Locking (LCK)
Rules
- LCK00-J. Use private final lock objects to synchronize classes that may interact with untrusted code
- LCK01-J. Do not synchronize on objects that may be reused
- LCK02-J. Do not synchronize on the class object returned by getClass()
- LCK03-J. Do not synchronize on the intrinsic locks of high-level concurrency objects
- LCK04-J. Do not synchronize on a collection view if the backing collection is accessible
- LCK05-J. Synchronize access to static fields that can be modified by untrusted code
- LCK06-J. Do not use an instance lock to protect shared static data
- LCK07-J. Avoid deadlock by requesting and releasing locks in the same order
- LCK08-J. Ensure actively held locks are released on exceptional conditions
- LCK09-J. Do not perform operations that can block while holding a lock
- LCK10-J. Use a correct form of the double-checked locking idiom
- LCK11-J. Avoid client-side locking when using classes that do not commit to their locking strategy
Risk Assessment Summary
| Rule | Severity | Likelihood | Detectable | Repairable | Priority | Level |
|---|---|---|---|---|---|---|
| LCK00-J | Low | Probable | No | No | P2 | L3 |
| LCK01-J | Medium | Probable | Yes | No | P8 | L2 |
| LCK02-J | Medium | Probable | Yes | No | P8 | L2 |
| LCK03-J | Medium | Probable | Yes | No | P8 | L2 |
| LCK04-J | Low | Probable | Yes | No | P4 | L3 |
| LCK05-J | Low | Probable | No | No | P2 | L3 |
| LCK06-J | Medium | Probable | Yes | No | P8 | L2 |
| LCK07-J | Low | Likely | No | No | P3 | L3 |
| LCK08-J | Low | Likely | Yes | Yes | P9 | L2 |
| LCK09-J | Low | Probable | No | No | P2 | L3 |
| LCK10-J | Low | Probable | Yes | No | P4 | L3 |
| LCK11-J | Low | Probable | No | No | P2 | L3 |
Attachments:
cache.jpg (image/jpeg) happens-before.jpg (image/jpeg) can_reorder.jpg (image/jpeg)