Hi team,
This code snippet violates the bug rule (Java static code analysis | Bug). When scanned with SonarQube, the violation is not flagged.
Code snippet:
class NonThreadSafeStatic1 {
static Calendar calendar = Calendar.getInstance();
public static void main(String[] args) {
Thread t1 = new Thread(new Runnable() {
public void run() {
calendar.setTime(new Date(1000));
System.out.println(calendar.getTime());
}
});
Thread t2 = new Thread(new Runnable() {
public void run() {
calendar.setTime(new Date(2000));
System.out.println(calendar.getTime());
}
});
t1.start();
t2.start();
try {
t1.join();
t2.join();
} catch (InterruptedException e) {
e.printStackTrace();
}
}
public static void showBug() {
calendar.setTime(new Date(1000));
System.out.println(calendar.getTime());
calendar.setTime(new Date(2000));
System.out.println(calendar.getTime());
}
}
Note: To recreate, use the sonar-scanner command to rescan the code snippet above. Two scans where run with sonarqube version 9.9 and 10.7 both resulting in the bug violation nbot being flagged.
Scanning information
Sonarqube version: 10.7.0.96327
SonarScanner version: 5.0.1.3006
SonarQube Community Edition
Related language: Java
Code snippet in Sonar scan window:
