...
| Wiki Markup |
|---|
Safety and liveness are both concerns when using the wait/notify mechanism. Safety requires that all objects maintain consistent states in a multithreaded environment \[[Lea 2000|AA. Bibliography#Lea 00]\]. Liveness requires that every operation or method invocation execute to completion without interruption. |
...
| Wiki Markup |
|---|
To guarantee safety, the {{while}} loop condition must be tested even after the {{wait()}} method is invoked. While {{wait()}} is meant to block indefinitely until a notification is received, it must still be encased within a loop to prevent the following vulnerabilities \[[Bloch 2001|AA. Bibliography#Bloch 01]\]: |
- thread in the middle - A middleâ”A third thread can acquire the lock on the shared object during the interval between a notification being sent and the receiving thread resuming execution. This thread can change the state of the object, leaving it inconsistent. This is a time-of-check-to-time-of-use (TOCTOU) condition.
- malicious notification - There notificationâ”There is no guarantee that a random notification will not be received when the condition predicate is false. This means that the invocation of
wait()may could be nullified by the notification. - misdelivered notification - Sometimes notificationâ”Sometimes on receipt of a
notifyAll()signal, an unrelated thread can start executing, and it is possible for its condition predicate to be true. Consequently, it may could resume execution, although it was required to remain dormant. Wiki Markup spurious wake-upsupsâCertain - Certain JVM implementations are vulnerable to spurious wake -ups that result in waiting threads waking up even without a notification \[[API 2006|AA. Bibliography#API 06]\].
...