trailofbits.jvm.gc-call.gc-call

profile photo of trailofbitstrailofbits
Author
unknown
Download Count*
CC BY-NC-SA 4.0
License

Calling gc suggests to the JVM that the garbage collector should be run, and memory should be reclaimed. This is only a suggestion, and there is no guarantee that anything will happen. Relying on this behavior for correctness or memory management is an anti-pattern.

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit RuleView Source
Open in Playground 
rules:
  - id: gc-call
    message: |
      Calling `gc` suggests to the JVM that the garbage collector should be
      run, and memory should be reclaimed. This is only a suggestion, and there
      is no guarantee that anything will happen. Relying on this behavior for
      correctness or memory management is an anti-pattern.
    languages:
      - java
      - kotlin
    severity: WARNING
    metadata:
      category: best-practice
      subcategory:
        - audit
      technology:
        - java
        - kotlin
      confidence: HIGH
      likelihood: HIGH
      impact: LOW
      references:
        - https://stackoverflow.com/questions/2414105/why-is-it-bad-practice-to-call-system-gc
      license: AGPL-3.0 license
    pattern-either:
      - pattern: System.gc()
      - pattern: Runtime.getRuntime().gc()

Examples

gc-call.java

class Test {
    public static void main(String[] args) {
        // ruleid: gc-call
        System.gc();
    }
}

gc-call.kt

fun main() {
    // ruleid: gc-call
    System.gc()
}