-
Type: Improvement
-
Resolution: Unresolved
-
Priority: Major - P3
-
None
-
Affects Version/s: None
-
Component/s: None
-
Labels:None
There are places in the WiredTiger code (e.g., wt_lsn), where we carefully construct structs that fit in 64 bits, and then use C assignment operations to copy the struct from one variable to another. Because 64-bit loads and stores are atomic on 64-bit Intel processors, we assume that these struct assignments are also atomic.
Unfortunately this turns out to be a bad assumption. The C language doesn't guarantee that structure assignment will be atomic (regardless the size of the struct) and we discovered in WT-6643 that ASAN builds sometimes use a byte-wise memcpy to implement such assignments, introducing bad race conditions.
Now that we've found the problem in WT-6643, we can fix it. But we should have a tool or script that will automatically find other instances of this error. This will prevent new occurrences of this problem from being introduced and will help find other places where we may have similar errors. Because the resulting races are very hard to track down, the time invested in prevention will be worth while.