ApplicationsPOSIXObjectivesAsynchronous OperationConcurrencyCommunicationSafe FunctionsCPU Events Relative to Real TimeScreen Filling ComparisonsInterruptsSignalsProcessesThreadsBuffer OverflowPassword ProgramStack RepresentationStack CondititionsStack ProblemsBuffer Overflow and WormsTelnet and Buffer OverflowUNIX StandardsPOSIX ExtensionsSlide 23ApplicationsComplex applications must:• run for weeks or months•properly release resources to avoid waste•cope with outrageously malicious user input•recover from errors and continue runningPOSIXPortable Operating System Interface (POSIX)•an important step toward producing reliable applications•POSIX compliant systems no longer need to contend with small but critical variations in behavior of library functions across platformsObjectives•Learn how OS manages resources•Experiment with buffer overflows•Explore concurrency and asynchronous behavior•Strengthen basic OS terminology•Understand serious implications of incorrect codeAsynchronous Operation•Computer system events occur at unpredictable times an in unpredictable order•Programs must work for all possible orderingsConcurrency•Sharing of resources in the same time frame•Apparent concurrency is sharing the same CPU, memory, or I/O device•Real concurrency is sharing the same program among several CPUs, memories, and/or I/O devicesCommunication•The conveying of information from one entity to another•Network communication introduces a myriad of new problems resulting in unpredictable times and possible remote failuresSafe Functions•Thread-Safe – Can be invoked concurrently or by multiple threads.•Async-Signal-Safe – Can be called without restriction from a signal handler.These terms replace the older notion of reentrant function.CPU Events Relative to Real TimeItem TimeScaled Time in Human Terms(2 billion times slower)Processor CycleCache AccessMemory AccessContext SwitchDisk AccessTime Quantum 0.5 ns (2GHZ) 1 ns 15ns 5,000ns (5s) 7,000,000ns (7 ms)100,000,000ns (100ms)1 second2 seconds30 seconds167 minutes162 days116 daysScreen Filling ComparisonsModem Bits per Time needed to displaytype second Text Graphics1979 telephone modem1983 telephone modemcurrent telephone modemcurrent DSL modem3002,40057,600768,0001 min6 secs0.28 secs0.02 secs6 hours45 mins109 secs8 secsInterrupts•Causes transfer of control to interrupt handling routine•Synchronous interrupts are invoked by program system calls •Asynchronous interrupts are invoked by external devices such as I/O or timerSignals•Notifies software of an event•Signals are often invoked by interrupt handling routine•A signal is caught if the process receiving the signal executes an interrupt handling routine (signal handler) for the signalProcesses•Concurrent processes are invoked by fork•Processes with common ancestor can communicate through pipes•Processes without a common ancestor can communicate by signals, semaphores, shared address space, or messagesThreads•Multiple threads of execution can provide concurrency within a process•The stream of instructions is called the program’s thread of execution•If two distinct threads of execution share a resource within a time from, care must be taken that these threads do not interfere with each other•A thread standard has been incorporated in POSIXBuffer Overflowchar buf[80];printf(“Enter your first name”);scanf(“%s”, buf);char buf[80];printf(“Enter your first name”);scanf(“%79s”, buf);Password Program#include <stdio.h>#include <string.h>int checkpass(void) {int x;char a[9];x=0;fprintf(stderr,”a at %p and\nx at %p\n, (void) a, (void *)&x);printf(“Enter a short word: “);scanf(“%s”, a);if (strcomp (a, “mypass”) == 0) x=1;return x; }Stack Representation1024basereturn address1020saved frame pointer1016x1012unused1009topa1000Stack Condititions•12 bytes are allocated for array a even though only 9 are needed so a is aligned to word memory.•Integers and Pointers are 4 bytes.Stack Problems•If the user enters 12 characters, the string overwrites 1 byte of x without changing its value•If the user enters more than 12 characters, x is overwritten changing its value•If the user enters a long password, the return address is overwritten – the function may try to return to address space outside the program causing a segmentation faultBuffer Overflow and Worms•Morris worm exploited buffer overflow in the finger daemon•Forced many system administrators to disconnect sites from the InternetTelnet and Buffer Overflow•Buffer overflow occurs if password is too long•Hackers purposely type in long password to overwrite memory•The idea is to overwrite the return value so they get in even though the password is incorrectUNIX Standards•ANSI C•POSIX•Spec 1170•ISO CPOSIX Extensionscode extension Solaris 9AIOCXFSCRTSSEMTHRTMRTPSTSATSFXSIasynchronous input and outputISO C standard extensionfile synchronizationreal time signalssemaphoresthreadstimersthread execution schedulingthread stack address attributethread-safe functionsXSI extensionyesyesyesyesyesyesyesyesnoyesyesPOSIX•POSIX-compliant implementation must support the POSIX standard•Table E.1 in appendix E lists all extensions to the base standard•POSIX-compliant implementations have the symbol _POSIX_VERSION defined in the include file un