A race condition is a situation in computer programs where the timing of the events affects the behavior and outcome of the program. It happens when variable gets accessed and modified by multiple threads. Lack of proper lock mechanisms and synchronization.
Program - a set of instructions.
Process - a program in execution.
Flask is multi threaded by default, to force it to run single threaded we use —without-threads.
flask run --without-threads --host=0.0.0.0
Thread - it a lightweight unit of execution. It shares various memory parts and instructions with the process.
Serial-one process is running, it serves one user after the other sequentially, the new user is enqueued.
Parallel-one process is running, it creates a thread to serve a new user, new users are enqueued only after the maximum number of running threads is reached.
Gunicorn also called as ‘Green Unicorn’ is a Python WSGI HTTP server, WSGI-web server gateway interference, it can run four threads.
gunicorn --workers=4 --threads=2 -b 0.0.0.0:8080 app:app
here we are specifying to run with 4 workers and 2 threads, hence making 8 threads that means 8 process can be served.
Name of the state where a process is waiting for I/O- waiting.
The above example is Time of Check to Time of Use vulnerability.
If we run a python code with two threads incrementing their values, it is not sure to know which thread will finish first. so we need to set mechanisms to ensure proper protection.
Generally speaking, racing condition is caused due to shared resources.Three main causes,