Consider the following Java code Race Conditions public class Shared { private int data; public Shared() { data = 0; } public void setData(int r) { data.

Slides:



Advertisements
Similar presentations
wwwcsif.cs.ucdavis.edu/~jacksoni
Advertisements

Operating Systems: Monitors 1 Monitors (C.A.R. Hoare) higher level construct than semaphores a package of grouped procedures, variables and data i.e. object.
5.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Chapter 5: CPU Scheduling.
1 Lecture 18 Further Threading Overview  Case Study: Cooperating Threads  Producer/ Consumer model threads  Waiting for Synchronized Data  Busy Waiting.
Monitors Chapter 7. The semaphore is a low-level primitive because it is unstructured. If we were to build a large system using semaphores alone, the.
Multi-core Programming Thread Checker. 2 Topics What is Intel® Thread Checker? Detecting race conditions Thread Checker as threading assistant Some other.
Object-Oriented Software Engineering Concurrent Programming.
Synchronization in Java Nelson Padua-Perez Bill Pugh Department of Computer Science University of Maryland, College Park.
Synchronization in Java Fawzi Emad Chau-Wen Tseng Department of Computer Science University of Maryland, College Park.
Threads A thread is a program unit that is executed independently of other parts of the program A thread is a program unit that is executed independently.
Definitions Process – An executing program
Race Conditions CS550 Operating Systems. Review So far, we have discussed Processes and Threads and talked about multithreading and MPI processes by example.
Concurrency - 1 Tasking Concurrent Programming Declaration, creation, activation, termination Synchronization and communication Time and delays conditional.
1 Threads Chapter 4 Reading: 4.1,4.4, Process Characteristics l Unit of resource ownership - process is allocated: n a virtual address space to.
A Bridge to Your First Computer Science Course Prof. H.E. Dunsmore Concurrent Programming Threads Synchronization.
Lecture 4 : JAVA Thread Programming
Locks CSCI 201L Jeffrey Miller, Ph.D. HTTP :// WWW - SCF. USC. EDU /~ CSCI 201 USC CSCI 201L.
 Traditionally, a process in an operating system consists of an execution environment and a single thread of execution (single activity).  However,
Consider the following Java code Race Conditions public class Shared { private int data; public Shared() { data = 0; } public void setData(int r) { data.
Threads in Java. History  Process is a program in execution  Has stack/heap memory  Has a program counter  Multiuser operating systems since the sixties.
MultiThreaded Applications. What is Multithreaded Programming? Having your software appear to perform multiple tasks in parallel –Individual paths of.
Lecture 5 : JAVA Thread Programming Courtesy : MIT Prof. Amarasinghe and Dr. Rabbah’s course note.
Quick overview of threads in Java Babak Esfandiari (extracted from Qusay Mahmoud’s slides)
Concurrent Programming in Java Dr. Zoltan Papp. Motivation: event driven, responsive systems Sequential approach: while ( true ) { do event = getEventId()
© Janice Regan, CMPT 300, May CMPT 300 Introduction to Operating Systems Introduction to Concurrency.
COMP 111 Threads and concurrency Sept 28, Tufts University Computer Science2 Who is this guy? I am not Prof. Couch Obvious? Sam Guyer New assistant.
Operating Systems ECE344 Ashvin Goel ECE University of Toronto Mutual Exclusion.
Threading Eriq Muhammad Adams J
Dynamic Architectures (Component Reconfiguration) with Fractal.
CSC321 Concurrent Programming: §5 Monitors 1 Section 5 Monitors.
In Java processes are called threads. Additional threads are associated with objects. An application is associated with an initial thread via a static.
Threading and Concurrency COM379T John Murray –
Li Tak Sing COMPS311F. Threads A thread is a single sequential flow of control within a program. Many programming languages only allow you to write programs.
Concurrency Control 1 Fall 2014 CS7020: Game Design and Development.
Threads Eivind J. Nordby University of Karlstad Inst. for Information Technology Dept. of Computer Science.
Discussion Week 2 TA: Kyle Dewey. Overview Concurrency Process level Thread level MIPS - switch.s Project #1.
Threads in Java1 Concurrency Synchronizing threads, thread pools, etc.
Concurrent Computing CSCI 201L Jeffrey Miller, Ph.D. HTTP :// WWW - SCF. USC. EDU /~ CSCI 201 USC CSCI 201L.
Multithreaded programming  Java provides built-in support for multithreaded programming. A multithreaded program contains two or more parts that can run.
6.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Module 6: Process Synchronization Codes.
Semaphores CSCI 201L Jeffrey Miller, Ph.D. HTTP :// WWW - SCF. USC. EDU /~ CSCI 201 USC CSCI 201L.
Comunication&Synchronization threads 1 Programación Concurrente Benemérita Universidad Autónoma de Puebla Facultad de Ciencias de la Computación Comunicación.
Chapter 7: Deadlocks Joe McCarthy CSS 430: Operating Systems - Deadlocks1.
CS 151: Object-Oriented Design November 26 Class Meeting Department of Computer Science San Jose State University Fall 2013 Instructor: Ron Mak
Component-Based Software Engineering Understanding Thread Safety Paul Krause.
CSC CSC 143 Threads. CSC Introducing Threads  A thread is a flow of control within a program  A piece of code that runs on its own. The.
Advanced Tools for Multi- Threads Programming Avshalom Elmalech Eliahu Khalastchi 2010.
Producer/Consumer CSCI 201L Jeffrey Miller, Ph.D. HTTP :// WWW - SCF. USC. EDU /~ CSCI 201 USC CSCI 201L.
Concurrency in Java MD. ANISUR RAHMAN. slide 2 Concurrency  Multiprogramming  Single processor runs several programs at the same time  Each program.
Implementing Mutual Exclusion Andy Wang Operating Systems COP 4610 / CGS 5765.
1 Introduction to Threads Race Conditions. 2 Process Address Space Revisited Code Data OS Stack (a)Process with Single Thread (b) Process with Two Threads.
Multi-processor Scheduling
Advanced Topics in Concurrency and Reactive Programming: Asynchronous Programming Majeed Kassis.
COEN346 Tutorial Monitor Objects.
Multithreading in Java
Multithreaded Programming in Java
CS510 Operating System Foundations
Programming with Shared Memory Java Threads and Synchronization
Background and Motivation
Implementing Mutual Exclusion
Implementing Mutual Exclusion
Threads and Multithreading
CSS430 Deadlocks Textbook Ch8
Problems with Locks Andrew Whitaker CSE451.
Lecture 19 Threads CSE /6/2019.
CSE 542: Operating Systems
CSE 542: Operating Systems
CMSC 202 Threads.
Threads CSE451 Andrew Whitaker TODO: print handouts for AspectRatio.
Java Chapter 3 (Estifanos Tilahun Mihret--Tech with Estif)
Presentation transcript:

Consider the following Java code Race Conditions public class Shared { private int data; public Shared() { data = 0; } public void setData(int r) { data = r; } public int getData() { return data; } public class Shared { private int data; public Shared() { data = 0; } public void setData(int r) { data = r; } public int getData() { return data; } int localData = theShared.getData(); localData++; theShared.setData(localData); int localData = theShared.getData(); localData++; theShared.setData(localData); After executing this code what value is stored in Shared.data?

What is a thread / process / task? public class Driver { private Shared theShared; private MyThread threadA, threadB; public Driver() { theShared = new Shared(); threadA = new MyThread(theShared); threadB = new MyThread(theShared); threadA.start(); threadB.start(); try { threadA.join(); threadB.join(); } catch (InterruptedException e) { e.printStackTrace(); } System.out.println(theShared.getData()); } public static void main(String[] args) { new Driver(); } public class Driver { private Shared theShared; private MyThread threadA, threadB; public Driver() { theShared = new Shared(); threadA = new MyThread(theShared); threadB = new MyThread(theShared); threadA.start(); threadB.start(); try { threadA.join(); threadB.join(); } catch (InterruptedException e) { e.printStackTrace(); } System.out.println(theShared.getData()); } public static void main(String[] args) { new Driver(); } Threaded variation of the last program. public class MyThread extends Thread { private Shared theShared; public MyThread(Shared s) { theShared = s; } public void run() { int localData = theShared.getData(); localData++; theShared.setData(localData); } public class MyThread extends Thread { private Shared theShared; public MyThread(Shared s) { theShared = s; } public void run() { int localData = theShared.getData(); localData++; theShared.setData(localData); }

int localData = theShared.getData(); //1 localData++; //2 theShared.setData(localData); //3 int localData = theShared.getData(); //1 localData++; //2 theShared.setData(localData); //3 Code shared by threadA and threadB threadA -- execute //1 threadA -- execute //2 threadA -- execute //3 threadB -- execute //1 threadB -- execute //2 threadB -- execute //3 Execution Scenario 1: threadB -- execute //1 threadB -- execute //2 threadB -- execute //3 threadA -- execute //1 threadA -- execute //2 threadA -- execute //3 Execution Scenario 2: threadA -- execute //1 threadB -- execute //1 threadB -- execute //2 threadB -- execute //3 threadA -- execute //2 threadA -- execute //3 Execution Scenario 3: Whenever the potential order of execution can alter the outcome, this is called a _________ or ___________.

Three essential properties for a race condition _________ Property Two or more flows of control must execute concurrently/in parallel. _____________ Property Some resource must be shared by the concurrent flows. _____________ Property At least one of the concurrent flows must alter the state of the shared resource.

Solution to a race condition eliminate the concurrent access The “trick” is to use an atomic operation, such as a lock.

import java.util.concurrent.locks.ReentrantLock; public class Driver { private Shared theShared; private MyThread threadA, threadB; private ReentrantLock theLock; public Driver() { theShared = new Shared(); theLock = new ReetrantLock(); threadA = new MyThread(theShared, theLock); threadB = new MyThread(theShared, theLock); threadA.start(); threadB.start(); try { threadA.join(); threadB.join(); } catch (InterruptedException e) { e.printStackTrace(); } System.out.println(theShared.getData()); } public static void main(String[] args) { new Driver(); } import java.util.concurrent.locks.ReentrantLock; public class Driver { private Shared theShared; private MyThread threadA, threadB; private ReentrantLock theLock; public Driver() { theShared = new Shared(); theLock = new ReetrantLock(); threadA = new MyThread(theShared, theLock); threadB = new MyThread(theShared, theLock); threadA.start(); threadB.start(); try { threadA.join(); threadB.join(); } catch (InterruptedException e) { e.printStackTrace(); } System.out.println(theShared.getData()); } public static void main(String[] args) { new Driver(); } import java.util.concurrent.locks.ReentrantLock; public class MyThread extends Thread { private Shared theShared; private ReentrantLock theLock; public MyThread(Shared s) { theShared = s; } public void run() { theLock.lock(); int localData = theShared.getData(); localData++; theShared.setData(localData); theLock.unlock(); } import java.util.concurrent.locks.ReentrantLock; public class MyThread extends Thread { private Shared theShared; private ReentrantLock theLock; public MyThread(Shared s) { theShared = s; } public void run() { theLock.lock(); int localData = theShared.getData(); localData++; theShared.setData(localData); theLock.unlock(); }

Locks lead to another problem… _________ What if one thread terminates inside a critical section? lockSharedResource(); // the critical section unlockSharedResource(); A thread is deadlocked when it is impossible for it to resume execution even though the expected execution for the thread is incomplete. Potential Deadlock on two resources (A and B) lockSharedResourceA(); lockSharedResourceB(); // the critical section unlockSharedResourceB(); unlockSharedResourceA(); lockSharedResourceB(); lockSharedResourceA(); // the critical section unlockSharedResourceA(); unlockSharedResourceB(); Process 1Process 2

How can an attacker exploit race conditions? Deadlock leads to _____. Example: 2004 Apache HTTP Server Concurrency, and therefore, race conditions are sensitive to …  processor speeds  process/thread scheduling algorithms  memory constraints  asynchronous events  state of unrelated processes

What about loosely coupled (untrusted) processes? File targetFile = new File("/tmp/test"); if (targetFile.exists() && targetFile.canRead()) { try { FileInputStream = new FileInputStream(targetFile); inFile.read( someBuffer );... inFile.close(); } catch (IOException e) { e.printStackTrace(); } File targetFile = new File("/tmp/test"); if (targetFile.exists() && targetFile.canRead()) { try { FileInputStream = new FileInputStream(targetFile); inFile.read( someBuffer );... inFile.close(); } catch (IOException e) { e.printStackTrace(); } _________ (Time of Check, Time of Use) the window from TOC through TOU can lead to a race vulnerability

TOCTOU Mitigation   ________the file from other access. File targetFile = new File("/tmp/test"); if (targetFile.exists()) { try { FileChannel channel = null; FileLock lock = null; try { channel = new RandomAccessFile(targetFile,"rw").getChannel(); lock = channel.tryLock(); if (lock != null) { ByteBuffer bytes = ByteBuffer.allocate(100); channel.read(bytes);... lock.release(); } else // file is already locked } catch (OverlappingFileLockException e) { // file is already locked } finally { channel.close(); } } catch (IOException e) { e.printStackTrace(); } File targetFile = new File("/tmp/test"); if (targetFile.exists()) { try { FileChannel channel = null; FileLock lock = null; try { channel = new RandomAccessFile(targetFile,"rw").getChannel(); lock = channel.tryLock(); if (lock != null) { ByteBuffer bytes = ByteBuffer.allocate(100); channel.read(bytes);... lock.release(); } else // file is already locked } catch (OverlappingFileLockException e) { // file is already locked } finally { channel.close(); } } catch (IOException e) { e.printStackTrace(); }

A non-TOCTOU race condition: walking trees... chdir( “/tmp/a” ); chdir( “b” ); chdir( “c” ); // race window chdir( “..” ); unlink( “*” ); //delete all files... chdir( “/tmp/a” ); chdir( “b” ); chdir( “c” ); // race window chdir( “..” ); unlink( “*” ); //delete all files... Example (GNU utilities) file tree

A non-TOCTOU race condition: walking trees... chdir( “/tmp/a” ); chdir( “b” ); chdir( “c” ); // race window chdir( “..” ); unlink( “*” ); //delete all files... chdir( “/tmp/a” ); chdir( “b” ); chdir( “c” ); // race window chdir( “..” ); unlink( “*” ); //delete all files... Example (GNU utilities) the exploit mv /tmp/a/b/c /tmp/c file tree

Mitigation   avoid the use of relative path names use and verify ___________________   “..” and “.” in file names and URLs must be disallowed.   avoid using shared access containers

Mitigation – All Race Conditions Closing the race window   identify all shared resources   use mutual exclusion via locks, semaphores, monitors, etc. Eliminating the race (shared) resource   be permission, authorization and privilege aware Controlling access to the race (shared) resource   use “thread safe” threads   check file properties securely   use canonical full path names   use trustworthy containers   static and dynamic detection tools can find some race conditions

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.