...
Concurrency
...
related
...
issues
...
manifest
...
themselves
...
when
...
assumptions
...
are
...
made
...
about
...
the
...
multithreaded
...
behavior
...
of
...
derived
...
classes.
...
An
...
overridden
...
synchronized
...
method's
...
contract
...
may
...
be
...
violated
...
if
...
a
...
subclass
...
defines
...
an
...
implementation
...
that
...
is
...
not
...
safe
...
for
...
concurrent
...
use.
The guideline CON04-J.
...
...
...
...
...
...
...
...
...
recommends
...
documenting
...
the
...
locking strategy of classes designed for inheritance. This information is useful when deciding the locking strategy of subclasses.
Noncompliant Code Example (synchronized method)
This noncompliant code example defines a synchronized doSomething() method in class Base.
| Code Block | ||
|---|---|---|
| ||
strategy in use for classes designed for inheritance. This information is useful when deciding the locking strategy of subclasses. h2. Noncompliant Code Example (synchronized method) This noncompliant code example defines a {{synchronized}} {{doSomething()}} method in class {{Base}}. {code:bgColor=#FFCCCC} class Base { public synchronized void doSomething() { // ... } } class Derived extends Base { public void doSomething() { // ... } } {code} The {{ |
The doSomething()
...
method
...
of
...
class
...
Base
...
can
...
be
...
safely
...
used
...
by
...
multiple
...
threads.
...
However,
...
if
...
a
...
subclass
...
Derived
...
overrides
...
the
...
method
...
but
...
leaves
...
it
...
unsynchronized,
...
its
...
instance
...
cannot
...
be
...
safely
...
used
...
by
...
multiple
...
threads.
...
This
...
problem
...
is
...
hard
...
to
...
notice
...
because
...
threads
...
that
...
accept
...
instances
...
of
...
Base
...
also
...
accept
...
instances
...
of
...
its
...
subclasses.
...
Consequently,
...
the
...
threads
...
may
...
incorrectly
...
assume
...
that
...
the
...
subclasses
...
are
...
thread-safe.
...
Compliant Solution (synchronized
...
method)
...
This
...
compliant
...
solution
...
synchronizes
...
the
...
doSomething()
...
method
...
of
...
the
...
subclass.
| Code Block | ||
|---|---|---|
| ||
{code:bgColor=#ccccff} class Base { public synchronized void doSomething() { // ... } } class Derived extends Base { public synchronized void doSomething() { // ... } } {code} |
This
...
compliant
...
solution
...
does
...
not
...
violate
...
...
...
...
...
...
...
...
...
...
because
...
the
...
accessibility
...
of
...
the
...
class
...
is
...
package-private
...
which
...
is
...
allowable
...
when
...
untrusted
...
code
...
cannot
...
infiltrate
...
the
...
package.
...
Noncompliant Code Example (private
...
lock)
...
This
...
noncompliant
...
code
...
example
...
defines
...
a
...
doSomething()
...
method
...
in
...
class
...
Base
...
that
...
uses
...
an
...
internal
...
private
...
lock,
...
in
...
accordance
...
with
...
...
...
...
...
...
...
...
...
...
.
| Code Block | ||||
|---|---|---|---|---|
| =
| |||
} public class Base { private final Object lock = new Object(); public void doSomething() { synchronized (lock) { // ... } } } class Derived extends Base { public void doSomething() { try { super.doSomething(); } finally { logger.log(Level.FINE, "Did something"); } } } {code} The {{ |
The doSomething()
...
method
...
of
...
class
...
Derived
...
cannot
...
be
...
safely
...
used
...
by
...
multiple
...
threads
...
because
...
it
...
is
...
not
...
thread-safe.
...
It
...
is
...
possible
...
that
...
multiple
...
threads
...
may
...
cause
...
the
...
entries
...
to
...
be
...
logged
...
in
...
an
...
order
...
different
...
than
...
the
...
one
...
in
...
which
...
the
...
tasks
...
are
...
performed.
...
Compliant
...
Solution
...
(private
...
lock)
...
This
...
compliant
...
solution
...
synchronizes
...
the
...
doSomething()
...
method
...
of
...
the
...
subclass.
| Code Block | ||
|---|---|---|
| ||
{code:bgColor=#ccccff} public class Base { private final Object lock = new Object(); public void doSomething() { synchronized (lock) { // ... } } } class Derived extends Base { private final Object lock = new Object(); public void doSomething() { synchronized (lock) { try { super.doSomething(); } finally { logger.log(Level.FINE, "Did something"); } } } } {code} |
Note
...
that
...
the
...
objects of Base and Derived maintain distinct locks that are inaccessible from each others' classes. Consequently, Derived can provide thread-safety guarantees independent of Base.
Risk Assessment
Overriding thread-safe methods with methods that are not thread-safe can result in unexpected behavior.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
CON10- J | low | probable | medium | P4 | L3 |
Automated Detection
TODO
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
References
| Wiki Markup |
|---|
\[[API 06|AA. Java References#API 06]\]
\[[SDN 08|AA. Java References#SDN 08]\] Sun bug database, [Bug ID 4294756|http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=4294756] |
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
object 11. Concurrency (CON) CON11-J.
...
...
...
...
...
...
...
...
...
...
...
...
...
...