[JAVA] squid:S2222 Locks should be released - False Positive - lock is created conditionally
187 views
Skip to first unread message
Adam Gabryś
Jun 28, 2017, 9:18:19 AM6/28/17
to SonarQube
Hello,
Java Plugin reported a False Positive for lock which is created conditionally (the lock is released in finally block):
Environment:
- SonarQube 5.6.6
- SonarJava 4.9.0.9858
Best Regards,
Adam Gabryś
Michael Gumowski
Jun 28, 2017, 11:05:25 AM6/28/17
to Adam Gabryś, SonarQube
Hello Adam,
Thank you for the feedback. Unfortunately I'm not able to reproduce the issue locally with version 4.9.0.9858 of SonarJava (nor with version 4.11-RC2).
Could you provide a self contained code snippet which reproduce the issue systematically?
Cheers,
Michael
FYI, I tried to reproduce the issue with the following code:
import javax.annotation.CheckForNull;
import java.util.concurrent.locks.Lock;
import java.util.concurrent.locks.ReentrantLock;
abstract class A {
void foo(boolean a) throws Exception {
Lock lock = null;
if (a) {
lock = new ReentrantLock();
lock.lock();
}
try {
Object o = getValue();
if (o == null) {
throw new Exception();
}
if (a) {
doSomething();
}
} finally {
if (lock != null) {
lock.unlock();
}
}
}
@CheckForNull
abstract Object getValue() throws Exception;
abstract void doSomething() throws Exception;
}
--
You received this message because you are subscribed to the Google Groups "SonarQube" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sonarqube+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sonarqube/VI1PR0801MB1341B78FB7F937C014D647F198DD0%40VI1PR0801MB1341.eurprd08.prod.outlook.com.
For more options, visit https://groups.google.com/d/optout.
--
Michael Gumowski | SonarSource
Adam Gabryś
Jul 3, 2017, 6:32:42 AM7/3/17
to Michael Gumowski, SonarQube
Hello,
Project:
Build:
mvn clean package sonar
New screen:
Best Regards,
Adam Gabryś
Adam Gabryś
From: Michael Gumowski <michael....@sonarsource.com>
Sent: Wednesday, June 28, 2017 5:05 PM
To: Adam Gabryś; SonarQube
Subject: Re: [JAVA] squid:S2222 Locks should be released - False Positive - lock is created conditionally
Sent: Wednesday, June 28, 2017 5:05 PM
To: Adam Gabryś; SonarQube
Subject: Re: [JAVA] squid:S2222 Locks should be released - False Positive - lock is created conditionally
Michael Gumowski
Jul 10, 2017, 8:45:03 AM7/10/17
to Adam Gabryś, SonarQube
Hey Adam,
Thanks for the feedback and the reproducer. This is indeed an interesting FP, playing with the limits of our Symbolic Execution engine. From your code snippet, I identified and created the following ticket to handle the issue: SONARJAVA-2379
To give you a bit more info. We are currently considering any method invocation as potentially able to raise runtime exceptions. Consequently, the engine will also assume that calling "unlock()" can throw such unexpected runtime exceptions. Problem is that in your parent try-catch-block, you are catching a runtime exception (UnknownIdentifierException). This catch block makes the engine branch from unlock() directly to it, without considering the lock as being unlocked. It then leads to exiting the method with the lock still considered as being locked.
Cheers,
Michael
To view this discussion on the web visit https://groups.google.com/d/msgid/sonarqube/VI1PR0801MB13419F4F203AAF5105154F4098D60%40VI1PR0801MB1341.eurprd08.prod.outlook.com.
For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages