SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 167

changes.mady.by.user Pranjal Jumde

Saved on

compared with

New Version 168

changes.mady.by.user Fred Long

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This noncompliant code example shows a thread that fills a vector with pseudorandom numbers. The thread is forcefully stopped after a given amount of time.

Code Block
bgColor#FFcccc

public final class Container implements Runnable {
  private final Vector<Integer> vector = new Vector<Integer>(1000);

  public Vector<Integer> getVector() {
    return vector;
  }

  @Override public synchronized void run() {
    Random number = new Random(123L);
    int i = vector.capacity();
    while (i > 0) {
      vector.add(number.nextInt(100));
      i--;
    }
  }

  public static void main(String[] args) throws InterruptedException {
    Thread thread = new Thread(new Container());
    thread.start();
    Thread.sleep(5000);
    thread.stop();
  }
}

...

This compliant solution uses a volatile flag to request thread termination. The shutdown() accessor method is used to set the flag to true. The thread's run() method polls the done flag and terminates when it is set.

Code Block
bgColor#ccccff

public final class Container implements Runnable {
  private final Vector<Integer> vector = new Vector<Integer>(1000);
  private volatile boolean done = false;

  public Vector<Integer> getVector() {
    return vector;
  }

  public void shutdown() {
    done = true;
  }

  @Override public synchronized void run() {
    Random number = new Random(123L);
    int i = vector.capacity();
    while (!done && i > 0) {
      vector.add(number.nextInt(100));
      i--;
    }
  }

  public static void main(String[] args) throws InterruptedException {
    Container container = new Container();
    Thread thread = new Thread(container);
    thread.start();
    Thread.sleep(5000);
    container.shutdown();
  }
}

...

In this compliant solution, the Thread.interrupt() method is called from main() to terminate the thread. Invoking Thread.interrupt() sets an internal interrupt status flag. The thread polls that flag using the Thread.interrupted() method, which both returns true if the current thread has been interrupted and clears the interrupt status flag.

Code Block
bgColor#ccccff

public final class Container implements Runnable {
  private final Vector<Integer> vector = new Vector<Integer>(1000);

  public Vector<Integer> getVector() {
    return vector;
  }

  @Override public synchronized void run() {
    Random number = new Random(123L);
    int i = vector.capacity();
    while (!Thread.interrupted() && i > 0) {
      vector.add(number.nextInt(100));
      i--;
    }
  }

  public static void main(String[] args) throws InterruptedException {
    Container c = new Container();
    Thread thread = new Thread(c);
    thread.start();
    Thread.sleep(5000);
    thread.interrupt();
  }
}

...

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

THI05-J

low

probable

medium

P4

L3

Related Guidelines

CERT C Secure Coding Standard

POS47-C. Do not use threads that can be canceled asynchronously

MITRE CWE

CWE-705. Incorrect Control Flow Scoping

Android Implementation Details

On Android, Thread.stop() was deprecated in API level 1.

Bibliography

[API 2006]

Class Thread, method stop, interface ExecutorService

[Sun 1999]

 

[Darwin 2004]

24.3, Stopping a Thread

[JDK7 2008]

Concurrency Utilities, More information: Java Thread Primitive Deprecation

[JPL 2006]

14.12.1, Don't Stop; 23.3.3, Shutdown Strategies

[JavaThreads 2004]

2.4, Two Approaches to Stopping a Thread

[Goetz 2006]

Chapter 7, Cancellation and Shutdown

 

      09. Thread APIs (THI)      10. Thread Pools (TPS)