It is tempting to consider primitive operations on primitive data atomic. For instance, you can assume that the code:
| Code Block |
|---|
x = 3;
|
is atomic with regard to x. Many people also assume atomicity in operators like the following:
| Code Block |
|---|
x++;
|
But this is not an atomic operator; it involves reading the current value of x, adding one to it, and setting x to the new, incremented value.
Declaring a shared mutable variable volatile ensures the visibility of the latest updates on it across other threads but does not guarantee the atomicity of composite operations. For example, the variable increment operation consisting of the sequence read-modify-write is not atomic even when the variable is declared volatile.
...
Note that, as with volatile, updated values are immediately visible to other threads when either one of these two techniques is used. Synchronization provides a way to safely share object state across multiple threads without the need to reason about reorderings, compiler optimizations and hardware specific behavior.
This rule specifically deals with primitive operators like ++. For atomicity of other functions, see CON07-J. Multiple calls to atomic functions are not themselves atomic.
Noncompliant Code Example (volatile)
...
| Code Block | ||
|---|---|---|
| ||
private volatile int itemsInInventory = 100;
public int removeItem() {
if(itemsInInventory > 0) {
return itemsInInventory--; // Returns new count of items in inventory
}
return -1; // Error code
}
|
Compliant Solution (
...
java.util.concurrent.atomic classes)
Volatile variables are unsuitable when more than one load/store operation needs to be atomic. There is an alternative method to perform multiple operations atomically. This compliant solution uses a java.util.concurrent.atomic.AtomicInteger variable.
...
| Wiki Markup |
|---|
The {{compareAndSet()}} method takes two arguments, the expected value of a variable when the method is invoked and the updated value. This compliant solution uses this method to atomically set the value to the given updated value if and only if the current value equals the expected value. \[[API 06|AA. Java References#API 06]\] |
Compliant Solution
...
(method synchronization)
This compliant solution uses method synchronization to synchronize access to shared variables. Consequently, access to itemsInInventory is mutually exclusive and consistent across all object states.
...
| Wiki Markup |
|---|
Synchronization is more expensive than using the optimized {{java.util.concurrent}} utilities and should only be used when the utilities do not contain the facilities (methods) required to carry out the atomic operation. When using explicit synchronization, the programmer must also ensure that two or more threads are not mutually accessible from a different set of two or more threads such that each thread holds a lock while trying to obtain another lock that is held by the other thread \[[Lea 00|AA. Java References#Lea 00]\]. Failure to follow this advice results in deadlocks ([CON12-J. Avoid deadlock by requesting and releasing locks in the same order]). |
Compliant Solution
...
(block synchronization)
Constructors and methods can use an alternative representation called block synchronization which synchronizes a block of code rather than a method, as highlighted in this compliant solution.
...
If the synchronized block was moved inside the if condition to reduce the performance cost associated with synchronization, the variable itemsInInventory would be required to be declared as volatile because the check to determine whether it is greater than 0 relies on the latest value of the variable.
Compliant Solution (
...
ReentrantLock)
This compliant solution uses a java.util.concurrent.locks.ReentrantLock to atomically perform the operation.
...
Code that uses this lock behaves similar to synchronized code that uses the traditional monitor lock. In addition, it provides several other capabilities, for instance, the tryLock() method does not block waiting if another thread is already holding the lock. The class java.util.concurrent.locks.ReentrantReadWriteLock can be used when a thread requires a lock to write information while other threads require the lock to simultaneously read the information.
Noncompliant Code Example (AtomicReference)
This noncompliant code example uses two AtomicReference objects to hold one BigInteger object reference each.
| Code Block | ||
|---|---|---|
| ||
public class AtomicAdder {
private final AtomicReference<BigInteger> first;
private final AtomicReference<BigInteger> second;
public AtomicAdder(BigInteger f, BigInteger s) {
first = new AtomicReference<BigInteger>(f);
second = new AtomicReference<BigInteger>(s);
}
public void update(BigInteger f, BigInteger s){ // Unsafe
first.set(f);
second.set(s);
}
public BigInteger add() { // Unsafe
return first.get().add(second.get());
}
}
|
An AtomicReference is an object reference that can be updated atomically. Operations that use these two atomic references independently are guaranteed to be atomic, however, if an operation involves using both together, thread-safety issues arise. For instance, in this noncompliant code example, adding the two big integers is not thread-safe because it is possible that while the addition is being carried out in a thread, another thread may update the value of one or both big integers, leading to an erroneous result.
Compliant Solution (method synchronization)
This compliant solution declares the update() and add() methods as synchronized to guarantee atomicity.
| Code Block | ||
|---|---|---|
| ||
public class AtomicAdder {
public synchronized void update(BigInteger f, BigInteger s){
first.set(f);
second.set(s);
}
public synchronized BigInteger add() {
return first.get().add(second.get());
}
}
|
Prefer using the block form of synchronization for better performance, when there are nonatomic operations within the method that do not require any synchronization. These operations can be decoupled from those that require synchronization and executed outside the synchronized block.
Risk Assessment
If operations on shared variables are not atomic, unexpected results may be produced. For example, there can be inadvertent information disclosure as one user may be able to receive information about other users.
...