| Summary: | Unsafe synchronization in class ManagedBean | ||
|---|---|---|---|
| Product: | Tomcat Modules | Reporter: | Wendy <feng_yu_jia> |
| Component: | Tomcat Lite | Assignee: | Tomcat Developers Mailing List <dev> |
| Status: | RESOLVED WONTFIX | ||
| Severity: | normal | ||
| Priority: | P2 | ||
| Version: | unspecified | ||
| Target Milestone: | --- | ||
| Hardware: | PC | ||
| OS: | Windows XP | ||
Tomcat-lite is no longer being developed |
Class ManagedBean has eneffectiv code as follow: public void addNotification(NotificationInfo notification) { synchronized (notifications) { NotificationInfo results[] = new NotificationInfo[notifications.length + 1]; System.arraycopy(notifications, 0, results, 0, notifications.length); results[notifications.length] = notification; notifications = results; this.info = null; } } In this case, the object of notifications has been changed in the synchronized block. this may cause two threads synchronizing on different objects. If thread A and B access this method concurrently, and thread A execute the code " notifications = results; " earlier and then finished while thread B is still not finished. At the same time, Thread C access this method, then C will hold the different lock instance as Thread B. This is dangerous.