...
Deadlock prevents multiple threads from progressing, thus halting the executing program. A denial-of-service attack is possible because the attacker can force deadlock situations. Deadlock is likely to occur in multithreaded programs that manage multiple shared resources.
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
POS51-C | Low | Probable | Medium | P4 | L3 |
Automated Detection
| Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| CodeSonar |
| CONCURRENCY.LOCK.ORDER | Conflicting lock order | ||||||
| Klocwork |
| CONC.DL |
| Parasoft C/C++test |
| BD-TRS-ORDER | Implemented | ||||||
| Polyspace Bug Finder | R2016a | Deadlock | Call sequence to lock functions cause two tasks to block each other |
Related Guidelines
Key here (explains table format and definitions)
Taxonomy | Taxonomy item | Relationship |
|---|---|---|
| CERT C | LCK07-J. Avoid deadlock by requesting and releasing locks in the same order | Prior to 2018-01-12: CERT: Unspecified Relationship |
CERT-CWE Mapping Notes
Key here for mapping notes
...
CWE-764 is about semaphores, or objects capable of being locked multiple times. Deadlock arises from multiple locks being acquired in a cyclic order, and generally does not arise from semaphores or recursive mutexes.
Bibliography
| [Barney 2010] | pthread_mutex tutorial |
| [Bryant 2003] | Chapter 13, "Concurrent Programming" |
...
...