Products
In-IDE
IDE extension that lets you fix coding issues before they exist!
Discover SonarQube for IDE
SaaS
Setup is effortless and analysis is automatic for most languages
Discover SonarQube Cloud
Self-Hosted
Fast, accurate analysis; enterprise scalability
Discover SonarQube Server

Secrets
ABAP
Ansible
Apex
AzureResourceManager
C
C#
C++
CloudFormation
COBOL
CSS
Dart
Docker
Flex
Go
HTML
Java
JavaScript
JCL
Kotlin
Kubernetes
Objective C
PHP
PL/I
PL/SQL
Python
RPG
Ruby
Rust
Scala
Swift
Terraform
Text
TypeScript
T-SQL
VB.NET
VB6
XML

C static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your C code

Tags

Impact

Clean code attribute

"goto" should jump to labels declared later in the same function
Code Smell
Pointer and reference parameters should be "const" if the corresponding object is not modified
Code Smell
"<time.h>" should not be used
Code Smell
"abort", "exit", "getenv" and "system" from <stdlib.h> should not be used
Bug
"atof", "atoi" and "atol" from <stdlib.h> should not be used
Bug
"<stdio.h>" should not be used in production code
Code Smell
"<signal.h>" should not be used
Bug
"offsetof" macro should not be used
Code Smell
"errno" should not be used
Code Smell
Dynamic heap memory allocation should not be used
Bug
"setjmp" and "longjmp" should not be used
Code Smell
Reserved identifiers should not be defined or declared
Code Smell
Lines starting with "#" should contain valid preprocessing directives
Bug
Only standard forms of the "defined" directive should be used
Code Smell
Preprocessor operators "#" and "##" should not be used
Code Smell
There shall be at most one occurrence of the # or ## operators in a single macro definition
Code Smell
Macros used in preprocessor directives should be defined before use
Bug
In the definition of a function-like macro, each instance of a parameter shall be enclosed in parentheses, unless it is used as the operand of # or ##
Code Smell
Function-like macros should not be invoked without all of their arguments
Bug
Function-like macros should not be used
Code Smell
"#undef" should be used with caution
Code Smell
Macros should not be #define'd or #undef'd within a block
Code Smell
"#include" directives should be followed by either <filename> or "filename" sequences
Bug
Non-standard characters should not occur in header file names in "#include" directives
Bug
#include directives in a file should only be preceded by other preprocessor directives or comments
Code Smell
Unions should not be used
Code Smell
Structure and union types should be complete at the end of a translation unit
Code Smell
The address of an automatic object should not be assigned to another object that may persist after the first object has ceased to exist
Bug
Object declarations should contain no more than 2 levels of pointer indirection
Code Smell
Function names should be used either as a call with a parameter list or with the "&" operator
Code Smell
Function exit paths should have appropriate return values
Bug
The number of arguments passed to a function should match the number of parameters
Bug
Functions without parameters should be declared with parameter type "void"
Code Smell
Parameters in a function prototype should be named
Code Smell
Recursion should not be used
Code Smell
Loops should not have more than one "break" or "goto" statement
Code Smell
Functions should not be defined with a variable number of arguments
Code Smell
Evaluation of the operand to the sizeof operator shall not contain side effects
Bug
Switch statement conditions should not have essentially boolean type
Code Smell
Switch labels should not be nested inside non-switch blocks
Code Smell
The right-hand operands of && and || should not contain side effects
Code Smell
"continue" should not be used
Code Smell
"goto" statement should not be used
Code Smell
Non-empty statements should change control flow or have at least one side-effect
Bug
Unused type declarations should be removed
Code Smell
The three expressions of a "for" statement should only be concerned with loop control
Code Smell
Tests of non-Boolean values against zero should be explicit
Code Smell
Increment (++) and decrement (--) operators should not be used in a method call or mixed with other operators in an expression
Code Smell
Comma operator should not be used
Code Smell
Unary minus should not be applied to an unsigned expression
Bug
Bitwise operators should not be applied to signed operands
Bug
"enum" values should not be used as operands to built-in operators other than [ ], =, ==, !=, unary &, and the relational operators <, <=, >, >=
Code Smell
"bool" expressions should not be used as operands to built-in operators other than =, &&, ||, !, ==, !=, unary &, and the conditional operator
Code Smell
Operands of "&&" and "||" should be primary (C) or postfix (C++) expressions
Code Smell
Boolean operations should not have numeric operands, and vice versa
Bug
Limited dependence should be placed on operator precedence
Code Smell
Objects with integer type should not be converted to objects with pointer type
Bug
A cast shall not remove any const or volatile qualification from the type of a pointer or reference
Code Smell
Pointer conversions should be restricted to a safe subset
Bug
Function pointers should not be converted to any other type
Bug
Constants of unsigned type should have a "U" suffix
Code Smell
Results of ~ and << operations on operands of underlying types unsigned char and unsigned short should immediately be cast to the operand's underlying type
Bug
The value of a complex expression should only be cast to a type that is narrower and of the same signedness as the underlying type of the expression
Code Smell
Signed and unsigned types should not be mixed in expressions
Code Smell
"enum" members with implicit values should not collide with other enumerators
Code Smell
Variables should be initialized before use
Bug
Braces should be used to indicate and match the structure in the non-zero initialization of arrays and structures
Code Smell
Array declarations should include an explicit size specification
Code Smell
If a function has internal linkage then all re-declarations shall include the static storage class specifer
Code Smell
Functions should not be declared at block scope
Code Smell
Object and function types should be explicitly stated in their declarations and definitions
Code Smell
Functions should be declared explicitly
Code Smell
Literal suffix "L" for long integers shall be upper case
Code Smell
String literals with different prefixes should not be concatenated
Bug
Bit fields should be declared with appropriate types
Code Smell
typedefs that indicate size and signedness should be used in place of the basic types
Code Smell
Appropriate char types should be used for character and integer values
Code Smell
Identifiers should not be longer than 31 characters
Code Smell
Digraphs should not be used
Code Smell
Trigraphs should not be used
Code Smell
Only escape sequences defined in the ISO C standard should be used
Bug
All uses of the #pragma directive should be documented
Code Smell
Source code should only use /* ... */ style comments
Code Smell
Assembly language should be encapsulated and isolated
Code Smell
The first element of an array should not be accessed implicitly
Code Smell
A single L in a literal suffix should only be used for long values
Code Smell
Macro arguments should not contain preprocessing directives
Bug
Names of well-known C standard library macros and functions should not be used as identifiers
Code Smell
All the elements of an aggregate should be provided with an initial value
Code Smell
Variables should not be accessed outside of their scope
Bug
Hard-coded secrets are security-sensitive
Security Hotspot
"volatile" should not be used to qualify objects for which the meaning is not defined
Bug
"sprintf" should not be used
Security Hotspot
Changing working directories without verifying the success is security-sensitive
Security Hotspot
Multicharacter literals should not be used
Code Smell
Loop variables should be declared in the minimal possible scope
Code Smell
Setting capabilities is security-sensitive
Security Hotspot
Accessing files should not introduce TOCTOU vulnerabilities
Vulnerability
Account validity should be verified when authenticating users with PAM
Vulnerability
Macros should not be used as replacements for "typedef" and "using"
Code Smell
Using "tmpnam", "tmpnam_s" or "tmpnam_r" is security-sensitive
Security Hotspot
Using "strncpy" or "wcsncpy" is security-sensitive
Security Hotspot
Using "strncat" or "wcsncat" is security-sensitive
Security Hotspot
Using "strcat" or "wcscat" is security-sensitive
Security Hotspot
Using "strlen" or "wcslen" is security-sensitive
Security Hotspot
Changing directories improperly when using "chroot" is security-sensitive
Security Hotspot
Using "strcpy" or "wcscpy" is security-sensitive
Security Hotspot
"memset" should not be used to delete sensitive data
Vulnerability
POSIX functions should not be called with arguments that trigger buffer overflows
Vulnerability
Relational and subtraction operators should not be used with pointers to different arrays
Bug
Track comments matching a regular expression
Code Smell
Arguments evaluation order should not be relied on
Bug
Cipher algorithms should be robust
Vulnerability
Encryption algorithms should be used with secure mode and padding scheme
Vulnerability
Functions that are not used in a project should be removed
Code Smell
Server hostnames should be verified during SSL/TLS connections
Vulnerability
"#pragma pack" should be used correctly
Bug
Size of bit fields should not exceed the size of their types
Code Smell
Enums should be consistent with the bit fields they initialize
Bug
"pthread_mutex_t" should be unlocked in the reverse order they were locked
Bug
Only valid arguments should be passed to UNIX/POSIX functions
Code Smell
"pthread_mutex_t" should be properly initialized and destroyed
Bug
"pthread_mutex_t" should not be locked when already locked, or unlocked when already unlocked
Bug
Only valid arguments should be passed to stream functions
Code Smell
Using publicly writable directories is security-sensitive
Security Hotspot
"^" should not be confused with exponentiation
Code Smell
Pointer and reference local variables should be "const" if the corresponding object is not modified
Code Smell
Using clear-text protocols is security-sensitive
Security Hotspot
Blocking functions should not be called inside critical sections
Code Smell
Return value of "setuid" family of functions should always be checked
Code Smell
GNU attributes should be used correctly
Code Smell
Format strings should comply with ISO standards
Code Smell
Size of variable length arrays should be greater than zero
Code Smell
Argument of "printf" should be a format string
Code Smell
"mktemp" family of functions templates should have at least six trailing "X"s
Code Smell
Unevaluated operands should not have side effects
Code Smell
Size argument of memory functions should be consistent
Code Smell
Return value of "nodiscard" functions should not be ignored
Code Smell
Implicit casts should not lower precision
Code Smell
Appropriate size arguments should be passed to "strncat" and "strlcpy"
Code Smell
Functions which do not return should be declared as "noreturn"
Code Smell
User-defined types should not be passed as variadic arguments
Bug
Functions with "noreturn" attribute should not return
Bug
Keywords shall not be used as macros identifiers
Code Smell
Logical operators should not be confused with bitwise operators
Code Smell
Dereferenced null pointers should not be bound to references
Code Smell
"else" statements should be clearly matched with an "if"
Code Smell
Header guards should be followed by a matching "#define" macro
Code Smell
Expanding archive files without controlling resource consumption is security-sensitive
Security Hotspot
"memcmp" should only be called with pointers to trivially copyable types with no padding
Bug
Server certificates should be verified during SSL/TLS connections
Vulnerability
Using weak hashing algorithms is security-sensitive
Security Hotspot
"default" clauses should be first or last
Code Smell
Cryptographic keys should be robust
Vulnerability
Weak SSL/TLS protocols should not be used
Vulnerability
Include directives should not rely on non-portable search strategy
Code Smell
Array values should not be replaced unconditionally
Bug
A conditionally executed single line should be denoted by indentation
Code Smell
Conditionals should start on new lines
Code Smell
Integral operations should not overflow
Bug
"case" ranges should cover multiple values
Code Smell
"case" ranges should not be empty
Bug
All branches in a conditional structure should not have exactly the same implementation
Bug
Parameter values should be appropriate
Bug
"#include" paths should be portable
Code Smell
"#import" should not be used
Code Smell
Cognitive Complexity of functions should not be too high
Code Smell
Macros should not be redefined
Code Smell
"#include_next" should not be used
Code Smell
Array indices should be placed between brackets
Code Smell
String literals should not be concatenated implicitly
Code Smell
GNU extensions should not be used
Code Smell
Declaration specifiers should not be redundant
Bug
Local variables and member data should not be volatile
Code Smell
Types and variables should be declared in separate statements
Code Smell
Stack allocated memory and non-owned memory should not be freed
Bug
Closed resources should not be accessed
Bug
Dynamically allocated memory should be released
Bug
"switch" statements should cover all cases
Code Smell
Freed memory should not be used
Bug
Memory locations should not be released more than once
Bug
Memory access should be explicitly bounded to prevent buffer overflows
Bug
Zero should not be a possible denominator
Bug
Redundant pointer operator sequences should be removed
Code Smell
Empty "case" clauses that fall through to the "default" should be omitted
Code Smell
Format strings should be used correctly
Code Smell
Conditional operators should not be nested
Code Smell
Forward declarations should not be redundant
Code Smell
Label names should comply with a naming convention
Code Smell
"sizeof" should not be called on pointers
Bug
Bit fields should not be used
Code Smell
Unary prefix operators should not be repeated
Bug
Non-existent operators like "=+" should not be used
Bug
XML parsers should not be vulnerable to XXE attacks
Vulnerability
Declarations should not be empty
Code Smell
Values of different "enum" types should not be compared
Bug
Multiline blocks should be enclosed in curly braces
Code Smell
Increment should not be used to set boolean variables to 'true'
Code Smell
The "sizeof" and "alignof" operator should not be used with operands of a "void" type
Bug
"nonnull" parameters and return values of "returns_nonnull" functions should not be null
Bug
Setting loose POSIX file permissions is security-sensitive
Security Hotspot
Conditionally executed code should be reachable
Bug
Control characters should not be used in literals
Code Smell
The "<stdlib.h>" functions "bsearch" and "qsort" should not be used
Bug
Enumeration values should comply with a naming convention
Code Smell
Enumeration names should comply with a naming convention
Code Smell
Octal and hexadecimal escape sequences should be terminated
Code Smell
Flexible array members should not be declared
Code Smell
Line-splicing should not be used in "//" comments
Bug
Printf-style format strings should not lead to unexpected behavior at runtime
Bug
Track parsing failures
Code Smell
Null pointers should not be dereferenced
Bug
User-specified functions should not be called
Code Smell
Using pseudorandom number generators (PRNGs) is security-sensitive
Security Hotspot
Parameters should be passed in the correct order
Code Smell
Single-bit named bit fields should not be of a signed type
Bug
"for" loop counters should not have essentially floating type
Bug
Recursion should not be infinite
Bug
Values should not be uselessly incremented
Bug
Resources should be closed
Bug
Hard-coded passwords are security-sensitive
Security Hotspot
Comment styles "//" and "/* ... */" should not be mixed within a file
Code Smell
Line continuation characters '\' should not be followed by trailing whitespace
Bug
Preprocessor directives should not be indented
Code Smell
Track instances of the "#error" preprocessor directive being reached
Code Smell
"sizeof(sizeof(...))" should not be used
Bug
Non-reentrant POSIX functions should be replaced with their reentrant versions
Code Smell
Obsolete POSIX functions should not be used
Code Smell
"goto" statements should not be used to jump into blocks
Code Smell
Redundant casts should not be used
Code Smell
"union" names should comply with a naming convention
Code Smell
Code annotated as deprecated should not be used
Code Smell
Two branches in a conditional structure should not have exactly the same implementation
Code Smell
Related "if/else if" statements should not have the same condition
Bug
Unused assignments should be removed
Code Smell
"restrict" should not be used
Code Smell
"static" should not be used for the size of an array parameter
Code Smell
"switch" statements should not be nested
Code Smell
Structures should not have too many fields
Code Smell
The ternary operator should not be used
Code Smell
Constants should come first in equality tests
Code Smell
The sign of an unsigned variable should not be tested
Code Smell
Pointers should not be cast to integral types
Bug
Identical expressions should not be used on both sides of a binary operator
Bug
All code should be reachable
Bug
"#pragma warning (default: ...)" should not be used
Code Smell
Pre-defined macros should not be defined, redefined or undefined
Code Smell
Keywords introduced in later specifications should not be used as identifiers
Code Smell
Loops with at most one iteration should be refactored
Bug
Type specifiers should be listed in a standard order
Code Smell
Track "TODO" and "FIXME" comments that do not contain a reference to a person
Code Smell
The prefix increment/decrement form should be used
Code Smell
Multiple variables should not be declared on the same line
Code Smell
Variables should not be self-assigned
Bug
"struct" names should comply with a naming convention
Code Smell
File names should comply with a naming convention
Code Smell
Macro names should comply with a naming convention
Code Smell
Cyclomatic Complexity of functions should not be too high
Code Smell
Unused local variables should be removed
Code Smell
"switch" statements should not have too many "case" clauses
Code Smell
Track lack of copyright and license headers
Code Smell
Comments should not be located at the end of lines of code
Code Smell
Functions/methods should not have too many lines
Code Smell
Control flow statements "if", "for", "while", "switch" and "try" should not be nested too deeply
Code Smell
Octal values should not be used
Code Smell
Using hardcoded IP addresses is security-sensitive
Security Hotspot
"switch" statements should have "default" clauses
Code Smell
"if" statements should be preferred over "switch" when simpler
Code Smell
Track uses of "NOSONAR" comments
Code Smell
Switch cases should end with an unconditional "break" statement
Code Smell
"for" loop stop conditions should be invariant
Code Smell
A "while" loop should be used instead of a "for" loop
Code Smell
"if ... else if" constructs should end with "else" clauses
Code Smell
"typedef" should be used for function pointers
Code Smell
Sections of code should not be commented out
Code Smell
Floating point numbers should not be tested for equality
Bug
break statements should not be used except for switch cases
Code Smell
Function parameters' initial values should not be ignored
Bug
Statements should be on separate lines
Code Smell
"switch" statements should not contain non-case labels
Code Smell
Control structures should use curly braces
Code Smell
Nested code blocks should not be used
Code Smell
Deprecated K&R syntax should not be used for function definition
Code Smell
Methods should not be empty
Code Smell
Unused function parameters should be removed
Code Smell
Local variable and function parameter names should comply with a naming convention
Code Smell
Field names should comply with a naming convention
Code Smell
"switch case" clauses should not have too many lines of code
Code Smell
Unused functions and methods should be removed
Code Smell
Functions should not contain too many return statements
Code Smell
Track uses of "TODO" tags
Code Smell
Track uses of "FIXME" tags
Code Smell
Deprecated code should be removed
Code Smell
Lines should not end with trailing whitespaces
Code Smell
Files should end with a newline
Code Smell
Deprecated attributes should include explanations
Code Smell
Assignments should not be made from within conditions
Code Smell
Variables should not be shadowed
Code Smell
Empty statements should be removed
Code Smell
Redundant pairs of parentheses should be removed
Code Smell
"/*" and "//" should not be used within comments
Code Smell
Magic numbers should not be used
Code Smell
Insecure functions should not be used
Vulnerability
Nested blocks of code should not be left empty
Code Smell
"scanf()" and "fscanf()" format strings should specify a field width for the "%s" string placeholder
Vulnerability
Functions should not have too many parameters
Code Smell
Expressions should not be too complex
Code Smell
Mergeable "if" statements should be combined
Code Smell
Unused labels should be removed
Code Smell
Tabulation characters should not be used
Code Smell
Files should not have too many lines of code
Code Smell
Control should not be transferred into a complex logic block using a "goto" or a "switch" statement
Code Smell
Lines should not be too long
Code Smell
A function should have a single point of exit at the end of the function
Code Smell
Function names should comply with a naming convention
Code Smell

"pthread_mutex_t" should be unlocked in the reverse order they were locked

intentionality - logical

reliability

Bug

symbolic-execution
multi-threading

Why is this an issue?

How can I fix it?

Mutexes are synchronization primitives that allow the managing of concurrency. It is a common situation to have to use multiple mutexes to protect multiple resources with different access patterns.

In such a situation, it is crucial to define an order on the set of all mutexes:

This order should be strictly followed when locking mutexes.
The reverse order should be strictly followed when unlocking mutexes.

Failure to do so can lead to deadlocks. i.e., situations where two or more threads are blocked forever, each holding one mutex and waiting for one held by the other(s).

In C++, an easy way to make sure the unlocks are called in reverse order from the lock is to wrap the lock/unlock operations in an RAII class (since destructors of local variables are called in reverse order of their creation).

If instead of pthread_mutex_t you are using std::mutex, there are other mechanisms that allow you to avoid deadlocks in that case, see S5524.

Available In:

Catch issues on the fly,
in your IDE

Detect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories

Analyze code in your
on-premise CI

Developer Edition
Available Since
9.1

© 2008-2025 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARQUBE, and CLEAN AS YOU CODE are trademarks of SonarSource SA.

Sonar helps developers write Clean Code.
Privacy Policy | Cookie Policy | Terms of Use

In-IDE

SaaS

Self-Hosted