Static analysis report

[vlade1k]

Hello!
I’ve checked your project with PVS-Studio static analyzer, and it has detected several suspicious fragments that I thought might be useful to share with you.

1. The condition is written in a way that could potentially access elements outside the array bounds.
   V6025. Possibly index 'type' is out of bounds. ByteBufAlloc.java 151

public static final int MAX_TYPE_NUMBER = 20;
private static final LongAdder[] USAGE_STATS = new LongAdder[MAX_TYPE_NUMBER];
....
public static ByteBuf byteBuffer(int initCapacity, int type) {
  try {
      if (MEMORY_USAGE_DETECT) {
          ....

          if (type > MAX_TYPE_NUMBER) {
              counter = UNKNOWN_USAGE_STATS;
          } else {
              counter = USAGE_STATS[type];    // <=
              ....
          }
          ....
      }
  ....
  }
}

Maybe it would be better to change the condition on line 148:
type >= MAX_TYPE_NUMBER

2. It's worth adding protection against potential NPE.
   V6008. Potential null dereference of 'oldMember' in function 'removeStaticMember'. ConsumerGroup.java 311, ConsumerGroup.java 323

@Override
public void removeMember(String memberId) {
  ConsumerGroupMember oldMember = members.remove(memberId);
  ....
  removeStaticMember(oldMember);
  ....
}

private void removeStaticMember(ConsumerGroupMember oldMember) {
  if (oldMember.instanceId() != null) {          // <=
    staticMembers.remove(oldMember.instanceId());
  }
}

The remove method may return null. However, the oldMember variable is never checked before being passed to removeStaticMember, where it's dereferenced.
The same issue was previously detected and fixed in the Apache Kafka project. Here’s a link to their commit:
apache/kafka@eb897c6

3. Possible division by zero.
   V6020. Divide by zero. Denominator range ['0'..'2147483646']. Frequencies.java 104

/**
 * ....
 * @param buckets     the number of buckets; must be at least 1
 * ....
 */
public Frequencies(int buckets, 
                   double min, 
                   double max, 
                   Frequency... frequencies) {
    ....
    if (buckets < 1) {
        throw new IllegalArgumentException("Must be at least 1 bucket");
    }
    if (buckets < frequencies.length) {
        throw new IllegalArgumentException("More frequencies than buckets");
    } 
    ....
    double halfBucketWidth = (max - min) / (buckets - 1) / 2.0; // <=
    ....
}

Both your condition and javadoc indicate that buckets can be equal to 1. However, in this case, division by zero will occur. I think it's worth paying attention to this.

Thank you very much for your contribution to open-source community. I hope my issue will help you!

[Gezi-lzq]

Thanks for the report! @vlade1k

You've pointed out a valid bug regarding the potential out-of-bounds access (V6025). The check should indeed be type >= MAX_TYPE_NUMBER.

Would you be interested in submitting a PR for this fix? We'd be happy to review it.

For V6008 (NPE) and V6020 (division by zero), we plan to sync the fixes from upstream Apache Kafka to maintain alignment.

Thanks again for your contribution!