sonar-findbugs icon indicating copy to clipboard operation
sonar-findbugs copied to clipboard

Published 20 hours ago verified publisher icon spotbugs

fb-contrib:USFW_UNSYNCHRONIZED_SINGLETON_FIELD_WRITES java rule caught issue in Kotlin Code

Open yokum3 opened this issue 2 years ago • 4 comments

##fb-contrib:USFW_UNSYNCHRONIZED_SINGLETON_FIELD_WRITES

Environment

Component Kotlin
SonarQube 9.4
Sonar-FindBugs fb-contrib:USFW_UNSYNCHRONIZED_SINGLETON_FIELD_WRITES
Maven ?????
Gradle ?????
Java ?????

Code (If needed)

public class BugSample1 {
  public static void hello(String message) {
       
    //Something
    Runnable r = () -> System.out.println(message);
   
    r.run();
![FB_Issue](https://user-images.githubusercontent.com/62380441/180961093-d6947994-7bd2-490a-a104-5ed216bbe8d3.jpg)

  }
}

yokum3 avatar Jul 26 '22 08:07 yokum3

FB_Issue

yokum3 avatar Jul 26 '22 08:07 yokum3

My understanding is that Kotlin auto-generates getters and setters, so even if they are not written, the methods will be present in the bytecode analyzed by SpotBugs. Since the setter is not synchronized the detector reports an issue.

I don't know Kotlin or Spring but from what I understand you should make these setters synchronized: https://stackoverflow.com/questions/45445991/synchronize-property-getters-setters

gtoison avatar Jul 26 '22 11:07 gtoison

Thanks for your response. But I can also see other rules from java caught by findbugs plugin in Kotlin code. Below is one more example image

yokum3 avatar Jul 27 '22 07:07 yokum3

Version 4.2.0 introduced support to report issues in Kotlin code. Unless you think that these are false positives it's a feature, not a bug ;)

gtoison avatar Jul 27 '22 10:07 gtoison

I will close this as there does not seem to be further questions, please don't hesitate to create a new issue

gtoison avatar Aug 19 '22 07:08 gtoison