...
This statement can be misleading because it is inapplicable to instances that use values of static final fields that are initialized at a later stage. Declaring a field to be static final is insufficient to guarantee that it is fully initialized before being read.
Noncompliant Code Example (Intra-Class Cycle)
This noncompliant code example contains an intra-class initialization cycle.
...
| Wiki Markup |
|---|
The _Java Language Specification_ permits implementations to ignore the possibility of such recursive attempts \[[Bloch 2005|AA. Bibliography#Bloch 05]\]. |
Compliant Solution (Intra-Class Cycle)
This compliant solution changes the initialization order of the class Cycle so that the fields are initialized without creating any dependency cycles. Specifically, the initialization of c is placed lexically after the initialization of deposit so that it occurs temporally after deposit is fully initialized.
...
Such initialization cycles become insidious when many fields are involved; ensure that the control flow lacks such cycles.
Noncompliant Code Example (Inter-Class Cycle)
This noncompliant code example declares two classes with static variables whose values depend on each other. The cycle is obvious when the classes are seen together (like they are here), but this can easily be missed when the classes are viewed separately.
...
The initialization order of the classes can vary and, consequently, cause computation of different values for A.a and B.b. When class A is initialized first, A.a will have the value 2, and B.b will have the value 1. These values will be reversed when class B is initialized first.
Compliant Solution (Inter-Class Cycle)
This compliant solution breaks the inter-class cycle by eliminating one of the dependencies.
...
With the cycle broken, the initial values will always be A.a = 2 and B.b = 3, regardless of initialization order.
Risk Assessment
Initialization cycles may lead to unexpected results.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
DCL04-J | low | unlikely | medium | P2 | L3 |
Automated Detection
TODO
Related Guidelines
C++ Secure Coding Standard | "DCL14-CPP. Avoid assumptions about the initialization order between translation units" |
Bibliography
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="c8461f2a1aad103b-1e4ae836-469b4977-a71a962d-1080141ab32aa006e8db9005"><ac:plain-text-body><![CDATA[ | [[JLS 2005 | AA. Bibliography#JLS 05]] | [§8.3.2.1, "Initializers for Class Variables" | http://java.sun.com/docs/books/jls/third_edition/html/classes.html#8.3.2.1] | ]]></ac:plain-text-body></ac:structured-macro> |
| |||||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="7fe15cbcbd0df3b6-f993f815-49194318-9b168817-e138c63d47ffa3ddbc19a84c"><ac:plain-text-body><![CDATA[ | [[Bloch 2005 | AA. Bibliography#Bloch 05]] | Puzzle 49: Larger Than Life | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="f515266c4f5daebc-a0f99589-461f40e7-ab589c31-49970fdd07e74170ccbad43c"><ac:plain-text-body><![CDATA[ | [[MITRE 2009 | AA. Bibliography#MITRE 09]] | [CWE ID 665 | http://cwe.mitre.org/data/definitions/665.html] "Improper Initialization" | ]]></ac:plain-text-body></ac:structured-macro> |
...