+
Skip to content

Double check when working with multithreading. SAST #40630

New issue
New issue
Closed
#41986
Closed
Double check when working with multithreading. SAST#40630
#41986
Assignees
shawkins
Labels
kind/enhancementCategorizes a PR related to an enhancementrelease/26.2.8release/26.3.4release/26.4.0
@LM4O322

Description

@LM4O322
LM4O322
opened on Jun 20, 2025

Description

Another one for you, guys

It looks like the usage of double check will not work reliably in a platform independent way when implemented in Java.

Writes that initialize the object and the write to the helper field can be done or perceived out of order.

Even if the compiler does not reorder those writes, on a multiprocessor the processor or the memory system may reorder those writes, as perceived by a thread running on another processor.

Discussion

No response

Motivation

No response

Details

I think it's worth reviewing the following double check blocks:

keycloak/services/src/main/java/org/keycloak/credential/WebAuthnCredentialProviderFactory.java

Lines 37 to 39 in 7fac153

if (converter == null) {
synchronized (this) {
if (converter == null) {

2nd:

keycloak/services/src/main/java/org/keycloak/services/resources/WelcomeResource.java

Lines 262 to 264 in 7fac153

if (shouldBootstrap == null) {
synchronized (this) {
if (shouldBootstrap == null) {

3rd:

keycloak/services/src/main/java/org/keycloak/theme/freemarker/DefaultFreeMarkerProviderFactory.java

Lines 19 to 21 in 7fac153

if (provider == null) {
synchronized (this) {
if (provider == null) {

4th:

keycloak/services/src/main/java/org/keycloak/credential/WebAuthnPasswordlessCredentialProviderFactory.java

Lines 42 to 44 in 7fac153

if (converter == null) {
synchronized (this) {
if (converter == null) {

Suggest using volatile variables.

JDK5 and later extends the semantics for volatile so that the system will not allow a write of a volatile to be reordered with respect to any previous read or write, and a read of a volatile cannot be reordered with respect to any following read or write.

Took the information from the source: https://www.cs.umd.edu/~pugh/java/memoryModel/DoubleCheckedLocking.html

Found by Linux Verification Center with SVACE

Metadata

Metadata

Assignees

Labels

kind/enhancementCategorizes a PR related to an enhancementrelease/26.2.8release/26.3.4release/26.4.0

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions
    点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载