SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 11

changes.mady.by.user Robert Seacord

Saved on

compared with

New Version Current

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The C Standard, subclause 7.2628.5.6 paragraph 2 [ISO/IEC 9899:20112024],  specifically states that a thread shall not be joined once it was previously joined or detached.

The termination of the other thread synchronizes with the completion of the thrd_join function. The thread identified by thr shall not have been previously detached or joined with another thread.

Similarly, subclause 7.2628.5.3 states that a paragraph 2 [ISO/IEC 9899:2024], states that a thread shall not be detached once it was previously joined or detached. 

The thrd_detach function tells the operating system to dispose of any resources allocated to the thread identified by thr when that thread terminates. The thread identified by thr shall not have been previously detached or joined with another thread.

Violating either of these subclauses results in in undefined behavior 211.

Noncompliant Code Example

This noncompliant code example detaches a thread that is later joined.

Code Block
bgColor#ffcccc
langc
#include <stddef.h>
#include <threads.h>
 
int thread_func(void *arg) {
  /* Do work */
  thrd_detach(thrd_current());
  return 0;
}

int main(void) {
  thrd_t t;

  if (thrd_success != thrd_create(&t, thread_func, 0NULL)) {
    /* Handle error */
    return 0;
  }

  if (thrd_success != thrd_join(t, 0)) {
    /* Handle error */
    return 0;
  }

  return 0;
}

Compliant Solution

 This compliant solution does not detach the thread. Its resources are released upon successfully joining with the main thread.:

Code Block
bgColor#ccccff
langc
#include <stddef.h>
#include <threads.h>
  
int thread_func(void *arg) {
  /* Do work */
  return 0;
}

int main(void) {
  thrd_t t;

  if (thrd_success != thrd_create(&t, thread_func, 0NULL)) {
    /* Handle error */
    return 0;
  }

  if (thrd_success != thrd_join(t, 0)) {
    /* Handle error */
    return 0;
  }

  return 0;
} 

Risk Assessment

Joining or detaching a previously joined or detached thread causes is undefined behavior 211.

Rule

Severity

Likelihood

Remediation Cost

Detectable

Repairable

Priority

Level

CON41

CON39-C

Low

Likely

Low

P9

L2

No

No

P3

L3

Automated Detection

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V

Supported, but no explicit checker
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

CONCURRENCY.TNJ

Thread is not Joinable

Cppcheck Premium

Include Page
Cppcheck Premium_V
Cppcheck Premium_V

premium-cert-con39-c
Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C1776
Parasoft C/C++test

Include Page
Parasoft_V
Parasoft_V

CERT_C-CON39-a

Do not join or detach a thread that was previously joined or detached

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C: Rule CON39-CChecks for join or detach of a joined or detached thread (rule fully covered)

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Bibliography

[ISO/IEC 9899:
2011
2024]

Subclause 7.

26

28.5.3, "

The 

The thrd_detach Function"

Subclause 7

Subclause 7.

26

28.5.6, "

The 

The thrd_join Function"

...


...

Image Modified Image Modified Image Modified