Skip to main content

Browse the archive

Revision 11ec15419c45d269af5cb46355a534dc4173762c authored by Philippe Canal on 14 December 2022, 21:11:12 UTC, committed by Philippe Canal on 27 January 2023, 21:15:57 UTC 
Fix race condition between RegisterContext and gDirectory cleanup.
 
Description of the race conditions:

(1) thread one create TFile, gDirectory now points to that file.
(2) thread two delete TFile, the destructor calls CleanTargets which has 4 distinct phase
(a) take the TFile spin lock and update all the TContext that points to the file
(b) still hold the spin lock, clean the other thread's directory.
(c) deal with the TContext that were being destructed at the same time
(d) update the local gDirectory

If between (2)(a) and (2)(b), thread (1) starts the creation of a TContext, and
is held at the start of RegisterContext after thread 2 release the spin lock,
thread 1 might awaken only after the TFile object has been deleted and thus
RegisterContext would access delete memory.

If during the destruction of the TFile by thread 2, thread (1) starts the
creation of a TContext, but is suspended right before the start of RegisterContext,
when it comes back it will use deleted memory to try to acquire the spin lock.
1 parent 145d8a4
History
File Mode Size
.ci
.github
README
bindings
build
builtins
cmake
config
core
doc
documentation
etc
fonts
geom
graf2d
graf3d
gui
hist
html
icons
interpreter
io
js
macros
main
man
math
misc
montecarlo
net
proof
roofit
rootx
sql
test
tmva
tree
tutorials
ui5
.clang-format -rw-r--r-- 3.4 KB
.clang-tidy -rw-r--r-- 22 bytes
.gitattributes -rw-r--r-- 490 bytes
.gitignore -rw-r--r-- 365 bytes
.mailmap -rw-r--r-- 9.6 KB
.travis.yml -rw-r--r-- 1.9 KB
CMakeLists.txt -rw-r--r-- 33.3 KB
CONTRIBUTING.md -rw-r--r-- 3.8 KB
LGPL2_1.txt -rw-r--r-- 23.9 KB
LICENSE -rw-r--r-- 847 bytes
README.md -rw-r--r-- 4.2 KB
configure -rwxr-xr-x 182 bytes
requirements.txt -rw-r--r-- 391 bytes

README.md

back to top