Forced Static Analysis and charAt

I find forced static analysis tools annoying.  Don't get me wrong.  When I use static analysis tools, I try as much as possible to adhere to those rules (even when I don't agree with some of them).  What irritates me is when the "quick fix" for a rule is not "functionally identical".  Two lines of code are "functionally identical" when you can interchange the two lines without ANY negative consequences.  Static analysis tools like JTest and Sonar sometimes provide a "functionally identical" replacement for a violation.  Someones, the quick fix isn't functionally identical and can cause bugs.  I find this funny and frustrating at the same time, since the supposed point of static analysis tools is automatically find bugs.

The latest one that has annoyed me is the fact that you aren't supposed to call String.startsWith() with a string that has a length of one.  This violation is a performance improvement.  There is an alternative call that is NOT functionally identical that in theory performs a lot faster.  The quick fix will change the startsWith("A") call with a charAt(0)=='A' call.  Here is the theory behind this: startsWith() assumes any length, so it contains a loop.  charAt() has a much simpler implementation.  It just returns the char at the offset + index from the internal character array.  This is not only much faster in of itself, it is also be inlined.  This can be pretty important if you are parsing through a large log file searching for a log line that starts with a given character.  It works fine....until you have a log line that is EMPTY!  That is right; the quick fix for this violation actually causes a bug!

This is where the danger lies with static analysis tools.  It is not about the tools themselves.  The problem with the tools is non-technical people get overzealous with the rules.  A rule may sound good in theory, but it might not be.  It gets worse when you "force" the tools by doing something stupid like failing a build because of a violation.  In those scenarios, you end up encouraging the developers to use the "Quick Fix" features of the static analysis tools.  You end up promoting bugs!