Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-48146

FailPoint usage is unsafe at static init and shutdown time

    • Fully Compatible
    • Service arch 2020-12-28

      FailPoint objects are designed to be defined as nonlocal objects, and referred to in arbitrary code paths as e.g. `if (failpoint.shouldFail()) ...` to provide test injection and instrumentation. Calls to FailPoint::shouldFail must to be correct even before the failpoint initializer has run, or after the failpoint has been destroyed.

      We can fix it by making FailPoint objects into trivial facade objects using std::aligned_storage that lazily initializes its state when member functions are called.

      For performance paths that are known to be lifetime-safe, we can use an accessor to get at the unchecked state of the FailPoint, skipping the atomic initializer guard.

            billy.donahue@mongodb.com Billy Donahue
            billy.donahue@mongodb.com Billy Donahue
            0 Vote for this issue
            2 Start watching this issue