Presentation is loading. Please wait.

Presentation is loading. Please wait.

Consider the following Java code Race Conditions public class Shared { private int data; public Shared() { data = 0; } public void setData(int r) { data.

Published byBrook French Modified over 9 years ago

Similar presentations

Presentation on theme: "Consider the following Java code Race Conditions public class Shared { private int data; public Shared() { data = 0; } public void setData(int r) { data."— Presentation transcript:

1 Consider the following Java code Race Conditions public class Shared { private int data; public Shared() { data = 0; } public void setData(int r) { data = r; } public int getData() { return data; } public class Shared { private int data; public Shared() { data = 0; } public void setData(int r) { data = r; } public int getData() { return data; } int localData = theShared.getData(); localData++; theShared.setData(localData); int localData = theShared.getData(); localData++; theShared.setData(localData); After executing this code what value is stored in Shared.data?

2 What is a thread / process / task? public class Driver { private Shared theShared; private MyThread threadA, threadB; public Driver() { theShared = new Shared(); threadA = new MyThread(theShared); threadB = new MyThread(theShared); threadA.start(); threadB.start(); try { threadA.join(); threadB.join(); } catch (InterruptedException e) { e.printStackTrace(); } System.out.println(theShared.getData()); } public static void main(String[] args) { new Driver(); } public class Driver { private Shared theShared; private MyThread threadA, threadB; public Driver() { theShared = new Shared(); threadA = new MyThread(theShared); threadB = new MyThread(theShared); threadA.start(); threadB.start(); try { threadA.join(); threadB.join(); } catch (InterruptedException e) { e.printStackTrace(); } System.out.println(theShared.getData()); } public static void main(String[] args) { new Driver(); } Threaded variation of the last program. public class MyThread extends Thread { private Shared theShared; public MyThread(Shared s) { theShared = s; } public void run() { int localData = theShared.getData(); localData++; theShared.setData(localData); } public class MyThread extends Thread { private Shared theShared; public MyThread(Shared s) { theShared = s; } public void run() { int localData = theShared.getData(); localData++; theShared.setData(localData); }

3 int localData = theShared.getData(); //1 localData++; //2 theShared.setData(localData); //3 int localData = theShared.getData(); //1 localData++; //2 theShared.setData(localData); //3 Code shared by threadA and threadB threadA -- execute //1 threadA -- execute //2 threadA -- execute //3 threadB -- execute //1 threadB -- execute //2 threadB -- execute //3 Execution Scenario 1: threadB -- execute //1 threadB -- execute //2 threadB -- execute //3 threadA -- execute //1 threadA -- execute //2 threadA -- execute //3 Execution Scenario 2: threadA -- execute //1 threadB -- execute //1 threadB -- execute //2 threadB -- execute //3 threadA -- execute //2 threadA -- execute //3 Execution Scenario 3: Whenever the potential order of execution can alter the outcome, this is called a _________ or ___________.

4 Three essential properties for a race condition _________ Property Two or more flows of control must execute concurrently/in parallel. _____________ Property Some resource must be shared by the concurrent flows. _____________ Property At least one of the concurrent flows must alter the state of the shared resource.

5 Solution to a race condition eliminate the concurrent access The “trick” is to use an atomic operation, such as a lock.

6 import java.util.concurrent.locks.ReentrantLock; public class Driver { private Shared theShared; private MyThread threadA, threadB; private ReentrantLock theLock; public Driver() { theShared = new Shared(); theLock = new ReetrantLock(); threadA = new MyThread(theShared, theLock); threadB = new MyThread(theShared, theLock); threadA.start(); threadB.start(); try { threadA.join(); threadB.join(); } catch (InterruptedException e) { e.printStackTrace(); } System.out.println(theShared.getData()); } public static void main(String[] args) { new Driver(); } import java.util.concurrent.locks.ReentrantLock; public class Driver { private Shared theShared; private MyThread threadA, threadB; private ReentrantLock theLock; public Driver() { theShared = new Shared(); theLock = new ReetrantLock(); threadA = new MyThread(theShared, theLock); threadB = new MyThread(theShared, theLock); threadA.start(); threadB.start(); try { threadA.join(); threadB.join(); } catch (InterruptedException e) { e.printStackTrace(); } System.out.println(theShared.getData()); } public static void main(String[] args) { new Driver(); } import java.util.concurrent.locks.ReentrantLock; public class MyThread extends Thread { private Shared theShared; private ReentrantLock theLock; public MyThread(Shared s) { theShared = s; } public void run() { theLock.lock(); int localData = theShared.getData(); localData++; theShared.setData(localData); theLock.unlock(); } import java.util.concurrent.locks.ReentrantLock; public class MyThread extends Thread { private Shared theShared; private ReentrantLock theLock; public MyThread(Shared s) { theShared = s; } public void run() { theLock.lock(); int localData = theShared.getData(); localData++; theShared.setData(localData); theLock.unlock(); }

7 Locks lead to another problem… _________ What if one thread terminates inside a critical section? lockSharedResource(); // the critical section unlockSharedResource(); A thread is deadlocked when it is impossible for it to resume execution even though the expected execution for the thread is incomplete. Potential Deadlock on two resources (A and B) lockSharedResourceA(); lockSharedResourceB(); // the critical section unlockSharedResourceB(); unlockSharedResourceA(); lockSharedResourceB(); lockSharedResourceA(); // the critical section unlockSharedResourceA(); unlockSharedResourceB(); Process 1Process 2

8 How can an attacker exploit race conditions? Deadlock leads to _____. Example: 2004 Apache HTTP Server http://www.kb.cert.org/vuls/id/132110 Concurrency, and therefore, race conditions are sensitive to …  processor speeds  process/thread scheduling algorithms  memory constraints  asynchronous events  state of unrelated processes

9 What about loosely coupled (untrusted) processes? File targetFile = new File("/tmp/test"); if (targetFile.exists() && targetFile.canRead()) { try { FileInputStream = new FileInputStream(targetFile); inFile.read( someBuffer );... inFile.close(); } catch (IOException e) { e.printStackTrace(); } File targetFile = new File("/tmp/test"); if (targetFile.exists() && targetFile.canRead()) { try { FileInputStream = new FileInputStream(targetFile); inFile.read( someBuffer );... inFile.close(); } catch (IOException e) { e.printStackTrace(); } _________ (Time of Check, Time of Use) the window from TOC through TOU can lead to a race vulnerability

10 TOCTOU Mitigation   ________the file from other access. File targetFile = new File("/tmp/test"); if (targetFile.exists()) { try { FileChannel channel = null; FileLock lock = null; try { channel = new RandomAccessFile(targetFile,"rw").getChannel(); lock = channel.tryLock(); if (lock != null) { ByteBuffer bytes = ByteBuffer.allocate(100); channel.read(bytes);... lock.release(); } else // file is already locked } catch (OverlappingFileLockException e) { // file is already locked } finally { channel.close(); } } catch (IOException e) { e.printStackTrace(); } File targetFile = new File("/tmp/test"); if (targetFile.exists()) { try { FileChannel channel = null; FileLock lock = null; try { channel = new RandomAccessFile(targetFile,"rw").getChannel(); lock = channel.tryLock(); if (lock != null) { ByteBuffer bytes = ByteBuffer.allocate(100); channel.read(bytes);... lock.release(); } else // file is already locked } catch (OverlappingFileLockException e) { // file is already locked } finally { channel.close(); } } catch (IOException e) { e.printStackTrace(); }

11 A non-TOCTOU race condition: walking trees... chdir( “/tmp/a” ); chdir( “b” ); chdir( “c” ); // race window chdir( “..” ); unlink( “*” ); //delete all files... chdir( “/tmp/a” ); chdir( “b” ); chdir( “c” ); // race window chdir( “..” ); unlink( “*” ); //delete all files... Example (GNU utilities) file tree

12 A non-TOCTOU race condition: walking trees... chdir( “/tmp/a” ); chdir( “b” ); chdir( “c” ); // race window chdir( “..” ); unlink( “*” ); //delete all files... chdir( “/tmp/a” ); chdir( “b” ); chdir( “c” ); // race window chdir( “..” ); unlink( “*” ); //delete all files... Example (GNU utilities) the exploit mv /tmp/a/b/c /tmp/c file tree

13 Mitigation   avoid the use of relative path names use and verify ___________________   “..” and “.” in file names and URLs must be disallowed.   avoid using shared access containers

14 Mitigation – All Race Conditions Closing the race window   identify all shared resources   use mutual exclusion via locks, semaphores, monitors, etc. Eliminating the race (shared) resource   be permission, authorization and privilege aware Controlling access to the race (shared) resource   use “thread safe” threads   check file properties securely   use canonical full path names   use trustworthy containers   static and dynamic detection tools can find some race conditions

Download ppt "Consider the following Java code Race Conditions public class Shared { private int data; public Shared() { data = 0; } public void setData(int r) { data."

Similar presentations

wwwcsif.cs.ucdavis.edu/~jacksoni

wwwcsif.cs.ucdavis.edu/~jacksoni
Operating Systems: Monitors 1 Monitors (C.A.R. Hoare) higher level construct than semaphores a package of grouped procedures, variables and data i.e. object.

Operating Systems: Monitors 1 Monitors (C.A.R. Hoare) higher level construct than semaphores a package of grouped procedures, variables and data i.e. object.
5.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Chapter 5: CPU Scheduling.

5.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Chapter 5: CPU Scheduling.
1 Lecture 18 Further Threading Overview  Case Study: Cooperating Threads  Producer/ Consumer model threads  Waiting for Synchronized Data  Busy Waiting.

1 Lecture 18 Further Threading Overview  Case Study: Cooperating Threads  Producer/ Consumer model threads  Waiting for Synchronized Data  Busy Waiting.
Monitors Chapter 7. The semaphore is a low-level primitive because it is unstructured. If we were to build a large system using semaphores alone, the.

Monitors Chapter 7. The semaphore is a low-level primitive because it is unstructured. If we were to build a large system using semaphores alone, the.
Multi-core Programming Thread Checker. 2 Topics What is Intel® Thread Checker? Detecting race conditions Thread Checker as threading assistant Some other.

Multi-core Programming Thread Checker. 2 Topics What is Intel® Thread Checker? Detecting race conditions Thread Checker as threading assistant Some other.
Object-Oriented Software Engineering Concurrent Programming.

Object-Oriented Software Engineering Concurrent Programming.
Synchronization in Java Nelson Padua-Perez Bill Pugh Department of Computer Science University of Maryland, College Park.

Synchronization in Java Nelson Padua-Perez Bill Pugh Department of Computer Science University of Maryland, College Park.
Synchronization in Java Fawzi Emad Chau-Wen Tseng Department of Computer Science University of Maryland, College Park.

Synchronization in Java Fawzi Emad Chau-Wen Tseng Department of Computer Science University of Maryland, College Park.
Threads A thread is a program unit that is executed independently of other parts of the program A thread is a program unit that is executed independently.

Threads A thread is a program unit that is executed independently of other parts of the program A thread is a program unit that is executed independently.
Definitions Process – An executing program

Definitions Process – An executing program
Race Conditions CS550 Operating Systems. Review So far, we have discussed Processes and Threads and talked about multithreading and MPI processes by example.

Race Conditions CS550 Operating Systems. Review So far, we have discussed Processes and Threads and talked about multithreading and MPI processes by example.
Concurrency - 1 Tasking Concurrent Programming Declaration, creation, activation, termination Synchronization and communication Time and delays conditional.

Concurrency - 1 Tasking Concurrent Programming Declaration, creation, activation, termination Synchronization and communication Time and delays conditional.
1 Threads Chapter 4 Reading: 4.1,4.4, 4.5. 2 Process Characteristics l Unit of resource ownership - process is allocated: n a virtual address space to.

1 Threads Chapter 4 Reading: 4.1,4.4, Process Characteristics l Unit of resource ownership - process is allocated: n a virtual address space to.
A Bridge to Your First Computer Science Course Prof. H.E. Dunsmore Concurrent Programming Threads Synchronization.

A Bridge to Your First Computer Science Course Prof. H.E. Dunsmore Concurrent Programming Threads Synchronization.
Lecture 4 : JAVA Thread Programming

Lecture 4 : JAVA Thread Programming
Locks CSCI 201L Jeffrey Miller, Ph.D. HTTP :// WWW - SCF. USC. EDU /~ CSCI 201 USC CSCI 201L.

Locks CSCI 201L Jeffrey Miller, Ph.D. HTTP :// WWW - SCF. USC. EDU /~ CSCI 201 USC CSCI 201L.
 Traditionally, a process in an operating system consists of an execution environment and a single thread of execution (single activity).  However,

 Traditionally, a process in an operating system consists of an execution environment and a single thread of execution (single activity).  However,
Consider the following Java code Race Conditions public class Shared { private int data; public Shared() { data = 0; } public void setData(int r) { data.

Consider the following Java code Race Conditions public class Shared { private int data; public Shared() { data = 0; } public void setData(int r) { data.
Threads in Java. History  Process is a program in execution  Has stack/heap memory  Has a program counter  Multiuser operating systems since the sixties.

Threads in Java. History  Process is a program in execution  Has stack/heap memory  Has a program counter  Multiuser operating systems since the sixties.

Similar presentations

Ads by Google