Static Analysis of PHP Code How the Heck did I write so many Bugs? International PHP Conference Berlin, June 2016 By Rouven Weßling ( ) Ecosystem Developer / Developer Evangelist, Contentful @RouvenWessling photo credit: by Achim Fischer Brandenburg Gate Berlin (license)
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
@RouvenWesslingphoto credit: by Achim Fischer Brandenburg Gate Berlin (license)
What is StaticAnalysis?
Analysing software withoutexecuting it.
Dynamic Analysisxdebug
xhprof
PHP Analyzer
PHP Vulnerability Hunter
Assertions
Why use StaticAnalysis?
Spend less time on unit tests...
...and code review
class ClientTest extends \PHPUnit_Framework_TestCase { public function testGetSynchronizationManager() { $client = new Client('b4c0n73n7fu1', 'cfexampleapi');
[...]\Services\PdfOrder::5 must not depend on [...]\Entity\Vorkursticket (Service on Entity)
[...]\Services\PdfOrder::23 must not depend on [...]\Entity\Vorkursticket (Service on Entity)
Found 2 Violations
phan
Type safety for PHP
Checks docblocks
Signature mismatches
Unused code
How it works
Makes 2 passes over the codebase1. Build a list of all classes, functions, methods, etc.2. Go trough each function and follow the type ofeach variable
/** * @param Locale|string|null $locale * * @return string */ public function getDescription($locale = null) { $localeCode = $this->getLocaleFromInput($locale);
// This checks happens after the call to getLocaleFromInput to make sure // the Exception for invalid locales is still thrown. if ($this->description === null) { return null; }
return $this->description->$localeCode; }
src/Delivery/Asset.php:74 PhanTypeMismatchReturn Returning type null but getDescription() is declared to return string
class ContentType { /** * The fields, keyed by ID. * * @var object */ private $fields = []; }
src/Delivery/ContentType.php:34 PhanTypeMismatchProperty Assigning array to property but \contentful\delivery\contenttype::fields is object
public function __call($name, $arguments) { // Lots of code here
if ($result instanceof Link) { return $client->resolveLink($result); }
return array_map(function ($value) use ($client) { if ($value instanceof Link) { return $client->resolveLink($value); }
return $value; }, $result); }
src/Delivery/DynamicEntry.php:126 PhanTypeMismatchArgumentInternal Argument 2 (input1) is \contentful\delivery\link but \array_map() takes array
Not a bug
Not a bug
Don't trust blindly
Bad news?Requires php-astNot easy to deal with library codeNoisy - not easily integrated in CI.
The future
phan is using brute force for type checkingRoughly as good as the compiler for a staticallytyped languageWorks, but a Control Flow Graph could give evendeeper insight
int foo(int length) { int x = 0; for (int i = 0; i < length; i++) x += 1
return length/x; }
Bottom lineThere are dozens of tools - pick what's necessary foryouMake them part of your Continuous Integration setupNever trust. Make sure you understand where theerror is coming from.
Slides available on Slideshare:http://www.slideshare.net/rwessling/static-analysis-of-