race condition

Contributor(s): Brien Posey

A race condition is an undesirable situation that occurs when a device or system attempts to perform two or more operations at the same time, but because of the nature of the device or system, the operations must be done in the proper sequence to be done correctly.

A simple example of a race condition is a light switch. In some homes there are multiple light switches connected to a common ceiling light. When these types of circuits are used, the switch position becomes irrelevant. If the light is on, moving either switch from its current position turns the light off. Similarly, if the light is off, then moving either switch from its current position turns the light on. With that in mind, imagine what might happen if two people tried to turn on the light using two different switches at exactly the same time. One instruction might cancel the other or the two actions might trip the circuit breaker.

Race conditions are most commonly associated with computer science. In computer memory or storage, a race condition may occur if commands to read and write a large amount of data are received at almost the same instant, and the machine attempts to overwrite some or all of the old data while that old data is still being read. The result may be one or more of the following: a computer crash, an "illegal operation," notification and shutdown of the program, errors reading the old data or errors writing the new data. A race condition can also occur if instructions are processed in the incorrect order.

Suppose for a moment that two processes need to perform a bit flip at a specific memory location. Under normal circumstances the operation should work like this:

Process 1 Process 2 Memory Value
Read value   0
Flip value   1
  Read value 1
  Flip value 0

In this example, Process 1 performs a bit flip, changing the memory value from 0 to 1. Process 2 then performs a bit flip and changes the memory value from 1 to 0.

If a race condition occurred causing these two processes to overlap, the sequence could potentially look more like this:

Process 1 Process 2 Memory Value
Read value   0
  Read value 0
Flip value   1
  Flip value 1

In this example, the bit has an ending value of 1 when its value should be 0. This occurs because Process 2 is unaware that Process 1 is performing a simultaneous bit flip.

Security vulnerabilities caused by race conditions

When a program that is designed to handle tasks in a specific sequence is asked to perform two or more operations simultaneously, an attacker can take advantage of the time gap between when the service is initiated and when a security control takes effect in order to create a deadlock or thread block situation.  With deadlock, two or more threads must wait for a lock in a circular chain. This defect can cause the entire software system to halt because such locks can never be acquired if the chain is circular. Thread block can also dramatically impact application performance. In this type of concurrency defect, one thread calls a long-running operation while holding a lock and preventing the progress of other threads. 

Preventing race conditions

In computing environments, race conditions can be prevented by serialization of memory or storage access. This means if read and write commands are received close together, the read command is executed and completed first by default.

In a network, a race condition may occur if two users attempt to access an available channel at the same instant, and neither computer receives notification the channel is occupied before the system grants access. Statistically, this kind of coincidence will most likely occur in networks with long lag times, such as those that use geostationary satellites. To prevent such a race condition from developing, a priority scheme must be devised. For example, the subscriber whose username begins with the earlier letter of the alphabet (or the lower numeral) may get priority by default when two subscribers attempt to access the system within a prescribed increment of time. Hackers can take advantage of race-condition vulnerabilities to gain unauthorized access to networks.

Race conditions occasionally occur in logic gates when certain inputs come into conflict. Because the gate output state takes a finite, nonzero amount of time to react to any change in input states, sensitive circuits or devices following the gate may be fooled by the state of the output, and thereby not operate properly.

This was last updated in January 2019

Continue Reading About race condition

Dig Deeper on Data storage management

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

How can a race condition be detected and corrected?
In the case of web applications, my team has coordinated tests for concurrency and robustness by coming up with a list of operations and having each team member (as well as a few other people we recruited to help) perform those operations, all using the application at the same time. 

Not a very sophisticated process, but it has worked for us to weed out issues. Once, using this method, we actually found a case of a data set being returned to the wrong user's session. That would have been bad had we not caught it!


File Extensions and File Formats