New Code Analysis Request

Just spent 3 hours figuring out that Base64Encoder is not thread safe, causing my encryption utility to occasionally fail unpredictably. I had eye-balled the source code and erroneously "certified" it as thread safe. Alas - if only IntelliJ had an inspection for determining whether a class were thread safe!

Any chance of adding such a feature?

Thanks/Victor Grazi

1 comment
Comment actions Permalink

There are a variety of inspections for threading issues in InspectionGadgets which might help you, but a generic "Is this class thread-safe" inspection is way out of scope. Indeed, given the richness of Java's threading model, any such inspection would have to be a crude approximation at best, either returning many false positives (e.g. if it reported any class that didn't synchronized every variable access), many false negatives (reporting classes as safe even if their threading behaviour could be changed by inheritance), be incredibly computationally expensive, or most likely all three.

On the plus side, I would expect there to be a fair amount of work in extending Java with annotations describing the threading properties of the underlying code. Properties such as ownership, alias-freedom, and thread-locality are ripe for annotations. Such annotations could certainly be leveraged by static and dynamic code analyses, up to and including proofs of thread-safety.

--Dave Griffith


Please sign in to leave a comment.