...
Deadlock prevents multiple threads from progressing, halting program execution. A denial-of-service attack is possible if the attacker can create the conditions for deadlock.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
CON35-C | Low | Probable | Medium | P4 | L3 |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Automated Detection
| Tool | Version | Checker | Description | ||||
|---|---|---|---|---|---|---|---|
| Astrée |
|
| deadlock | Supported |
| by sound analysis (deadlock alarm) | |||||||||
| CodeSonar |
| CONCURRENCY.LOCK.ORDER | Conflicting lock order | ||||||
| Coverity |
| ORDER_REVERSAL | Fully implemented | ||||||
| Cppcheck Premium |
| premium-cert-con35-c | Partially implemented | ||||||
| Helix QAC |
| C1772, C1773 | |||||||
| Klocwork |
| CONC.DL |
CONC.NO_UNLOCK | ||
| Parasoft C/C++test |
|
|
|
| CERT_C-CON35-a | Do not acquire locks in different order | ||||||||
| PC-lint Plus |
| 2462 | Fully supported |
| Polyspace Bug Finder |
| CERT C: Rule CON35-C | Checks for deadlock (rule partially covered) |
Related Guidelines
Key here (explains table format and definitions)
Taxonomy | Taxonomy item | Relationship |
|---|---|---|
| CERT Oracle Secure Coding Standard for Java | LCK07-J. Avoid deadlock by requesting and releasing locks in the same order | Prior to 2018-01-12: CERT: Unspecified Relationship |
...