Grab lock before invoking hook #5855
Conversation
duke8253
force-pushed
the
master-grab_lock
branch
from
4ee6221 to
1410bec
Compare
duke8253
force-pushed
the
master-grab_lock
branch
from
1410bec to
c521b19
Compare
|
[approve ci autest] |
| } | ||
|
|
||
| if (curHook != nullptr) { | ||
| SCOPED_MUTEX_LOCK(lock, curHook->m_cont->mutex, this_ethread()); |
There was a problem hiding this comment.
Do you mean there is a case of curHook->m_cont->mutex is nullptr by "Requires #5857".
In that case, does this SCOPED_MUTEX_LOCK make sense?
There was a problem hiding this comment.
No, but overall the code is simplified by putting the check in SCOPED_MUTEX_LOCK. Otherwise every place that invokes the continuation would have to have the same cut and pasted logic. This is the reason that was moved in to MUTEX_TRY_LOCK.
There was a problem hiding this comment.
Yeah, I meant it needs the null checking , since some times the mutex could be pointing to nothing
There was a problem hiding this comment.
Less dup code is fine but failing silently doesn’t sounds great.
There was a problem hiding this comment.
I don't think it counts as failing. If a mutex is provided, it locks it just the same as before, if a nullptr is provided nothing happens.
There was a problem hiding this comment.
That doesn't help - this macro isn't accessible from the C API and so another macro doesn't provide the opportunity to specify "no lock needed". Passing nullptr isn't a mistake, even in your example it's done quite deliberately during creation of the continuation.
Perhaps you could be more explicit about an alternative that would allow having nullptr for a continuation mutex that does not result in an assertion based crash?
There was a problem hiding this comment.
Looking at the use of SCOPED_MUTEX_LOCK in most cases we don't do a nullptr check and require that there is a mutex. This would change the semantics in those cases and if some part of the code accidentally sets the mutex to null (not uncommon that memory is accentually written to) we would then not be holding a mutex.
The issue that @maskit has should have been addressed in #5857 before approving and merging the change.
There was a problem hiding this comment.
Does that imply reverting the change to MutexTryLock, which has had the same nullptr exception since February? Or should these two macros / classes have this fundamental difference?
There was a problem hiding this comment.
If the nullptr check is moved to be only in to the macro, the class constructor will crash on a nullptr mutex.
I would recommend WEAK_MUTEX_TRY_LOCK and WEAK_SCOPED_MUTEX_LOCK for the nullptr accepting versions. Then the current ones do an assert and invoke the WEAK version.
There was a problem hiding this comment.
Yes, that would mean changing MutexTryLock too. You could add a ink_assert() or ink_release_assert() for the mutex, but crashing on dereferencing a null pointer is easy to track down and I wouldn't bother.
|
Closing this because new PR #5879 deals with the problems. |
6 participants
Need to grab the lock such that
APIHook::invokecan do its thing.Requires #5857.