ABAP performance examples

The ABAP workbench has a set of examples to show you how to make the best coding with regards to performance.

You can reach the examples in SE38 transaction by selecting menu Environment, Examples, Performance Examples. You then reach the performance examples demos screen.

On the left hand side you can choose a topic and double click on it. You then see 2 examples of implementation. By clicking on the Measure Runtime button:

Now the two examples are evaluated at runtime. At the bottom you can see the documentation and explanation on what is best to use.

ABAP cleaner Eclipse plugin

The ABAP cleaner Eclipse plugin is a great tool to clean up your ABAP code according to the ABAP clean code principles.

Questions that will be answered in this blog are:

  • How to install the ABAP cleaner Eclipse plugin?
  • How to run the ABAP cleaner?
  • How to configure the ABAP cleaner?

Installation of the ABAP cleaner Eclipse plugin

Follow the instructions on the ABAP cleaner site for installation. In short, just like you install the ADT tools, now put in the site “https://sap.github.io/abap-cleaner/updatesite“. Download the software and ignore the certificate warnings. Eclipse restart is required.

Running ABAP cleaner

Basic use instructions can be found on the ABAP cleaner site. We will use this example code:

REPORT zcleanerdemo.

* ABAP clean code demo
Data: abap_true type boolean.
data: do_not_do_anything type boolean.

write:/ 'Hello world'.

if abap_true <> 'X'.
write: 'ok'.
else.
write: 'not ok'.

endif.

Yes, this code is ugly.

In Eclipse right click on the code and select the option Source Code and then the option Clean up with Interactive ABAP cleaner…

It is best to start always with the interactive cleaner so you have insights and control on the changes done to your source code.

On the left hand side you see your old code. On the middle the code changes proposed. On the right hand side you see the clean up settings.

The profile is determining the rules used. Out of the box you get the default and essential profile. It is advised to play around and build your own set using the Configure button (see next chapter in this blog).

You can set the clean up range: from current statement, current method, current class to whatever code you opened in Eclipse (multiple windows). You might wonder, why only current statement or method? Remember one of the clean code principles is the boy scout rule; leave the code better than how you found it. So no need to refactor old stuff completely, do it chunk by chunk every time.

The restrict rules of syntax can be set to the latest ABAP release or to a specific release.

If you click on a rule, you can see the rules applied in bottom right part of the screen:

If you are happy with the changes press the Apply and close button.

ABAP cleaner configuration

On the screen above when you hit the Configure button you reach the configuration screen:

This screen is overwhelming when you start. Top right you can manage your profiles. Create new ones or copy from templates. Bottom right you can switch on and off which detailed rule is part of the profile. On the top right you can fine tune the exact details of each rule according to your needs and preferences.

The changes you make will be made instantly available on the example, so you can immediately assess the impact of your fine tuning.

Word of care: take care that ABAP cleaner and Pretty printer are not constantly juggling your code around.

ABAP2XLS framework

The ABAP2XLS framework is a nice framework to speed up the development time and options to work with XLS from ABAP.

Installation

Follow the instructions on the ABAP2XLS github site to download and install. Also install the demo programs.

Demo programs

Run program ZABAP2XLSX_DEMO_SHOW to see the demo programs:

Double clicking on a program will show the coding on the right hand side and also start the demo program. In this case generating xls with multiple tabs with just a few lines of coding.

There are many options possible. Just look at the demo programs and re-use the coding.

FOR ALL ENTRIES statement tuning on Oracle database

In very weird cases you get performance issues on one system and not on the other. This can happen when running Oracle and using the FOR ALL ENTRIES statement for very large data sets, while it is fine on smaller sets.

The background is Oracle blocking factors. The full background can be read in these 2 SAP notes:

The solution is to give an Oracle hint (see note 129385 – Database hints in Open SQL) with a lower number of blocking factors.

%_HINTS ORACLE '&prefer_in_itab_opt 1&&max_in_blocking_factor 100&'

Performance issue solved…

If you migrate to HANA or different database, you need to remove or redo the hint again.

Call transaction security

An ABAP developer can call a different transaction from a custom build program or transaction. This can be very helpful for certain user requirements and can save an end user time when the system is helping him with jumping from one transaction to the next logical transaction.

Example

For authorization this can be a bit messy.
What for example will happen with this coding:

CALL TRANSACTION 'SU01'.

Will the SU01 transaction now be called successfully or not?

SE97 TCDCOUPLES

Suppose the user does not have rights to call SU01. The coding is still trying to go to this transaction.

Depending on the value of system parameter auth/check/calltransaction a couple of things can happen:

  • No check
  • Always check
  • Lookup if check is needed in table TCDCOUPLES

Table TCDCOUPLES links the calling transaction to the jumped to transaction and determines if the transaction authorization for the new transaction is required or not.

But what in case there is no entry or the entry in TCDCOUPLES is vague? Then it again determines on the value of parameter auth/check/calltransaction to be strict or not strict.

Entries in table TCDCOUPLES are maintained via transaction SE97:

Standard SAP example output:

Formal OSS note of SE97: 358122 – Description of functions of transaction SE97.

Updating TCDCOUPLES is a lot of work and no longer SAP best practice. See this SAP blog.

Correct way of coding

The correct way of coding is more simple: always indicate that the authority check is mandatory:

CALL TRANSACTION 'SU01' WITH AUTHORITY-CHECK.

In this way the coding forces the check independent of the system parameter and entries in TCDCOUPLES.

Finding incorrectly coded CALL TRANSACTIONS

The fastest way of finding incorrectly coded call transactions is by running the SAP CVA (code vulnerability analysis) tool. This tool scans for CALL TRANSACTIONS with missing authority checks. It also scans for other variations like dynamic use of CALL TRANSCATION.

Alternatively you can use CODE_SCANNER (see blog on usage) with this special input:

Basically you tell the program to look for any program with CALL TRANSACTION and not having WITH AUTHORITY-CHECK in it. Do realize it can potentially miss programs in case there are 2 calls (1 correct and 1 incorrect). The CVA tool will not miss this case.

LEAVE TO TRANSACTION

You might wonder: what is the situation for the LEAVE TO TRANSACTION statement? That is more simple. LEAVE TO TRANSACTION will always check the user rights for object S_TCODE for the transaction.

Report SNIF: search active customer enhancements

Report SNIF can be used to find active customer enhancements like BADI, user exit, BTE event.

To start the report go to transaction SA38, enter report SNIF and execute:

Select the items you want to search for that are implemented and press execute. Wait until the result shows:

Here you can see which exits are active. Double click on a line will jump to the code.

Background OSS notes

Write system log entries from custom ABAP

For some specific requirements (like system monitoring) you might need to write entries into the ABAP system log (transaction SM21).

Preparation

In SE92 (see this blog) create a new message for the system log. It is best to create your own Z message code in stead of re-using standard SAP.

Writing to system log

OSS note 5462 – Writing SysLog entries from within ABAP/4 programs explains 2 methods, for which using function module RSLG_WRITE_SYSLOG_ENTRY is the preferred one.

Program RSLG0014 can be used to test the writing and basis for code re-use:

DWDM: Enjoy demo center

The enjoy controls are old, but still much in use.

If you need to re-use and idea and code, you can use transaction DWDM: the Enjoy Demo Center.

Double clicking program name will show the ABAP code on the right.

Double clicking on the title will give you the output of the example code.

The HTML control as WWW browser can be used to test the internet connectivity from your SAP server to internet.

Some developers might have restrictions on their laptop and use this program to browse.... 

Custom code adjustments for HANA database migration

If you convert ECC to S4HANA you need to execute custom code adjustments for both HANA database migration and for functional application changes. This can be read in this blog and this blog.

If you only want to migrate an existing database to HANA for a netweaver ABAP stack (either standalone or for SAP ECC), you will also need to adjust custom code.

Questions that will be answered in this blog are:

  • Which custom code ABAP changes to I need to perform mandatory for a HANA database migration?
  • Which custom code ABAP changes are highly recommended to perform for a HANA database migration?
  • Which other tools should I use to help to smoothen the HANA database migration?

Mandatory custom ABAP changes for HANA database migration

There are mandatory ABAP changes to be made for HANA database migration. The main ones are:

  • Native SQL statements
  • Use of Database hints
  • Search in pool and cluster tables
  • Use of ADBC interface
  • Search for problematic statements without ORDER BY

The first few will not appear too much and are relatively easy to fix.

The last one: the statements without ORDER BY needs some explanation. Some current custom code might work properly with the current database, since some database will present the data to the ABAP application server in a specific sorted way. When migration to HANA database the HANA database might present the same records to the ABAP application server, but in a different sorting or in a random order. This might lead to issues in further handling in custom code. The solution is to analyze the code and to add explicit sorting as per need of the custom program. To scan the usage in live system, see below chapter on SRTCM.

All these changes can be detected with the SCI variant FUNCTIONAL_DB:

Run this SCI variant via the ATC tool on your custom code:

Wait for the run to finish and go to the results. The best overview is when you click the Statistics View button:

Clicking on an item will drill down to the details.

Performance related coding changes for HANA database migration

The second set of custom code changes is from the performance side. For this set you need to run the ATC tool with SCI variant PERFORMANCE_DB:

The PERFORMANCE_DB variant has 2 main parts: mandatory fixes, good to fix.

The mandatory fix is the unsecure use of SELECT FOR ALL ENTRIES. If this is not properly checked, it might blow up the system:

What happens here? If in the current database the SELECT FOR ALL ENTRIES for whatever reason is not giving results this might be running fine. But on HANA the entire table is read in this case. To scan the usage in live system, see below chapter on SRTCM.

The other part is the performance best practices for HANA:

This ATC run can yield a very long working list:

Where to start? Since even the priority 1 and 2 can yield a very long list.

Use the SQLM and SWLT tools. These tools will help you to prioritize the ATC run result from the PERFORMANCE_DB variant. SQLM will take statistics data from production. You start with the heavy used programs. SWLT will combine the heavy use with the ATC run. The output is the heavy used program which can be improved.

SRTCM tool

The SRTCM tool is specifically designed to scan for 2 main issues: Empty table in FOR ALL ENTRIES clause and Missing ORDER BY or SORT after SELECT. The tool is run on a productive system and will list the actual usage in a productive system.

To switch on start transaction SRTCM and press the Activate Globally button.

Let the tool run, and later Display Results from either running system or snapshot:

Show results;

Clicking on the line will jump to the direct code point.

Note for Oracle as source database: 3209584 – RTM: RTM_PERIODIC_JOB canceled with runtime error SQL_CAUGHT_RABAX (ORACLE).

Custom code decommissioning

SAP solution manager offers a custom code decommissioning cockpit tool. This tool you can use to delete unused custom code. Unused code does not need to be migrated, which will save you effort.

SAP references

CVA: Code vulnerability analysis

CVA is a licensed SAP tool to scan custom code for potential security issues.

CVA is built in code inspector and analysis is run via the ATC tool.

Questions that will be answered in this blog are:

  • What checks does CVA perform?
  • How to activate CVA?
  • Is CVA licensed?
  • Where to find more information on CVA?

Activating CVA

SAP CVA Code Vulnerability Analysis is a licensed tool. You need to activate it before you can use it. To activate run program RSLIN_SEC_LICENSE_SETUP:

The activation refers to OSS note 1855773 – Security checks for customer-specific ABAP programs which explains the license, restrictions, etc.

Call to SAP: if you really think security is important for your customers and their custom programs, don't ask money for CVA tool, but allow free usage!

Check the bug fix OSS notes below. Apply them before your first run.

Checks in detail

The SAP CVA checks can be seen in SCI variant SLIN_SEC:

And then open the variant and click the information button for details:

A full list of checks can also be found on this SAP blog.

And per netweaver version the checks are listed in OSS note 1921820 – SAP Code Vulnerability Analyzer – support package planning.

Setting up ATC variant and run

Start transaction ATC and press Schedule Run:

First create a new variant and refer to SCI variant SLIN_SEC:

Now schedule the run for your Z code:

The run can take a few hours.

More on ATC set up and running can be found in this blog.

Run results

Start transaction ATC and go to the results part:

Select your run:

The ATC result screen will show, but list can be very long:

Both Z programs and user exits will be shown (starting with S or X).

Press the Statistics View button top right to get a better overview:

The result list is now sorted per security item:

Don't let yourself be impressed by high numbers of the first run. Most issues are in old code: consider clean up. Focus on the priority 1 and priority 2 first. Finetune result set for priority 3 to lower the numbers.

Now you can zoom in to the issue per item by clicking on the line:

The details show the issue: hard coded user name. Clicking on the underlined code name in column Object Name will zoom into the code point to fix:

In this case hard coded break for a user. Fix is easy: delete the line of code.

Remote analysis

It is possible to use ATC remote analysis (see blog) for CVA. The full setup is explained in this SAP online help link. See also OSS note 2232083 – ATC/CI: SAP NetWeaver Application Server add-on for code vulnerability analysis – remote check runs – installation.

Checking license usage

Run program RSLIN_SEC_LICENSE_SETUP to check license usage:

Or run this from transaction SLIN_ADMIN.

SAP reference material

Generic presentation on SAP CVA can be found on this link.

CVA FAQ: follow this link.

CVA full list of checks: follow this link.

CVA as part of CI/CD development pipeline: follow this link.

ABAP code security issues explained: follow this link.

Bug fix and improvement notes

Bug fix and improvement OSS notes: