...
Writing garbage collection friendly code helps restrict many attack avenues. The best practices have been collated and enumerated below.
Use Short-
...
Lived Immutable Objects
| Wiki Markup |
|---|
Since JDK 1.2, the new generational garbage collector has reduced memory allocation related costs to minimal levels, even lesser than C/C++. Deallocation has also become cheaper such that the cost of garbage collection is commensurate with the number of _live_ objects in the _younger generation_ and not the _total_ number of objects allocated since the last run. Memory is managed in generations to optimize the collection. The younger generation consists of short-lived objects. A minor collection on the younger generation is performed when it fills up with dead objects. \[[Oracle 2010a|AA. Java References#Oracle 10a]\]. |
| Wiki Markup |
|---|
Note that objects in the _younger generation_ that persist for longer durations are _tenured_ and are moved to the _tenured generation_. Very few _younger generation_ objects continue to live through to the next garbage collection cycle; the rest become ready to be collected in the impending collection cycle. \[[Oracle 2010a|AA. Java References#Oracle 10a]\]. |
With generational GCs it is advantageous to use short-lived immutable objects instead of long-lived mutable objects. Object pools are examples of the latter and should be avoided to increase the garbage collector's efficiency. Moreover, object pools can create synchronization problems, deallocations have to be managed explicitly leading to dangers of dangling pointers, and the size of the pool plays a dominant role in mission critical code. Exceptions to this recommendation can be made when the allocation takes longer in comparison, such as when performing multiple joins across databases or when using objects that represent scarce resources such as thread pools and database connections.
...
This example also violates guideline FIO00-J. Defensively copy mutable inputs and mutable internal components.
...
The allocation for large objects is expensive and the initialization cost is proportional to their size. Sometimes large objects of different sizes can cause fragmentation issues or non compacting collect.
Do
...
Not Use Direct Buffers for Short Lived, Infrequently Used Objects
The new IO classes (NIO) in java.nio allow the creation and use of direct buffers. These buffers tremendously increase throughput for repeated IO activities, however, their creation and reclamation for one-time use is more expensive than heap based non-direct buffers. This is because OS specific native code is used to manage them. An OutOfMemoryError may result if large objects are allocated frequently using this technique. Direct buffers are also not subject to Java's garbage collector which may cause memory leaks.
...
| Wiki Markup |
|---|
This compliant solution improves by narrowing down the scope of the variable {{buffer}} so that the garbage collector collects the object as soon as it goes out of scope. \[[Bloch 2008|AA. Java References#Bloch 08]\]. |
| Code Block | ||
|---|---|---|
| ||
{ // limit the scope of buffer
int[] buffer = new int[100];
doSomething(buffer);
}
|
Array based data structures such as ArrayLists are exceptions because the programmer has to explicitly set a few of the array elements to null to indicate their absence or demise.
Long-
...
Lived Objects Containing Short-Lived Objects
Always remove short-lived objects from the long-lived container objects when the task is over. For example, objects attached to a java.nio.channels.SelectionKey object must be removed when they are no longer needed. Doing so reduces the possibility of memory leaks.
...
The garbage collector can be explicitly invoked by calling the System.gc() method. Even though the documentation says that it "Runs the garbage collector", there is no guarantee on when the garbage collector will actually run because the call only suggests that it will subsequently execute. Other reasons include ,the following:
- Irresponsible use of this feature can severely degrade system performance as the garbage collector would not wait until ripe periods when it is safe to garbage collect without interrupting the program's execution significantly.
- The application does not have enough information available on when to call
System.gc().
...
Misusing some garbage collection utilities can cause Denial Of Service (DoS) related issues and severe performance degradation.
Rule Guideline | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
OBJ13-J | low | likely | high | P3 | L3 |
...