C#: Update change notes. Decrease the priority of this query because the `volatile` keyword is no longer needed on modern .Net runtimes.

2019-01-21 18:06:16 +00:00 · 2019-01-21 18:06:16 +00:00 · b473d2f7a8
--- a/change-notes/1.20/analysis-csharp.md
+++ b/change-notes/1.20/analysis-csharp.md
@ -18,7 +18,8 @@
 | Use of default ToString() (cs/call-to-object-tostring) | Fewer false positives | Results have been removed for `char` arrays passed to `StringBuilder.Append()`, which were incorrectly marked as using `ToString`. |
 | Use of default ToString() (cs/call-to-object-tostring) | Fewer results | Results have been removed when the object is an interface or an abstract class. |
 | Unused format argument (cs/format-argument-unused) | Fewer false positives | Results have been removed where the format string is empty. This is often used as a default value and is not an interesting result. |
- 
+| Double-checked lock is not thread-safe (cs/unsafe-double-checked-lock) | Fewer false positives, more true positives | Results have been removed where the underlying field was not updated in the `lock` statement, or where the field is a `struct`. Results have been added where there are other statements inside the `lock` statement. |
+
 ## Changes to code extraction

 * Fix extraction of `for` statements where the condition declares new variables using `is`.
--- a/csharp/ql/src/Concurrency/UnsafeLazyInitialization.qhelp
+++ b/csharp/ql/src/Concurrency/UnsafeLazyInitialization.qhelp
@ -1,8 +1,8 @@
 <!DOCTYPE qhelp SYSTEM "qhelp.dtd">
 <qhelp>
 <overview>
-<p>Double-checked locking requires that the underlying field is <code>volatile</code>, 
-otherwise the program can behave incorrectly when running in multiple threads, 
+<p>Double-checked locking requires that the underlying field is <code>volatile</code>,
+otherwise the program can behave incorrectly when running in multiple threads,
 for example by computing the field twice.
 </p>
 </overview>
@ -16,6 +16,7 @@ for example by computing the field twice.
 <li>Make the field volatile using the <code>volatile</code> keyword.</li>
 <li>Use the <code>System.Lazy</code> class, which is guaranteed to be thread-safe. 
 This can often lead to more elegant code.</li>
+<li>Use <code>System.Threading.LazyInitializer</code>.
 </ol>

 </recommendation>
@ -51,19 +52,26 @@ automatically thread-safe (Recommendation 3):</p>
 </example>

 <references>
-
-	<li>
-		MSDN: <a href="https://msdn.microsoft.com/en-us/library/ff650316.aspx">Implementing Singleton in C#</a>.
-	</li>
-	<li>
-		MSDN Magazine: <a href="https://msdn.microsoft.com/magazine/jj863136">The C# Memory Model in Theory and Practice</a>.
-	</li>
-	<li>
-		MSDN, C# Reference: <a href="https://msdn.microsoft.com/en-us/library/x13ttww7.aspx">volatile</a>.
-	</li>
-	<li>
-		Wikipedia: <a href="https://en.wikipedia.org/wiki/Double-checked_locking">Double-checked locking</a>.
-	</li>
-	
+  <li>
+    MSDN: <a href=https://docs.microsoft.com/en-us/dotnet/api/system.lazy-1">Lazy<T> Class</T></a>.
+  </li>
+  <li>
+    MSDN: <a href="https://docs.microsoft.com/en-us/dotnet/api/system.threading.lazyinitializer.ensureinitialized">LazyInitializer.EnsureInitialized Method</a>.
+  </li>
+  <li>
+    MSDN: <a href="https://docs.microsoft.com/en-us/dotnet/api/system.threading.lazyinitializer.ensureinitialized">LazyInitializer.EnsureInitialized Method</a>.
+  </li>
+  <li>
+    MSDN: <a href="https://msdn.microsoft.com/en-us/library/ff650316.aspx">Implementing Singleton in C#</a>.
+  </li>
+  <li>
+    MSDN Magazine: <a href="https://msdn.microsoft.com/magazine/jj863136">The C# Memory Model in Theory and Practice</a>.
+  </li>
+  <li>
+    MSDN, C# Reference: <a href="https://msdn.microsoft.com/en-us/library/x13ttww7.aspx">volatile</a>.
+  </li>
+  <li>
+    Wikipedia: <a href="https://en.wikipedia.org/wiki/Double-checked_locking">Double-checked locking</a>.
+  </li>
 </references>
 </qhelp>
--- a/csharp/ql/src/Concurrency/UnsafeLazyInitialization.ql
+++ b/csharp/ql/src/Concurrency/UnsafeLazyInitialization.ql
@ -1,10 +1,10 @@
 /**
 * @name Double-checked lock is not thread-safe
- * @description A repeated check on a non-volatile field is not thread-safe, and
- *              could result in unexpected behavior.
+ * @description A repeated check on a non-volatile field is not thread-safe on some platforms,
+ *              and could result in unexpected behavior.
 * @kind problem
- * @problem.severity error
- * @precision high
+ * @problem.severity recommendation
+ * @precision medium
 * @id cs/unsafe-double-checked-lock
 * @tags correctness
 *       concurrency