CONC.SLEEP
Call to blocking function in critical section
The CONC.SLEEP checker finds instances of blocking functions in critical sections of code.
Vulnerability and risk
Until the blocking function is executed, locks aren't released and other threads may be blocked. These situations can result in unexpected behavior, so it's best to avoid calling blocking functions.
Vulnerable code example
Copy
#include <pthread.h>
void foo(pthread_mutex_t *mutex) {
pthread_mutex_lock(mutex);
sleep(30000);
pthread_mutex_unlock(mutex);
}
Klocwork flags line 5 to indicate that the call to blocking function sleep occurs when the mutex was locked at line 4.
Related checkers
External guidance
Security training
Application security training materials provided by Secure Code Warrior.
Extension
This checker can be extended. The related knowledge base record kinds are:
See Tuning C/C++ analysis for more information.