 
                            Wiki Markup java.lang.ThreadLocal<T>}}  class   provides   thread-local   variables.   According   to   the   Java   API  \ [[API 06|AA. Java References#API 06]\API 2014]:
These variables differ from their normal counterparts in that each thread that accesses one (via its
getorsetmethod) has its own, independently initialized copy of the variable.ThreadLocalinstances are typically private static fields in classes that wish to associate state with a thread (e.g., a user ID or Transaction transaction ID).
Wiki Markup ThreadLocal}}  objects   requires   care   in   classes   whose   objects   are   required   to   be   executed   by   multiple   threads   in   a   thread   pool.   The   technique   of   thread   pooling   allows   threads   to   be   reused  when to reduce thread   creation   overhead  is too expensive or creating an unbounded number of threads can diminish the reliability of the system. Every thread that enters the pool expects to see an object in its initial, default state. However, when {{ThreadLocal}} objects are modified from a thread which is subsequently made available for reuse, the reused thread sees the state of the {{ThreadLocal}} object as set by the previous thread \[[JPL 06|AA. Java References#JPL 06]\]or when creating an unbounded number of threads can diminish the reliability of the system. Each task that enters the pool expects to see ThreadLocal objects in their initial, default state. However, when ThreadLocal objects are modified on a thread that is subsequently made available for reuse, the next task executing on the reused thread sees the state of the ThreadLocal objects as modified by the previous task that executed on that thread [JPL 2006].
Programs must ensure that each task that executes on a thread from a thread pool sees only correctly initialized instances of ThreadLocal objects.
Noncompliant Code Example
This noncompliant code example consists of an enumeration of days (Day) and two classes (Diary and DiaryPool). The Diary class Diary uses a ThreadLocal variable to store thread-specific information, such as each threadtask's current day. The initial value of the current day is Monday; this it can be changed later by invoking the setDay() method. The class also contains a threadSpecificTask() instance method that performs a thread-specific task.
The DiaryPool class DiaryPool consists of two methods the doSomething1() and doSomething2() methods that each start a thread. The doSomething1() method changes the initial (default) value of the day to Friday and invokes threadSpecificTask(). On the other handHowever, doSomething2() relies on the initial value of the day (Monday) diary and invokes threadSpecificTask(). The main() method creates one thread using doSomething1() and two more using doSomething2().
| Code Block | ||
|---|---|---|
| 
 | ||
| public enum Day { MONDAY, TUESDAY, WEDNESDAY, THURSDAY, FRIDAY, SATURDAY, SUNDAY; } public final class Diary { private static final ThreadLocal<Day> days = new ThreadLocal<Day>() { // Initialize to Monday protected Day initialValue() { return Day.MONDAY; } }; private static Day currentDay() { return days.get(); } public static void setDay(Day newDay) { days.set(newDay); } // Performs some thread-specific task public void threadSpecificTask() { // Do task ... } } public final class DiaryPool { final int NoOfThreadsnumOfThreads = 2; // Maximum number of threads allowed in pool final Executor exec; final Diary diary; DiaryPool() { exec = (Executor) Executors.newFixedThreadPool(NoOfThreadsnumOfThreads); diary = new Diary(); } public void doSomething1() { exec.execute(new Runnable() { @Override public void run() { Diary diary.setDay(Day.FRIDAY); diary.threadSpecificTask(); } }); } public void doSomething2() { exec.execute(new Runnable() { @Override public void run() { diary.threadSpecificTask(); } }); } public static void main(String[] args) { DiaryPool dp = new DiaryPool(); dp.doSomething1(); // Thread 1, requires current day as Friday dp.doSomething2(); // Thread 2, requires current day as Monday dp.doSomething2(); // Thread 3, requires current day as Monday } } | 
The DiaryPool class creates a thread pool that reuses a fixed number of threads operating off a shared, unbounded queue. At any point, at most NoOfThreadsthreads no more than numOfThreads threads are actively processing tasks. If additional tasks are submitted when all threads are active, they will wait in the queue until a thread is available. The thread-local state of the thread persists when a thread is recycled.
The following table shows a possible execution order:
| Time | Task | Pool Thread | Submitted | 
|---|
| by Method | Day | |||
|---|---|---|---|---|
| 1 | t1 | 1 | 
 | Friday | 
| 2 | t2 | 2 | 
 | Monday | 
| 3 | t3 | 1 | 
 | Friday | 
In this execution order, it is expected that the two tasks (t2 and t3) started using from doSomething2() will would observe the current day as Monday. However, however, because pool thread 1 is reused, t3 observes the day to be Friday.
...
This noncompliant code example increases the size of the thread pool from two to three in an attempt to mitigate the issue.:
| Code Block | ||
|---|---|---|
| 
 | ||
| public final class DiaryPool { final int NoOfThreadsnumOfthreads = 3; // ... } | 
Although this produces the required results increasing the size of the thread pool resolves the problem for this example, it is not a scalable solution fails to scale because changing the thread pool size is insufficient when more if additional tasks can be submitted to the pool.
...
This compliant solution adds the removeDay() method to the Diary class and wraps the statements in the doSomething1() method of class DiaryPool in a try-finally block. The finally block restores the initial state of the thread-local days object days by removing the current thread's value from it.
| Code Block | ||
|---|---|---|
| 
 | ||
| public final class Diary { // ... public static void removeDay() { days.remove(); } } public final class DiaryPool { // ... public void doSomething1() { exec.execute(new Runnable() { @Override public void run() { try { Diary.setDay(Day.FRIDAY); diary.threadSpecificTask(); } finally { Diary.removeDay(); // Diary.setDay(Day.MONDAY) // can also be used } } }); } // ... } | 
Wiki Markup initialValue()}}  method unless  the thread explicitly sets the value before this happens \[[API 06|AA. Java References#API 06]\]. This solution transfers the responsibility for maintenance to the client ({{DiaryPool}}) but is a good option when the {{Diary}} class cannot be the task has already set the variable's value explicitly [API 2014]. This solution transfers the responsibility for maintenance to the client (DiaryPool) but is a good option when the Diary class cannot be modified.
Compliant Solution (beforeExecute())
This compliant solution uses a custom ThreadPoolExecutor that extends ThreadPoolExecutor and overrides the beforeExecute() method. This The beforeExecute() method is invoked before the Runnable task is executed in the specified thread to reinitialize . The method reinitializes the thread-local variable before task r is executed by thread t.
| Code Block | ||
|---|---|---|
| 
 | ||
| class CustomThreadPoolExecutor extends ThreadPoolExecutor { public CustomThreadPoolExecutor(int corePoolSize, int maximumPoolSize, long keepAliveTime, long keepAliveTime, TimeUnit unit, BlockingQueue<Runnable> workQueue) { super(corePoolSize, maximumPoolSize, keepAliveTime, unit, workQueue); } @Override public void beforeExecute(Thread t, Runnable r) { if (t == null || r == null) { throw new NullPointerException(); } Diary.setDay(Day.MONDAY); super.beforeExecute(t, r); } } public final class DiaryPool { // ... DiaryPool() { exec = new CustomThreadPoolExecutor(NoOfThreadsNumOfthreads, NoOfThreadsNumOfthreads, 10, TimeUnit.SECONDS, new ArrayBlockingQueue<Runnable>(10)); diary = new Diary(); } // ... } | 
Exceptions
CON33TPS04-J-EX1EX0: There It is no need unnecessary to reinintialize reinitialize a ThreadLocal object that does not change state after initialization. For example, there may be only one type of database connection represented by the initial value of the ThreadLocal object.
...
Objects using ThreadLocal data and executed by different threads tasks in a thread pool without reinitialization might be in an unexpected state when reused.
| Rule | Severity | Likelihood | Detectable | 
|---|
| Repairable | Priority | Level | 
|---|
| TPS04-J | 
| Medium | 
| Probable | 
| Yes | 
| No | 
| P8 | 
Automated Detection
TODO
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
References
...
| L2 | 
Bibliography
...
| [ | 
...
| Section 14.13 | 
...
| , " | 
...
| Variables" | 
...
11. Concurrency (CON) CON34-J. Avoid client-side locking when using classes that do not commit to their locking strategy