Thank you. DCL has been discussed in the past and the community is in
agreement that it is a pattern to avoid.
If you see DCL code in OFBiz, it is because no one has taken the time to
fix it.
-Adrian
On 1/9/2013 1:04 PM, Sumit Pandit wrote:
As per Fortyfy analysis report - "Double-checked locking is an incorrect idiom that
does not achieve the intended effect"
F ollowing code is written to guarantee that only one Fitzer() object is ever
allocated, but does not want to pay the cost of synchronization every time this
code is called. This idiom is known as double-checked locking.
if (fitz == null) {
synchronized (this) {
if (fitz == null) {
fitz = new Fitzer();
}
}
}
return fitz;
Unfortunately, it does not work, and multiple Fitzer() objects can be
allocated. Therefore above code pattern is not recommended by Fortify.
Hence, for above scenario- Following is Recommendation by same: -
synchronized (this) {
if (fitz == null) {
fitz = new Fitzer();
}
}
return fitz;
As it is already known that in terms of performance, synchronized block is
expensive. As OFBiz code contains many references where Double checked locking
existed. And I would go with as is code rather to go with Fortify
recommendation.
Still looking for community to share the opinion. Your comments would be highly
appreciable.
Thanks in advance,