Sin 16: Race Conditions

Overview of the Sin

The definition of a race condition is when two different execution contexts, whether they are threads or processes, are able to change a resource and interfere with one another. The typical flaw is to think that a short sequence of instructions or system calls will execute atomically, and that theres no way another thread or process can interfere. Even when theyre presented with clear evidence that such a bug exists, many developers underestimate its severity. In reality, most system calls end up executing many thousands (sometimes millions) of instructions, and often they wont complete before another process or thread gets a time slice.

Although we cant go into detail here, a simple race condition in a multithreaded ping sweeper once completely disabled an Internet service provider for most of a day. An improperly guarded common resource caused the app to repeatedly ping a single IP address at a very high rate. One benefit of being aware of race conditions is that they are most easily found on the highest speed processors available, preferably dual-processor systemsthis gives you a strong argument that management ought to buy all the developers really fast, dual-proc systems!



19 Deadly Sins of Software Security. Programming Flaws and How to Fix Them
Writing Secure Code
ISBN: 71626751
EAN: 2147483647
Year: 2003
Pages: 239

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net