C/CPP no warning on concurrent access of global variable/potential race condition

  • What language is this for?
    C/CPP

  • Which rule?
    unknown

  • Why do you believe it’s a false-positive/false-negative?
    Race conditions are common mistakes that lead to crashes and security vulnerabilities.
    Global variables should not be used anyway, but if accessed with threads a warning should be issued.

  • Are you using

    • SonarCloud
  • How can we reproduce the problem? Give us a self-contained snippet of code (formatted text, no screenshots)

https://sonarcloud.io/code?id=Herschdorfer_snyk-test&selected=Herschdorfer_snyk-test%3Arace_condition.cpp

Hi @Herschdorfer, again :slight_smile:

Our analyzer does not detect race conditions, which is a complex problem. Instead, we recommend that developers follow simple rules that prevent or minimize the impact of race conditions—for example, the proper mutex discipline.

Under the umbrella of these rules is S5421: Non-const global variables should not be used, which correctly reports the declaration of sharedVariable. As you can see on the “Why is this an issue?” tab race conditions are among the defects this rule prevents.

We also plan to implement a similar but less strict rule “Global variables should not be modified”, which, once implemented, would report both modifications that cause the race condition in your example. It might, indeed, make sense to highlight the modifications that are known to run in a concurrent context. I’ve recorded your interest in the ticket.

P.S. Thank you for reporting the false negatives; it is a valuable input we use to steer our development.

1 Like

Hi necto (sorry cant mention you directly, forbidden for me),

thanks for your reply and taking the report serious. :slight_smile:

You’re right the Rule S5421 might be actually enough for this case.

I just want to emphasize that I don’t want to criticize, but rather document.

Cheers

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.