...
- Returning
thisfrom a nonprivate (possiblyfinal) method invoked from the constructor of an object under construction - Passing
thisas an argument to an alien method invoked from the constructor of an object under construction. - Publishing
thisusingpublic staticvariables from the constructor of an object under construction - Calling a non-final method from a constructor (MET04-J. Ensure that constructors do not call overridable methods)
- Overriding the finalizer of a non-final class and obtaining the
thisreference of a partially initialized instance, when the construction of the object ceases (OBJ04-J. Do not allow partially initialized objects to be accessed). Note that this requires This usually happens when the constructor to not catch all exceptions it might throwthrows exceptions. - Passing internal object state to an alien method and enabling said . This enables the method to retrieve the "this object reference from said state" reference of the internal object.
This guideline focuses on the potential consequences of this escaping during object construction including race conditions and improper initialization. For example, declaring a field final ensures that all threads will see it fully initialized only when the this reference does not escape during the corresponding object's construction. The guideline CON26-J. Do not publish partially initialized objects discusses the guarantees provided by various mechanisms for safe publication and relies on conformance to this guideline. In general, it is important to detect cases where the this reference can leak out beyond the scope of the current context. In particular, public variables and methods should be carefully scrutinized.
...
This issue can also occur when an event listener is prematurely published. Consequently, it will start receiving event notifications even before the subclass's initialization has concluded.
Compliant Solution
This compliant solution takes the publication out of Instead of publishing from the DefaultExceptionReporter constructor, and this compliant solution adds a setExceptionReporter() method that is expected to be called after from a subclass is constructed, after its initialization has concluded.
| Code Block | ||
|---|---|---|
| ||
// Class DefaultExceptionReporter
public class DefaultExceptionReporter implements ExceptionReporter {
public DefaultExceptionReporter(ExceptionReporter er) {
// Carry out initialization
}
// Registers this exception reporter.
// Should be called after constructing a new ExceptionReporter object
public final setAsExceptionReporter(ExceptionReporter er) {
er.setExceptionReporter(this);
}
public void report(Throwable exception) { /* default implementation */ }
}
h2. |
Noncompliant
...
Code
...
Example
...
(inner
...
class)
...
| Wiki Markup |
|---|
It is possible for the {{this}} reference to implicitly get leaked outside the scope \[[Goetz 02|AA. Java References#Goetz 02]\]. Consider inner classes that maintain a copy of the {{this}} reference of the outer object. In this noncompliant code example, the constructor for class {{DefaultExceptionReporter}} uses an anonymous inner class to publish a {{filter()}} method. |
| Code Block | ||||
|---|---|---|---|---|
| =
| |||
}
public class AnotherExceptionReporter implements ExceptionReporter {
public AnotherExceptionReporter(ExceptionReporter er) {
er.setExceptionReporter(new AnotherExceptionReporter(er) {
public void report(Throwable t) {
filter(t);
}
}
);
}
public void filter(Throwable t) {
// Filters sensitive exceptions
}
public void report(Throwable exception) {
// Default implementation
}
}
|
...