Home

reentrancy

Reentrancy is the ability of code to be entered again before its previous execution completes. In programming, a reentrant function can be interrupted (by an interrupt, a signal, a callback, or another thread) and called again, re-entering while it is already running. This requires that the function not rely on or corrupt shared state across invocations.

Reentrant code is characterized by its use of local state and avoidance of mutable global data. It

Non-reentrant code relies on shared or persistent state, global variables, or resources that can be modified

In software design, reentrancy is desirable for robust interrupt handling and asynchronous contexts, but it requires

In blockchain and smart contracts, reentrancy is a well-known vulnerability. A contract that calls an external

See also: reentrancy guard, checks-effects-interactions pattern.

typically
does
not
hold
locks
across
calls
or
depend
on
non-thread-safe
resources.
It
should
not
assume
a
single-threaded
environment
and
must
manage
memory
and
external
interactions
in
a
way
that
does
not
break
if
another
invocation
occurs
mid-execution.
by
concurrent
invocations.
Such
code
is
prone
to
data
races,
corruption,
or
inconsistent
results
if
re-entry
occurs.
careful
structuring.
Non-reentrant
patterns
can
lead
to
subtle
bugs
when
callbacks
or
signals
interrupt
ongoing
work.
contract
before
updating
its
own
state
can
be
re-entered
by
the
callee
to
manipulate
funds
or
state.
Mitigations
include
following
the
checks-effects-interactions
pattern,
updating
state
before
external
calls,
using
reentrancy
guards,
and
preferring
pull
payments
or
limited
gas
transfers.