Mutexes are often used for critical resources to prevent multiple threads accessing them at the same time. Sometimes, when locking mutexes, deadlock will happen when multiple threads hold each other's lock and the program come to a halt. There are four requirements for deadlock:
- Mutual Exclusion
- Hold and Wait
- No Preemption
- Circular Wait
Each deadlock requires all four. Therefore, to prevent deadlock one just need to avoid one of the four. The advice of this guideline is to require To prevent deadlock, one can try to avoid circular wait by locking the mutexes in a predefined order to prevent circular wait.
Noncompliant Code Example
...
Deadlock causes multiple threads to not be able to progress and thus halt the executing program. This is a potential denial-of-service attack when the attacker can force deadlock situations. It's probable that deadlock will occur in multi-thread programs that manage multiple resources. Some automation for detecting deadlock can be implemented in which the detector can try different inputs and wait for a timeout. The fixes can be done automatically using some graph algorithm like Dijkstra, but most like be manualmanually.
Recommendation | Severity | Likelihood | Remediation Cost | Level | Priority |
|---|---|---|---|---|---|
POS43-C | low | probable | medium | L3 | P3 |
...