SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 213

changes.mady.by.user Will Snavely

Saved on

compared with

New Version Current

changes.mady.by.user Jon O'Donnell

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Failure to ensure the atomicity of two or more operations that must be performed as a single atomic operation can result in race conditions in multithreaded applications.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

VNA03-J

Low

Probable

Medium

P4

L3

Automated Detection

Some static analysis tools are capable of detecting violations of this rule.

ToolVersionCheckerDescription
CodeSonar
4.2FB.MT_CORRECTNESS.IS2_INCONSISTENT_SYNC
FB.MT_CORRECTNESS.IS_FIELD_NOT_GUARDED
FB.MT_CORRECTNESS.STCAL_INVOKE_ON_STATIC_CALENDAR_INSTANCE
FB.MT_CORRECTNESS.STCAL_INVOKE_ON_STATIC_DATE_FORMAT_INSTANCE
FB.MT_CORRECTNESS.STCAL_STATIC_CALENDAR_INSTANCE
FB.MT_CORRECTNESS.STCAL_STATIC_SIMPLE_DATE_FORMAT_INSTANCEInconsistent synchronization
Field not guarded against concurrent access
Call to static Calendar
Call to static DateFormat
Static Calendar field
Static DateFormat

Include Page
CodeSonar_V
CodeSonar_V

JAVA.CONCURRENCY.VOLATILEUseless volatile Modifier (Java)
Coverity7.5

ATOMICITY
GUARDED_BY_VIOLATION
INDIRECT_GUARDED_BY_VIOLATION
NON_STATIC_GUARDING_STATIC
NON_STATIC_GUARDING_STATIC
FB.IS2_INCONSISTENT_SYNC
FB.IS_FIELD_NOT_GUARDED
FB.IS_INCONSISTENT_SYNC
FB.STCAL_INVOKE_ON_STATIC_ CALENDAR_INSTANCE
FB.STCAL_INVOKE_ON_STATIC_ DATE_FORMAT_INSTANCE
FB.STCAL_STATIC_CALENDAR_ INSTANCE
FB.STCAL_STATIC_SIMPLE_DATE_ FORMAT_INSTANCE

Implemented
Parasoft Jtest
9.5TRS.SSUG, TRS.MRAV
Include Page
Parasoft_V
Parasoft_V
CERT.VNA03.SSUG
CERT.VNA03.MRAV		Make the get method for a field synchronized if the set method is synchronized
Access related Atomic variables in a synchronized block
Implemented
ThreadSafe
Include Page
ThreadSafe_V
ThreadSafe_V

CCE_CC_NON_ATOMIC_GCP
CCE_CC_NON_ATOMIC_CP
CCE_CC_UNSAFE_ITERATION
CCE_LK_REPLACE_WITH_TRYLOCK

Implemented

Related Guidelines

MITRE CWE

CWE-362, Concurrent Execution Using Shared Resource with Improper Synchronization ("Race Condition")
CWE-366, Race Condition within a Thread
CWE-662, Improper Synchronization

Bibliography

[API 2014]

 


[Goetz 2006]

Section 4.4.1, "Client-side Locking"
Section 5.2.1, "ConcurrentHashMap"

[JavaThreads 2004]

Section 8.2, Synchronization and Collection Classes

[Lee 2009]

Map & Compound Operation

...


...

Image Modified Image Modified Image Modified