You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by "Eduardo Aguinaga (JIRA)" <ji...@apache.org> on 2016/07/26 16:48:20 UTC
[jira] [Updated] (CASSANDRA-12295) Double check locking pattern
[ https://issues.apache.org/jira/browse/CASSANDRA-12295?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Eduardo Aguinaga updated CASSANDRA-12295:
-----------------------------------------
Description:
Overview:
In May through June of 2016 a static analysis was performed on version 3.0.5 of the Cassandra source code. The analysis included an automated analysis using HP Fortify v4.21 SCA and a manual analysis utilizing SciTools Understand v4. The results of that analysis includes the issue below.
Issue:
The file ketspace.java includes a double check locking pattern. The double check locking pattern is an incorrect idiom that does not achieve its intended effect.For more information see LCK-10J in the CERT Oracle Coding Standard for Java https://www.securecoding.cert.org/confluence/display/java/LCK10-J.+Use+a+correct+form+of+the+double-checked+locking+idiom
The snippet below shows the double check locking pattern:
Keyspace.java, lines 115-135:
{code:java}
115 private static Keyspace open(String keyspaceName, Schema schema, boolean loadSSTables)
116 {
117 Keyspace keyspaceInstance = schema.getKeyspaceInstance(keyspaceName);
118
119 if (keyspaceInstance == null)
120 {
121 // instantiate the Keyspace. we could use putIfAbsent but it's important to making sure it is only done once
122 // per keyspace, so we synchronize and re-check before doing it.
123 synchronized (Keyspace.class)
124 {
125 keyspaceInstance = schema.getKeyspaceInstance(keyspaceName);
126 if (keyspaceInstance == null)
127 {
128 // open and store the keyspace
129 keyspaceInstance = new Keyspace(keyspaceName, loadSSTables);
130 schema.storeKeyspaceInstance(keyspaceInstance);
131 }
132 }
133 }
134 return keyspaceInstance;
135 }
{code}
was:
Overview:
In May through June of 2016 a static analysis was performed on version 3.0.5 of the Cassandra source code. The analysis included an automated analysis using HP Fortify v4.21 SCA and a manual analysis utilizing SciTools Understand v4. The results of that analysis includes the issue below.
Issue:
The file ketspace.java includes a double check locking pattern. The double check locking pattern is an incorrect idiom that does not achieve its intended effect.For more information see LCK-10J in the CERT Oracle Coding Standard for Java https://www.securecoding.cert.org/confluence/display/java/LCK10-J.+Use+a+correct+form+of+the+double-checked+locking+idiom
The snippet below shows the double check locking pattern:
Keyspace.java, lines 115-135:
115 private static Keyspace open(String keyspaceName, Schema schema, boolean loadSSTables)
116 {
117 Keyspace keyspaceInstance = schema.getKeyspaceInstance(keyspaceName);
118
119 if (keyspaceInstance == null)
120 {
121 // instantiate the Keyspace. we could use putIfAbsent but it's important to making sure it is only done once
122 // per keyspace, so we synchronize and re-check before doing it.
123 synchronized (Keyspace.class)
124 {
125 keyspaceInstance = schema.getKeyspaceInstance(keyspaceName);
126 if (keyspaceInstance == null)
127 {
128 // open and store the keyspace
129 keyspaceInstance = new Keyspace(keyspaceName, loadSSTables);
130 schema.storeKeyspaceInstance(keyspaceInstance);
131 }
132 }
133 }
134 return keyspaceInstance;
135 }
> Double check locking pattern
> ----------------------------
>
> Key: CASSANDRA-12295
> URL: https://issues.apache.org/jira/browse/CASSANDRA-12295
> Project: Cassandra
> Issue Type: Bug
> Reporter: Eduardo Aguinaga
> Fix For: 3.0.5
>
>
> Overview:
> In May through June of 2016 a static analysis was performed on version 3.0.5 of the Cassandra source code. The analysis included an automated analysis using HP Fortify v4.21 SCA and a manual analysis utilizing SciTools Understand v4. The results of that analysis includes the issue below.
> Issue:
> The file ketspace.java includes a double check locking pattern. The double check locking pattern is an incorrect idiom that does not achieve its intended effect.For more information see LCK-10J in the CERT Oracle Coding Standard for Java https://www.securecoding.cert.org/confluence/display/java/LCK10-J.+Use+a+correct+form+of+the+double-checked+locking+idiom
> The snippet below shows the double check locking pattern:
> Keyspace.java, lines 115-135:
> {code:java}
> 115 private static Keyspace open(String keyspaceName, Schema schema, boolean loadSSTables)
> 116 {
> 117 Keyspace keyspaceInstance = schema.getKeyspaceInstance(keyspaceName);
> 118
> 119 if (keyspaceInstance == null)
> 120 {
> 121 // instantiate the Keyspace. we could use putIfAbsent but it's important to making sure it is only done once
> 122 // per keyspace, so we synchronize and re-check before doing it.
> 123 synchronized (Keyspace.class)
> 124 {
> 125 keyspaceInstance = schema.getKeyspaceInstance(keyspaceName);
> 126 if (keyspaceInstance == null)
> 127 {
> 128 // open and store the keyspace
> 129 keyspaceInstance = new Keyspace(keyspaceName, loadSSTables);
> 130 schema.storeKeyspaceInstance(keyspaceInstance);
> 131 }
> 132 }
> 133 }
> 134 return keyspaceInstance;
> 135 }
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)