'J2EE Bad Practices: Threads [Fortify Issue]
I made a Fortify scan on this project and it gives me an issue on a Thread.sleep() statement.
This is the method, there is a comment in correspondence of the issue:
public static void main(String[] args) {
Log.printLine("Starting CloudSimExample7...");
try {
// First step: Initialize the CloudSim package. It should be called
// before creating any entities.
int numUser = 2; // number of grid users
Calendar calendar = Calendar.getInstance();
boolean traceFlag = false; // mean trace events
// Initialize the CloudSim library
CloudSim.init(numUser, calendar, traceFlag);
// Second step: Create Datacenters
//Datacenters are the resource providers in CloudSim. We need at list one of them to run a CloudSim simulation
@SuppressWarnings("unused")
Datacenter datacenter0 = createDatacenter("Datacenter_0");
@SuppressWarnings("unused")
Datacenter datacenter1 = createDatacenter("Datacenter_1");
//Third step: Create Broker
DatacenterBroker broker = createBroker("Broker_0");
assert broker != null;
int brokerId = broker.getId();
//Fourth step: Create VMs and Cloudlets and send them to broker
List<Vm> vmlist2 = createVM(brokerId, 5, 0); //creating 5 vms
List<Cloudlet> cloudletList = createCloudlet(brokerId, 10, 0); // creating 10 cloudlets
broker.submitVmList(vmlist2);
broker.submitCloudletList(cloudletList);
// A thread that will create a new broker at 200 clock time
Runnable monitor = new Runnable() {
@Override
public void run() {
CloudSim.pauseSimulation(200);
while (true) {
if (CloudSim.isPaused()) {
break;
}
try {
Thread.sleep(100);
} catch (InterruptedException e) {
//e.printStackTrace();
Thread.currentThread().interrupt();
}
}
Log.printLine("\n\n\n" + CloudSim.clock() + ": The simulation is paused for 5 sec \n\n");
try {
// ----------- This is the issue -----------
Thread.sleep(5000);
} catch (InterruptedException e) {
//e.printStackTrace();
Thread.currentThread().interrupt();
}
DatacenterBroker broker = createBroker("Broker_1");
assert broker != null;
int brokerId = broker.getId();
//Create VMs and Cloudlets and send them to broker
List<Vm> vmlist3 = createVM(brokerId, 5, 100); //creating 5 vms
List<Cloudlet> cloudletList3 = createCloudlet(brokerId, 10, 100); // creating 10 cloudlets
broker.submitVmList(vmlist3);
broker.submitCloudletList(cloudletList3);
CloudSim.resumeSimulation();
}
};
new Thread(monitor).start();
Thread.sleep(1000);
// Fifth step: Starts the simulation
CloudSim.startSimulation();
// Final step: Print results when simulation is over
List<Cloudlet> newList = broker.getCloudletReceivedList();
CloudSim.stopSimulation();
printCloudletList(newList);
Log.printLine("CloudSimExample7 finished!");
}
catch (Exception e)
{
e.printStackTrace();
Log.printLine("The simulation has been terminated due to an unexpected error");
Thread.currentThread().interrupt();
}
}public static void main(String[] args) {
Log.printLine("Starting CloudSimExample7...");
try {
// First step: Initialize the CloudSim package. It should be called
// before creating any entities.
int numUser = 2; // number of grid users
Calendar calendar = Calendar.getInstance();
boolean traceFlag = false; // mean trace events
// Initialize the CloudSim library
CloudSim.init(numUser, calendar, traceFlag);
// Second step: Create Datacenters
//Datacenters are the resource providers in CloudSim. We need at list one of them to run a CloudSim simulation
@SuppressWarnings("unused")
Datacenter datacenter0 = createDatacenter("Datacenter_0");
@SuppressWarnings("unused")
Datacenter datacenter1 = createDatacenter("Datacenter_1");
//Third step: Create Broker
DatacenterBroker broker = createBroker("Broker_0");
assert broker != null;
int brokerId = broker.getId();
//Fourth step: Create VMs and Cloudlets and send them to broker
List<Vm> vmlist2 = createVM(brokerId, 5, 0); //creating 5 vms
List<Cloudlet> cloudletList = createCloudlet(brokerId, 10, 0); // creating 10 cloudlets
broker.submitVmList(vmlist2);
broker.submitCloudletList(cloudletList);
// A thread that will create a new broker at 200 clock time
Runnable monitor = new Runnable() {
@Override
public void run() {
CloudSim.pauseSimulation(200);
while (true) {
if (CloudSim.isPaused()) {
break;
}
try {
Thread.sleep(100);
} catch (InterruptedException e) {
//e.printStackTrace();
Thread.currentThread().interrupt();
}
}
Log.printLine("\n\n\n" + CloudSim.clock() + ": The simulation is paused for 5 sec \n\n");
try {
Thread.sleep(5000);
} catch (InterruptedException e) {
//e.printStackTrace();
Thread.currentThread().interrupt();
}
DatacenterBroker broker = createBroker("Broker_1");
assert broker != null;
int brokerId = broker.getId();
//Create VMs and Cloudlets and send them to broker
List<Vm> vmlist3 = createVM(brokerId, 5, 100); //creating 5 vms
List<Cloudlet> cloudletList3 = createCloudlet(brokerId, 10, 100); // creating 10 cloudlets
broker.submitVmList(vmlist3);
broker.submitCloudletList(cloudletList3);
CloudSim.resumeSimulation();
}
};
new Thread(monitor).start();
Thread.sleep(1000);
// Fifth step: Starts the simulation
CloudSim.startSimulation();
// Final step: Print results when simulation is over
List<Cloudlet> newList = broker.getCloudletReceivedList();
CloudSim.stopSimulation();
printCloudletList(newList);
Log.printLine("CloudSimExample7 finished!");
}
catch (Exception e)
{
e.printStackTrace();
Log.printLine("The simulation has been terminated due to an unexpected error");
Thread.currentThread().interrupt();
}
}
The recommendations from Fortify:
Avoid managing threads directly from within the web application. Instead use standards such as message driven beans and the EJB timer service that are provided by the application container.
Is there a quick way to fix it?
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|