Java: Improved java/jvm-exit query to remove FP's.

github · Napalys · Aug 7, 2025 · Aug 7, 2025 · Aug 8, 2025 · Aug 11, 2025
commit 4df613ce37251ef60dc3d82760366520ecf2be8a
@@ -13,17 +13,67 @@
 
 import java
 
-from Method m, MethodCall sysexitCall, Method sysexit, Class system
-where
-  sysexitCall = m.getACallSite(sysexit) and
-  (sysexit.hasName("exit") or sysexit.hasName("halt")) and
-  sysexit.getDeclaringType() = system and
-  (
-    system.hasQualifiedName("java.lang", "System") or
-    system.hasQualifiedName("java.lang", "Runtime")
-  ) and
-  m.fromSource() and
-  not m instanceof MainMethod
-select sysexitCall,
-  "Avoid calls to " + sysexit.getDeclaringType().getName() + "." + sysexit.getName() +
-    "() as this makes code harder to reuse."
+/**
+ * A `Method` which, when called, causes the JVM to exit or halt.
+ * Explicitly includes these methods from the java standard library:
+ *   - `java.lang.System.exit`
+ *   - `java.lang.Runtime.halt`
+ *   - `java.lang.Runtime.exit`
+ */
+class ExitOrHaltMethod extends Method {
+  ExitOrHaltMethod() {
+    exists(Class system |
+      this.getDeclaringType() = system and
+      (
+        this.hasName("exit") and
+        (
+          system.hasQualifiedName("java.lang", "System") or
+          system.hasQualifiedName("java.lang", "Runtime")
+        )
+        or
+        this.hasName("halt") and
+        system.hasQualifiedName("java.lang", "Runtime")
+      )
+    )
+  }
+}
+
+/** A `MethodCall` to an `ExitOrHaltMethod`, which causes the JVM to exit abruptly. */
+class ExitOrHaltMethodCall extends MethodCall {
+  ExitOrHaltMethodCall() {
+    exists(ExitOrHaltMethod exitMethod | this.getMethod() = exitMethod |
+      exists(SourceMethodNotMainOrTest srcMethod | this = srcMethod.getACallSite(exitMethod))
+    )
+  }
+}
+
+/**
+ * Represents an intentional `MethodCall` to a system or runtime "exit" method, such as for
+ * functions which exist for the purpose of exiting the program. Assumes that a an exit method
+ * call within a method is intentional if the exit code is passed from a parameter of the
+ * enclosing method.
+ */
+class IntentionalExitMethodCall extends ExitOrHaltMethodCall {
+  IntentionalExitMethodCall() {
+    this.getMethod().hasName("exit") and
+    this.getAnArgument() = this.getEnclosingCallable().getAParameter().getAnAccess()
+  }
+}
+
+/**
+ * A `Method` that is defined in source code and is not a `MainMethod` or a `LikelyTestMethod`.
+ */
+class SourceMethodNotMainOrTest extends Method {
+  SourceMethodNotMainOrTest() {
+    this.fromSource() and
+    not this instanceof MainMethod and
+    not this instanceof LikelyTestMethod and
+    not this.getEnclosingCallable() instanceof LikelyTestMethod
+  }
+}
+
+from ExitOrHaltMethodCall mc
+where not mc instanceof IntentionalExitMethodCall
+select mc,
+  "Avoid calls to " + mc.getMethod().getDeclaringType().getName() + "." + mc.getMethod().getName() +
+    "() as this prevents runtime cleanup and makes code harder to reuse."
@@ -1,8 +1,6 @@
-| ExampleRuntimeExit.java:22:17:22:44 | exit(...) | Avoid calls to Runtime.exit() as this makes code harder to reuse. |
-| ExampleRuntimeExit.java:25:17:25:44 | exit(...) | Avoid calls to Runtime.exit() as this makes code harder to reuse. |
-| ExampleRuntimeExit.java:35:9:35:43 | exit(...) | Avoid calls to Runtime.exit() as this makes code harder to reuse. |
-| ExampleRuntimeHalt.java:18:17:18:44 | halt(...) | Avoid calls to Runtime.halt() as this makes code harder to reuse. |
-| ExampleRuntimeHalt.java:21:17:21:44 | halt(...) | Avoid calls to Runtime.halt() as this makes code harder to reuse. |
-| ExampleSystemExit.java:22:17:22:30 | exit(...) | Avoid calls to System.exit() as this makes code harder to reuse. |
-| ExampleSystemExit.java:25:17:25:30 | exit(...) | Avoid calls to System.exit() as this makes code harder to reuse. |
-| ExampleSystemExit.java:35:9:35:29 | exit(...) | Avoid calls to System.exit() as this makes code harder to reuse. |
+| ExampleRuntimeExit.java:22:17:22:44 | exit(...) | Avoid calls to Runtime.exit() as this prevents runtime cleanup and makes code harder to reuse. |
+| ExampleRuntimeExit.java:25:17:25:44 | exit(...) | Avoid calls to Runtime.exit() as this prevents runtime cleanup and makes code harder to reuse. |
+| ExampleRuntimeHalt.java:18:17:18:44 | halt(...) | Avoid calls to Runtime.halt() as this prevents runtime cleanup and makes code harder to reuse. |
+| ExampleRuntimeHalt.java:21:17:21:44 | halt(...) | Avoid calls to Runtime.halt() as this prevents runtime cleanup and makes code harder to reuse. |
+| ExampleSystemExit.java:22:17:22:30 | exit(...) | Avoid calls to System.exit() as this prevents runtime cleanup and makes code harder to reuse. |
+| ExampleSystemExit.java:25:17:25:30 | exit(...) | Avoid calls to System.exit() as this prevents runtime cleanup and makes code harder to reuse. |
@@ -32,6 +32,6 @@ public void run() {
 
     protected static void printUsageAndExit(final String message, final int exitCode) {
         System.err.println("Usage: <example_cmd> <example_args> : " + message);
-        Runtime.getRuntime().exit(exitCode);  // $ SPURIOUS: Alert
+        Runtime.getRuntime().exit(exitCode); // COMPLIANT
     }
 }
@@ -32,6 +32,6 @@ public void run() {
 
     protected static void printUsageAndExit(final String message, final int exitCode) {
         System.err.println("Usage: <example_cmd> <example_args> : " + message);
-        System.exit(exitCode); // $ SPURIOUS: Alert
+        System.exit(exitCode); // COMPLIANT
     }
 }