Page History

...

Blocking calls include, but are not limited to: network, file, and console I/O. This rule is a specific instance of CON36CON05-C. Do not perform operations that can block while holding a lock using POSIX threads.

Noncompliant Code Example

...

This compliant solution performs the recv() call with the parameter oMSG_nonblockDONTWAIT, which causes the call to fail if no messages are available on the socket:

Code Block

bgColor	#ccccff
lang	c

void thread_foo(void *ptr) {
  uint32_t num;
  int result;

  /* sock is a connected TCP socket */

  if ((result = recv(sock, (void *)&num, sizeof(uint32_t), OMSG_NONBLOCKDONTWAIT)) < 0) {
    /* Handle Error */
  }

  if ((result = pthread_mutex_lock(&mutex)) != 0) {
    /* Handle Error */
  }

  /* ... */

  if ((result = pthread_mutex_unlock(&mutex)) != 0) {
    /* Handle Error */
  }
}

Exceptions

POS52-C-EX1: A thread may block while holding one or more locks and waiting to acquire another lock. When acquiring multiple locks, the order of locking must avoid deadlock, as specified in CON35-C. Avoid deadlock by locking in a predefined order.

...

Blocking or lengthy operations performed within synchronized regions could result in a deadlocked or an unresponsive system.

Rule	Severity	Likelihood

Remediation Cost

Detectable	Repairable	Priority	Level
POS52-C	Low	Probable

High

No

P2

L3

Automated Detection

Tool

Version

Checker

Description

Astrée

Include Page

	Astrée_V
	Astrée_V

deadlock

Fully checked

CodeSonar

Include Page

	CodeSonar_V
	CodeSonar_V

CONCURRENCY.STARVE.BLOCKING

Blocking in Critical Section

Helix QAC

Include Page

	Helix QAC_V
	Helix QAC_V

DF4966, DF4967

Klocwork

Include Page

	Klocwork_V
	Klocwork_V

CONC.SLEEP

Parasoft C/C++test

9.5BD-TRS-TSHL

Related Guidelines

Include Page

	Parasoft_V
	Parasoft_V

CERT_C-POS52-a

Do not use blocking functions while holding a lock

Polyspace Bug Finder

Include Page

	Polyspace Bug Finder_V
	Polyspace Bug Finder_V

CERT C: Rule POS52-C

Checks for blocking operation while holding lock (rule fully covered)

Security Reviewer - Static Reviewer

Include Page

	Security Reviewer - Static Reviewer_V
	Security Reviewer - Static Reviewer_V

RTOS_20

Fully implemented

Related Guidelines

Key here (explains table format and definitions)

Taxonomy	Taxonomy item	Relationship
CERT C

SEI CERT Oracle Coding Standard for Java

	LCK09-J. Do not perform operations that can block while holding a lock	Prior to 2018-01-12: CERT: Unspecified Relationship
CWE 2.11	CWE-557	2017-07-10: CERT: Rule subset of CWE

CERT-CWE Mapping Notes

Key here for mapping notes

CWE-557 and POS52-C

CWE-557 = Union( POS52-C, list) where list =

Concurrency issues besides blocking while holding a POSIX lock

Bibliography

[Barney 2010]	POSIX Threads Programming
[Open Group]	pthread_cancel() recv()

...

Image Modified Image Modified Image Modified

Space shortcuts

Page tree

Versions Compared

Old Version 12

New Version Current

Key

Noncompliant Code Example

Exceptions

Automated Detection

Related Guidelines

Related Guidelines

CERT-CWE Mapping Notes

CWE-557 and POS52-C

Bibliography