...
Deadlock prevents multiple threads from progressing, halting program execution. A denial-of-service attack is possible if the attacker can create the conditions for deadlock.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
---|---|---|---|---|---|
CON35-C | Low | Probable | Medium | P4 | L3 |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Automated Detection
Tool | Version | Checker | Description | ||||||
---|---|---|---|---|---|---|---|---|---|
Astrée |
| deadlock | Supported by sound analysis (deadlock alarm) | ||||||
CodeSonar |
| CONCURRENCY.LOCK.ORDER | Conflicting lock order | ||||||
Coverity |
| ORDER_REVERSAL | Fully implemented | |||||||
Cppcheck Premium |
| premium-cert-con35-c | Partially implemented | ||||||
Helix QAC |
| C1772, C1773 | |||||||
Klocwork |
| CONC.DL |
CONC.NO_UNLOCK | |
Parasoft C/C++test |
| CERT_C-CON35-a | Do not acquire locks in different order | |||||||
PC-lint Plus |
| 2462 | Fully supported | ||||||
Polyspace Bug Finder |
|
|
Call sequence to lock functions cause two tasks to block each other
...
| CERT C: Rule CON35-C | Checks for deadlock (rule partially covered) |
Related Guidelines
Key here (explains table format and definitions)
Taxonomy | Taxonomy item | Relationship |
---|---|---|
CERT Oracle Secure Coding Standard for Java | LCK07-J. Avoid deadlock by requesting and releasing locks in the same order |
Prior to 2018-01-12: CERT: Unspecified Relationship |
...