The C Standard, section subclause 5.1.2.3, paragraph 2 [ISO/IEC 9899:2011], says,
Accessing a volatile object, modifying an object, modifying a file, or calling a function that does any of those operations are all side effects, which are changes in the state of the execution environment. Evaluation of an expression in general includes both value computations and initiation of side effects. Value computation for an lvalue expression includes determining the identity of the designated object.
...
This compliant solution uses a Microsoft Windows critical section object to make operations involving account_balance atomic . [MSDN].
| Code Block | ||||
|---|---|---|---|---|
| ||||
#include <Windows.h>
static volatile LONG account_balance;
CRITICAL_SECTION flag;
/* Initialize flag */
InitializeCriticalSection(&flag);
int debit(unsigned int amount) {
EnterCriticalSection(&flag);
account_balance -= amount; /* Inside critical section */
LeaveCriticalSection(&flag);
return 0;
}
|
Risk Assessment
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
CON02-C | Medium | Probable | Medium | P8 | L2 |
Automated Detection
| Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Parasoft C/C++test |
| CERT_C-CON02-a | Do not use the volatile keyword |
Related Guidelines
Key here (explains table format and definitions)
Taxonomy | Taxonomy item | Relationship |
|---|---|---|
| CERT C |
| CON01-CPP. Do not use volatile as a synchronization primitive | Prior to 2018-01-12: CERT: Unspecified Relationship |
Bibliography
| [IEEE Std 1003.1:2013] | Section 4.11, "Memory Synchronization" |
| [ISO/IEC 9899:2011] |
| Subclause 5.1.2.3, "Program Execution" |
| [ |
...
| MSDN] |
...