Skip to content

Java/more thread safe initialisers #20910

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Java/more thread safe initialisers #20910

wants to merge 3 commits into from
+73 −2

Conversation

@yoff
Copy link
Contributor

@yoff yoff commented Nov 25, 2025

When a field is assigned a safe type in a constructor, that field is not exposed.

Copilot AI review requested due to automatic review settings November 25, 2025 14:52
@yoff yoff requested a review from a team as a code owner November 25, 2025 14:52
Copilot finished reviewing on behalf of yoff November 25, 2025 14:55
Copilot AI reviewed Nov 25, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR enhances Java thread safety analysis to recognize when fields are initialized with thread-safe types inside constructors, not just in field initializer expressions. This reduces false positives when fields are assigned thread-safe collections (like ConcurrentHashMap or synchronized maps) in constructors.

Key Changes:

  • Added initialValue predicate to check both field initializers and constructor assignments
  • Modified ExposedField class to use the new predicate for more comprehensive thread-safety checking
  • Added comprehensive test coverage for the new functionality

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.

File Description
java/ql/lib/semmle/code/java/ConflictingAccess.qll Implements the core logic by adding initialValue predicate and updating ExposedField to check constructor assignments
java/ql/test/query-tests/ThreadSafe/examples/ThreadSafeInitializers.java Adds test cases demonstrating thread-safe initialization patterns in constructors
java/ql/test/query-tests/ThreadSafe/ThreadSafe.expected Updates expected test results to include the new test case alert
java/ql/src/change-notes/2025-11-25-thread-safe-initializers.md Documents the enhancement in the release notes

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

yoff and others added 3 commits November 25, 2025 18:10
@yoff @raulpardo
java: add tests for thread safe initialisation
1ec947f 
Co-authored-by: Raúl Pardo <[email protected]>
@yoff
java: understand more initializers
4687d09 
Whne a fiels is assigned a safe type in a constructor,
that field is not exposed.
@yoff
java: add change note
efb6a79
@yoff yoff force-pushed the java/more-thread-safe-initialisers branch from 52296d4 to efb6a79 Compare November 25, 2025 17:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

documentation Java

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@yoff