BugZero found this defect 25 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
4/24/2024
MongoDB Server
No affected releases provided.
No fixed releases provided.
Check of thread-shared field evades lock acquisition The data guarded by this critical section may be read while in an inconsistent state or modified by multiple racing threads. Checking the value of a thread-shared field outside of a locked region to determine if a locked operation involving that thread shared field has completed. /src/mongo/db/s/range_deleter_service.cpp:389: LOCK_EVASION 144678 Thread1 uses the value read from field "_state" in the condition "this->this->_state != mongo::RangeDeleterService::kInitializing". It sees that the condition is false. /src/mongo/db/s/range_deleter_service.cpp:469: LOCK_EVASION 144678 Thread1 double checks the field "_state" in the condition "this->this->_state != mongo::RangeDeleterService::kDown". /src/mongo/db/s/range_deleter_service.cpp:470: LOCK_EVASION 144678 Thread1 modifies the field "_state". This modification can be re-ordered with other correlated field assignments within this critical section at runtime. Thus, checking the value of "_state" is not an adequate test that the critical section has completed unless the guarding lock is held while checking. Control is switched to Thread2. /src/mongo/db/s/range_deleter_service.cpp:389: LOCK_EVASION 144678 Thread2 checks "_state", reading it after Thread1 assigns to "_state" but before some of the correlated field assignments can occur. It sees the condition "this->this->_state != mongo::RangeDeleterService::kInitializing" as being true. It continues on before the critical section has completed, and can read data changed by that critical section while it is in an inconsistent state. /src/mongo/db/s/range_deleter_service.cpp:395: LOCK_EVASION 144678 The modification of "this" can race with the unguarded check of "_state". /src/mongo/db/s/range_deleter_service.cpp:408: LOCK_EVASION 144678 The modification of "_viewMode" can race with the unguarded check of "_state". /src/mongo/db/s/range_deleter_service.cpp:408: LOCK_EVASION 144678 The modification of "millis" can race with the unguarded check of "_state".