >>>>>>> is some stuff that we need to fix? >>>>>>>>>> >>>>>>>>>> the url is >>>>>>> http://jenkins.buildacloud.org/job/cloudstack-4.3-forward-maven- >>>>>>> bui >>>>>>> ld >>>>>>> /3/findbugsResult/ >>>>>>>>>> >>>>>>>>>> Cheers, >>>>>>>>>> >>>>>>>>>> Hugo >>>>>>>> >>>>>>> >>>
