Race in atomic compareAndSwap can make FailPoint::enableFailPoint() to spin forever

XMLWordPrintableJSON

    • Type: Bug
    • Resolution: Unresolved
    • Priority: Major - P3
    • 4.0 Required
    • Affects Version/s: 4.0.24
    • Component/s: None
    • Server Programmability
    • ALL
    • None
    • 3
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      This is not a production bug so threat it accordingly.

      The race:
      Initially, _fpInfo was ( 1 << 31 ).
      1. Thread 1 enters FailPoint::slowShouldFailOpenBlock() and increments the _fpInfo to ( 1 << 31 + 1)
      2. Thread 2 enters disableFailPoint() and reads _fpInfo into currentVal
      3. Thread 1 enters FailPoint::shouldFailCloseBlock() and decrements _fpInfo to ( 1 << 31 )
      4. Thread 2 spins forever

      Even though this is not production failure, someone may copy-paste this pattern into production code. Atomics are subtle and must be treated with care.

      Fix: load _fpInfo each time inside loop. Same for enableFailPoint().

              Assignee:
              Unassigned
              Reporter:
              Andrew Shuvalov (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated: