Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-89790

Coverity analysis defect 144678: Check of thread-shared field evades lock acquisition

    • Type: Icon: Bug Bug
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • 8.1.0-rc0, 8.0.0-rc5
    • Affects Version/s: 7.0.0, 7.3.0, 8.0.0-alpha1
    • Component/s: None
    • Catalog and Routing
    • Fully Compatible
    • ALL
    • v8.0
    • CAR Team 2024-05-13, CAR Team 2024-05-27
    • 2

      Check of thread-shared field evades lock acquisition

      The data guarded by this critical section may be read while in an inconsistent state or modified by multiple racing threads. Checking the value of a thread-shared field outside of a locked region to determine if a locked operation involving that thread shared field has completed.
      /src/mongo/db/s/range_deleter_service.cpp:389: LOCK_EVASION 144678 Thread1 uses the value read from field "_state" in the condition "this->this->_state != mongo::RangeDeleterService::kInitializing". It sees that the condition is false.
      /src/mongo/db/s/range_deleter_service.cpp:469: LOCK_EVASION 144678 Thread1 double checks the field "_state" in the condition "this->this->_state != mongo::RangeDeleterService::kDown".
      /src/mongo/db/s/range_deleter_service.cpp:470: LOCK_EVASION 144678 Thread1 modifies the field "_state". This modification can be re-ordered with other correlated field assignments within this critical section at runtime. Thus, checking the value of "_state" is not an adequate test that the critical section has completed unless the guarding lock is held while checking. Control is switched to Thread2.
      /src/mongo/db/s/range_deleter_service.cpp:389: LOCK_EVASION 144678 Thread2 checks "_state", reading it after Thread1 assigns to "_state" but before some of the correlated field assignments can occur. It sees the condition "this->this->_state != mongo::RangeDeleterService::kInitializing" as being true. It continues on before the critical section has completed, and can read data changed by that critical section while it is in an inconsistent state.
      /src/mongo/db/s/range_deleter_service.cpp:395: LOCK_EVASION 144678 The modification of "this" can race with the unguarded check of "_state".
      /src/mongo/db/s/range_deleter_service.cpp:408: LOCK_EVASION 144678 The modification of "_viewMode" can race with the unguarded check of "_state".
      /src/mongo/db/s/range_deleter_service.cpp:408: LOCK_EVASION 144678 The modification of "millis" can race with the unguarded check of "_state".

            Assignee:
            adam.farkas@mongodb.com Wolfee Farkas
            Reporter:
            xgen-internal-coverity Coverity Collector User
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: