RAII + setjmp = UB

author: Benoit Germain <benoit.germain@ubisoft.com> 2025-07-31 09:24:22 +0200
committer: Benoit Germain <benoit.germain@ubisoft.com> 2025-07-31 09:24:22 +0200
commit: 818f94b863d8307b41afbfc9ad43868d6e9097eb (patch)
tree: 603156f57621f98b7f109543a89ae0c677d4fcde /src/linda.cpp
parent: dc2b7577b6663ff65a76fa3790578215d2136a48 (diff)
download: lanes-818f94b863d8307b41afbfc9ad43868d6e9097eb.tar.gz
lanes-818f94b863d8307b41afbfc9ad43868d6e9097eb.tar.bz2
lanes-818f94b863d8307b41afbfc9ad43868d6e9097eb.zip
1 files changed, 12 insertions, 17 deletions
diff --git a/src/linda.cpp b/src/linda.cpp
index 56285f7..1f4b19d 100644
--- a/src/linda.cpp
+++ b/src/linda.cpp
@@ -338,6 +338,7 @@ Keeper* Linda::acquireKeeper() const
    Keeper* const _keeper{ whichKeeper() };
    if (_keeper) {
        _keeper->mutex.lock();
+        keeperOperationCount.fetch_add(1, std::memory_order_seq_cst);
    }
    return _keeper;
 }
@@ -422,23 +423,16 @@ int Linda::ProtectedCall(lua_State* const L_, lua_CFunction const f_)
    // doing LindaFactory::deleteDeepObjectInternal -> keeper_call(clear)
    lua_gc(L_, LUA_GCSTOP, 0);
-    LuaError _rc{};
+    // if we didn't do anything wrong, the keeper stack should be clean
-    {
+    LUA_ASSERT(L_, lua_gettop(_K) == 0);
-        // there is something really strange here: in Release builds, MSVC will invoke _koip destructor on stack unwinding when we raise_lua_error() below
-        // even though the variable does not exist in the stack frame because it went out of scope -> comment until we understand why, because it causes a crash
+    // push the function to be called and move it before the arguments
-        //LUA_ASSERT_CODE(auto const _koip{ _linda->startKeeperOperation(L_) });
+    lua_pushcfunction(L_, f_);
+    lua_insert(L_, 1);
-        // if we didn't do anything wrong, the keeper stack should be clean
+    // do a protected call
-        LUA_ASSERT(L_, lua_gettop(_K) == 0);
+    LuaError const _rc{ ToLuaError(lua_pcall(L_, lua_gettop(L_) - 1, LUA_MULTRET, 0)) };
+    // whatever happens, the keeper state stack must be empty when we are done
-        // push the function to be called and move it before the arguments
+    lua_settop(_K, 0);
-        lua_pushcfunction(L_, f_);
-        lua_insert(L_, 1);
-        // do a protected call
-        _rc = ToLuaError(lua_pcall(L_, lua_gettop(L_) - 1, LUA_MULTRET, 0));
-        // whatever happens, the keeper state stack must be empty when we are done
-        lua_settop(_K, 0);
-    }
    // restore normal GC operations
    lua_gc(L_, LUA_GCRESTART, 0);
@@ -467,6 +461,7 @@ void Linda::releaseKeeper(Keeper* const keeper_) const
 {
    if (keeper_) { // can be nullptr if we tried to acquire during shutdown
        assert(keeper_ == whichKeeper());
+        keeperOperationCount.fetch_sub(1, std::memory_order_seq_cst);
        keeper_->mutex.unlock();
    }
 }
author	Benoit Germain <benoit.germain@ubisoft.com>	2025-07-31 09:24:22 +0200
committer	Benoit Germain <benoit.germain@ubisoft.com>	2025-07-31 09:24:22 +0200
commit	818f94b863d8307b41afbfc9ad43868d6e9097eb (patch)
tree	603156f57621f98b7f109543a89ae0c677d4fcde /src/linda.cpp
parent	dc2b7577b6663ff65a76fa3790578215d2136a48 (diff)
download	lanes-818f94b863d8307b41afbfc9ad43868d6e9097eb.tar.gz lanes-818f94b863d8307b41afbfc9ad43868d6e9097eb.tar.bz2 lanes-818f94b863d8307b41afbfc9ad43868d6e9097eb.zip

diff --git a/src/linda.cpp b/src/linda.cpp index 56285f7..1f4b19d 100644 --- a/src/linda.cpp +++ b/src/linda.cpp
@@ -338,6 +338,7 @@ Keeper* Linda::acquireKeeper() const
338	Keeper* const _keeper{ whichKeeper() };	338	Keeper* const _keeper{ whichKeeper() };
339	if (_keeper) {	339	if (_keeper) {
340	_keeper->mutex.lock();	340	_keeper->mutex.lock();
		341	keeperOperationCount.fetch_add(1, std::memory_order_seq_cst);
341	}	342	}
342	return _keeper;	343	return _keeper;
343	}	344	}
@@ -422,23 +423,16 @@ int Linda::ProtectedCall(lua_State* const L_, lua_CFunction const f_)
422	// doing LindaFactory::deleteDeepObjectInternal -> keeper_call(clear)	423	// doing LindaFactory::deleteDeepObjectInternal -> keeper_call(clear)
423	lua_gc(L_, LUA_GCSTOP, 0);	424	lua_gc(L_, LUA_GCSTOP, 0);
424		425
425	LuaError _rc{};	426	// if we didn't do anything wrong, the keeper stack should be clean
426	{	427	LUA_ASSERT(L_, lua_gettop(_K) == 0);
427	// there is something really strange here: in Release builds, MSVC will invoke _koip destructor on stack unwinding when we raise_lua_error() below	428
428	// even though the variable does not exist in the stack frame because it went out of scope -> comment until we understand why, because it causes a crash	429	// push the function to be called and move it before the arguments
429	//LUA_ASSERT_CODE(auto const _koip{ _linda->startKeeperOperation(L_) });	430	lua_pushcfunction(L_, f_);
430		431	lua_insert(L_, 1);
431	// if we didn't do anything wrong, the keeper stack should be clean	432	// do a protected call
432	LUA_ASSERT(L_, lua_gettop(_K) == 0);	433	LuaError const _rc{ ToLuaError(lua_pcall(L_, lua_gettop(L_) - 1, LUA_MULTRET, 0)) };
433		434	// whatever happens, the keeper state stack must be empty when we are done
434	// push the function to be called and move it before the arguments	435	lua_settop(_K, 0);
435	lua_pushcfunction(L_, f_);
436	lua_insert(L_, 1);
437	// do a protected call
438	_rc = ToLuaError(lua_pcall(L_, lua_gettop(L_) - 1, LUA_MULTRET, 0));
439	// whatever happens, the keeper state stack must be empty when we are done
440	lua_settop(_K, 0);
441	}
442		436
443	// restore normal GC operations	437	// restore normal GC operations
444	lua_gc(L_, LUA_GCRESTART, 0);	438	lua_gc(L_, LUA_GCRESTART, 0);
@@ -467,6 +461,7 @@ void Linda::releaseKeeper(Keeper* const keeper_) const
467	{	461	{
468	if (keeper_) { // can be nullptr if we tried to acquire during shutdown	462	if (keeper_) { // can be nullptr if we tried to acquire during shutdown
469	assert(keeper_ == whichKeeper());	463	assert(keeper_ == whichKeeper());
		464	keeperOperationCount.fetch_sub(1, std::memory_order_seq_cst);
470	keeper_->mutex.unlock();	465	keeper_->mutex.unlock();
471	}	466	}
472	}	467	}