Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Assume this simplified code is part of a multithreaded bank system. Threads will call credit() and debit() as money is deposited into and taken withdrawn from the single account. Because the addition and subtraction operations are not atomic, it is possible that two operations could occur concurrently but only the result of one would be saved. For example, an attacker could credit the account with a sum of money and make a very large number of small debits concurrently. Some of the debits might not affect the account balance because of the race condition, so the attacker is effectively creating money.

...

This solution uses a mutex to make credits and debits atomic operations. All credits and debits will now affect the account balance, so an attacker cannot exploit the race condition to steal money from the bank.  The mutex is created with the pthread_mutex functions.  In addition, the volatile keyword is used so prefetching will does not occur.

Code Block
bgColor#ccccff
#include <pthread.h>

volatile int account_balance;
pthread_mutex_t account_lock = PTHREAD_MUTEX_INITIALIZER;

void debit(int amount) {
  pthread_mutex_lock(&account_lock);
  account_balance -= amount;
  pthread_mutex_unlock(&account_lock);
}

void credit(int amount) {
  pthread_mutex_lock(&account_lock);
  account_balance += amount;
  pthread_mutex_unlock(&account_lock);
}

...