Page History

...

Deadlock prevents multiple threads from progressing, halting program execution. A denial-of-service attack is possible if the attacker can create the conditions for deadlock.

Rule	Severity	Likelihood

Remediation Cost

Detectable	Repairable	Priority	Level
CON35-C	Low	Probable	No

Medium

No

P4

P2

L3

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Automated Detection

Tool

Version

Checker

Description

Astrée

Include Page

	Astrée_V
	Astrée_V

deadlock

Supported by sound analysis (deadlock alarm)

CodeSonar

Include Page

	CodeSonar_V
	CodeSonar_V

CONCURRENCY.LOCK.ORDER

Conflicting lock order

Coverity

Include Page

	Coverity_V
	Coverity

6.5DEADLOCKFully implemented

...

_V

ORDER_REVERSAL

Fully implemented

Cppcheck Premium

Include Page

	Cppcheck Premium_V
	Cppcheck Premium_V

premium-cert-con35-c

Helix QAC

Include Page

	Helix QAC_V
	Helix QAC_V

C1772, C1773

Klocwork

Include Page

	Klocwork_V
	Klocwork_V

CONC.DL
CONC.NO_UNLOCK

Parasoft C/C++test

Include Page

	Parasoft_V
	Parasoft_V

CERT_C-CON35-a

Do not acquire locks in different order

PC-lint Plus

Include Page

	PC-lint Plus_V
	PC-lint Plus_V

2462

Fully supported

Polyspace Bug Finder

Include Page

	Polyspace Bug Finder_V
	Polyspace Bug Finder_V

CERT C: Rule CON35-C

Checks for deadlock (rule partially covered)

Related Guidelines

Key here (explains table format and definitions)

Taxonomy	Taxonomy item	Relationship
CERT Oracle Secure Coding Standard for Java	LCK07-J. Avoid deadlock by requesting and releasing locks in the same order

MITRE CWE CWE-764, Multiple Locks of a Critical Resource

Prior to 2018-01-12: CERT: Unspecified Relationship

...

Image Modified Image Modified Image Modified

Space shortcuts

Page tree

Versions Compared

Old Version 82

New Version Current

Key

Related Vulnerabilities

Automated Detection

Related Guidelines