Race condition in UMutex code, leading to random crashes.

Description

We are seeing crashes that occur in ICU in some cases, using the code from the master branch.

From investigating, there is a race condition in the refactored UMutex code which was changed in ICU-20588.

The call stacks from the crashes generally look like the following:

The issue is in the getMutex() function.

If another thread interrupts in-between the first fMutex.load() and the second fMutex.load() calls, then the return value of retPtr can be nullptr, which will cause the the Mutex wrapper to call lock() on Null pointer.

Activity

Show:
Jeff Genovy
July 16, 2019, 5:41 PM
Fixed
Your pinned fields
Click on the next to a field label to start pinning.

Assignee

Jeff Genovy

Reporter

Jeff Genovy

Components

Priority

blocks-release

Fix versions