ThreadSafe explained
ThreadSafe is a source code analysis tool that identifies application risks and security vulnerabilities associated with concurrency in Java code bases, using whole-program interprocedural analysis.[1] [2] [3] [4] ThreadSafe is used to identify and avoid software failures in concurrent applications running in complex environments.[5] [6]
Features
ThreadSafe detects Java concurrency defects:
- Race conditions – which lead to incorrect or unpredictable behaviour that is difficult to reproduce in a debugger.
- Deadlocks[7] – caused by circular waits between threads waiting for shared resources.
- Unpredictable results – caused by incorrect handling of concurrent collections, bad error handling, or mixed object synchronization.
- Performance bottlenecks – caused by incorrect API usage, redundant synchronization, and unnecessary use of shared mutable state.
ThreadSafe is integrated with the Eclipse software development environment and with the SonarQube software quality management platform. Contextual information is provided within the development environment to assist the developer with the investigation and resolution of concurrency issues, directly in the code. A command-line version is available for users of IDEs other than Eclipse and for build process integration.
Checking adherence to standards
ThreadSafe detects violations of the concurrency-related rules in theCERT Oracle Secure Coding Standard for Java.[8]
See also
Notes and References
- Web site: Grazi. Victor. ThreadSafe Concurrency Static Analysis Tool Announces First Public Release. InfoQ.com. August 28, 2013.
- Web site: Taft. Darryl. Contemplate Delivers ThreadSafe Java Concurrency Static Analysis Tool. DevX.com. September 4, 2013.
- Web site: Atkey. Robert. Discover and Diagnose Java Concurrency Problems Using Contemplate's ThreadSafe. InfoQ.com. January 14, 2014.
- Atkey. Robert. Sannella. Donald. 2015. ThreadSafe: Static Analysis for Java Concurrency. Electronic Communications of the EASST. 72. 10.14279/tuj.eceasst.72.1025.995.
- Web site: Roy. Ritobaan. Software Errors: New Technology Briefing For CFOs. dead. https://web.archive.org/web/20131014022454/http://www.cfo-insight.com/risk-management-it/it/software-errors-new-technology-briefing-for-cfos/. October 14, 2013. CFO Insight. May 1, 2013.
- Web site: Rubens. Paul. Why Software Testing Can't Save You From IT Disasters. Reference to ThreadSafe on page 2. CIO.com. March 12, 2014. April 18, 2014. March 14, 2014. https://web.archive.org/web/20140314181258/http://www.cio.com/article/749493/Why_Software_Testing_Can_t_Save_You_From_IT_Disasters. dead.
- Web site: Raible. Matt. Contemplate ThreadSafe Introduces Deadlock Detection. InfoQ.com. June 26, 2014.
- Web site: SEI CERT Oracle Coding Standard for Java. Software Engineering Institute, Carnegie Mellon University. March 18, 2016.