JavaScript is not currently enabled, but is required for full CodeSonar manual search and browse functionality.
If you are viewing this file in your hub's Web GUI, enable JavaScript in your browser: you will also need it for GUI functionality.
If you opened this file directly from disk, your browser may be directly suppressing JavaScript functionality: certain browsers perform this suppression on local files (but not files delivered by web servers) for security reasons.
| CodeSonar® 9.2p0 | CONFIDENTIAL | CodeSecure Inc |
A synchronized statement is needed to access a field.
Programmers often forget about the consistent use of synchronization statements, which results in fields being accessed without the required lock being held. This checker identifies such situations, even without any explicit annotation by the programmer.
The analyzer uses a statistical approach: if most accesses to a particular field are synchronized then it is likely that all accesses are intended to be synchronized, so a warning will be issued if there is an unsynchronized access to that field.
Java uses synchronized statements and methods to guarantee that data is accessed in a sequential way and avoid race conditions in multithreaded applications. Incorrect uses of synchronization result in unexpected behaviors and subtle bugs, very hard to identify and reproduce.
Checks for this warning class make use of annotations @com.juliasoft.julia.checkers.guardedBy.GuardedBy and @com.juliasoft.julia.checkers.guardedBy.Holding. Add these annotations to your code to identify synchronization requirements for CodeSonar to check.
The @GuardedBy annotation for fields and parameters and the @Holding annotation for methods and constructors accept a string argument, according to the following syntax.
| クラス名 | Missing synchronized Statement (Java) | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 日本語クラス名 | Missing synchronized Statement (Java) | |||||||||||||||
| クラス分類 | 信頼性 (reliability) | |||||||||||||||
| ニーモニック | JAVA.CONCURRENCY.SYNC.MSS | |||||||||||||||
| カテゴリー |
|
|||||||||||||||
| 対応言語 | Available for Java and Kotlin. |
|||||||||||||||
| 有効/無効設定 | このワーニングクラスのチェックはデフォルトで無効になっています。チェックを有効にするにはプロジェクト設定ファイル
(configuration file)に以下の WARNING_FILTER ルールを追加してください。
WARNING_FILTER += allow class="Missing synchronized Statement (Java)" |
English (en)
import java.util.HashSet;
import java.util.Set;
public class UserRegistry {
private final Set<String> users = new HashSet<String>();
public void register(String user) {
synchronized (users) {
users.add(user);
}
}
public void unregister(String user) {
synchronized (users) {
users.remove(user);
}
}
public boolean isRegistered(String user) {
return users.contains(user); // "Missing synchronized Statement (Java)" warning issued here
}
public int countUsers() {
synchronized (users) {
return users.size();
}
}
}
In this case, the programmer should add a synchronization on the access to field users inside method isRegistered() as well. We recall that hashsets are not synchronized in Java and concurrent access to the same hashset might result in inconsistent behaviors or even deadlock. Another solution, here, would be to use a synchronized or concurrent set, by exploiting the classes already available in the standard Java library. In that case, no synchronized statement would be needed anymore.
Verify if the missing synchronization should actually be there. Annotate fields and methods with the lock that must be held when they are accessed or called, by using the @GuardedBy and @Holding annotations. If this checker does not accept those annotations, it is likely the case that your program has a synchronization problem.
設定ファイルの以下のパラメータがこのワーニングクラスのチェックに影響します。
To report problems with this documentation, please visit https://support.codesecure.com/.