SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 196

changes.mady.by.user Dean Sutherland

Saved on

compared with

New Version 197

changes.mady.by.user Melanie Thompson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Wiki Markup
Compound operations are operations that consist of more than one discrete operation. Expressions that include postfix or prefix increment ({{\+\+}}),  postfix or prefix decrement ({{\-\-}}), or compound assignment operators always result in compound operations. Compound assignment expressions use operators such as {{\*=, /=, %=, \+=, \-=, <<=, >>=, >>>=, \^=}} and {{\|=}} \[[JLS 2005|AA. Bibliography#JLS 05]\]. Compound operations on shared variables  must be performed atomically to prevent [data races|BB. Definitions#data race] and [race conditions|BB. Definitions#race conditions].

...

The simple replacement of the two int fields with atomic integers, in this example, does not eliminate the race condition because the compound operation a.get() + b.get() is still non-atomic.

...

Any operations within the synchronized methods are now atomic, with respect to other synchronized methods that lock on that object's monitor (intrinsic lock). It is now possible, for example, to add overflow checking to the synchronized getSum() method without introducing the possibility of a race condition.

...

Any vulnerabilities resulting from the violation of this guideline are listed on the CERT website.

Related Guidelines

MITRE CWE: CWE-667 "Insufficient Locking"

MITRE CWE: CWE-413 "Insufficient Resource Locking"

MITRE CWE: CWE-366 "Race Condition within a Thread"

MITRE CWE: CWE-567 "Unsynchronized Access to Shared Data"

Bibliography

Wiki Markup
\[[API 2006|AA. Bibliography#API 06]\] Class AtomicInteger
\[[JLS 2005|AA. Bibliography#JLS 05]\] [Chapter 17, Threads and Locks|http://java.sun.com/docs/books/jls/third_edition/html/memory.html], Section 17.4.5 Happens-Before Order, Section 17.4.3 Programs and Program Order, Section 17.4.8 Executions and Causality Requirements
\[[Tutorials 2008|AA. Bibliography#Tutorials 08]\] [Java Concurrency Tutorial|http://java.sun.com/docs/books/tutorial/essential/concurrency/index.html]
\[[Lea 2000|AA. Bibliography#Lea 00]\] Section 2.2.7 The Java Memory Model, Section 2.1.1.1 Objects and Locks
\[[Bloch 2008|AA. Bibliography#Bloch 08]\] Item 66: Synchronize access to shared mutable data
\[[Goetz 2006|AA. Bibliography#Goetz 06]\] 2.3. "Locking"
\[[MITRE 2009|AA. Bibliography#MITRE 09]\] [CWE ID 667|http://cwe.mitre.org/data/definitions/667.html] "Insufficient Locking," [CWE ID 413|http://cwe.mitre.org/data/definitions/413.html] "Insufficient Resource Locking," [CWE ID 366|http://cwe.mitre.org/data/definitions/366.html] "Race Condition within a Thread," [CWE ID 567|http://cwe.mitre.org/data/definitions/567.html] "Unsynchronized Access to Shared Data"

Issue Tracking

Tasklist
Review List
Review List
||Completed||Priority||Locked||CreatedDate||CompletedDate||Assignee||Name||

...