ThreadSafe is a source code analysis tool that identifies application risks and security vulnerabilities associated with concurrency in Java code bases, using whole-program interprocedural analysis.[1][2][3][4] ThreadSafe is used to identify and avoid software failures in concurrent applications running in complex environments.[1][2][5][6]
Race conditions – which lead to incorrect or unpredictable behaviour that is difficult to reproduce in a debugger.
Deadlocks[7] – caused by circular waits between threads waiting for shared resources.
Unpredictable results – caused by incorrect handling of concurrent collections, bad error handling, or mixed object synchronization.
Performance bottlenecks – caused by incorrect API usage, redundant synchronization, and unnecessary use of shared mutable state.
ThreadSafe is integrated with the Eclipse software development environment and with the SonarQube software quality management platform. Contextual information is provided within the development environment to assist the developer with the investigation and resolution of concurrency issues, directly in the code.[2][3][4] A command-line version is available for users of IDEs other than Eclipse and for build process integration.
Checking adherence to standards
ThreadSafe detects violations of the concurrency-related rules in the
CERT Oracle Secure Coding Standard for Java.[8]
^ abcAtkey, Robert; Sannella, Donald (2015). "ThreadSafe: Static Analysis for Java Concurrency". Electronic Communications of the EASST. 72. doi:10.14279/tuj.eceasst.72.1025.995.