CONCURRENCY.DU : Double Unlock

JavaScript is not currently enabled, but is required for full CodeSonar manual search and browse functionality.

If you are viewing this file in your hub's Web GUI, enable JavaScript in your browser: you will also need it for GUI functionality.

If you opened this file directly from disk, your browser may be directly suppressing JavaScript functionality: certain browsers perform this suppression on local files (but not files delivered by web servers) for security reasons.

If you access the manual through the hub's Web GUI, the functionality will not be suppressed because the hub is a web server.
Alternatively, your browser may allow you to explicitly disable the security setting that suppresses functionality. See the CodeSonar FAQ for more information.

A mutex has been unlocked twice but there is no intervening lock, or is unlocked having never been locked.

For broader checking for double-unlocking phenomena, enable warning class Missing Lock Acquisition.

Class Name

Double Unlock

Significance

reliability

Mnemonic

CONCURRENCY.DU

Categories

MisraC2023	MisraC2023:D.4.1	Run-time failures shall be minimized
Misra2012	Misra2012:D.4.1	Run-time failures shall be minimized
CWE	CWE:765	Multiple Unlocks of a Critical Resource
	CWE:832	Unlock of a Resource that is not Locked
CERT-C	CERT-C:POS48-C	Do not unlock or destroy another POSIX thread's mutex

Availability

Available for C and C++.

Enabling

Checks for this warning class are enabled by default. To disable them, add the following WARNING_FILTER rule to the project configuration file.

WARNING_FILTER += discard class="Double Unlock"

A warning is triggered if a lock release function is called to acquire a mutex that is not currently locked: either it has never been locked or it has previously been unlocked without an intervening lock.

For the purpose of this check:

The following functions are treated as acquiring a lock.

Any function treated as a lock acquisition function by CodeSonar:
- any library function that is recognized as a lock acquisition function because CodeSonar ships with a library model that identifies it as such, and
- any function for which you have added a library model identifying it as a lock acquisition function.

The following functions are treated as releasing a lock.

Any function treated as a lock release function by CodeSonar:
- any library function that is recognized as a lock release function because CodeSonar ships with a library model that identifies it as such, and
- any function for which you have added a library model identifying it as a lock release function.

#include <pthread.h>

void du_1(pthread_mutex_t lock){
  pthread_mutex_lock(&lock);
  pthread_mutex_unlock(&lock);
  pthread_mutex_unlock(&lock);   /* 'Double Unlock' warning issued here */
}

void du_2(pthread_mutex_t lock){
  pthread_mutex_unlock(&lock);
  pthread_mutex_lock(&lock);
  pthread_mutex_unlock(&lock);   /* 'Double Unlock' warning issued here
                                  *  - the second call to pthread_mutex_lock()
                                  *    may have failed to acquire the lock.
                                  */
}

int no_du(pthread_mutex_t lock){
  if (!pthread_mutex_unlock(&lock)){return -1;}
  if (!pthread_mutex_lock(&lock)){return -1;}
  return pthread_mutex_unlock(&lock);                          /* ok: if control reaches this line,
                                                                * the call to pthread_mutex_lock() must have succeeded
                                                                */
}

Attempting to unlock an already-unlocked mutex can lead to undefined behavior.

The following configuration file parameters affect checks for this warning class.

CONCURRENCY.DU : Double Unlock

Summary

Properties

Triggering Functions

Example

Notes

Relevant Configuration File Parameters