#exult full logs for 15 Mar 2021 (GMT)
Archive Today Yesterday Tomorrow
Exult homepage
[01:48:32] travis-ci: exult/exult#624 (snapshot-v1.7.0.20210315 - 1642981 : DominusExult): The build passed.
[01:48:32] travis-ci: Change view : https://github.com/exult/exult/compare/snapshot-v1.7.0.20210315
[01:48:32] travis-ci: Build details : https://travis-ci.com/exult/exult/builds/220058187
[16:59:10] Dominus: heya Marzo, what is so shocking in that code? And it is also what the crash logs for iOS pointed to as well
[17:00:21] Marzo: There is a lot; but for starters: open chunks.cc and take a look at lines 597-603
[17:00:41] Marzo: egg->hatch can cause the chunk to be deleted
[17:01:13] Marzo: This makes the following line wrong in several different ways
[17:03:33] Marzo: First, there is a single-thread version of the ABA problem: ´this´ points to a Chunk_cache object that could have been deleted, and another one been reallocated in its placethat
[17:04:06] Marzo: That could cause the function to continue executing on the wrong Chunk_cache
[17:04:16] Dominus: oh
[17:05:39] Marzo: Second, using ´this´ in that context would be undefined behavior anyway by an issue shared between C and C++: the so-called pointer lifetime-end zap
[17:06:49] Marzo: All poionters to deallocated memory become invalid after an obect is deleted, and using the pointer even for comparison with another value is undefined behavior
[17:07:29] Marzo: This is an issue that has been proposed for being removed from the c++ standard because it breaks some algorithms that rely on the pointers still being valid
[17:08:01] Dominus: so we had this big problem all along? ouch
[17:08:21] Marzo: This is more language-lawyerish, but a compiler might use this fact to optimize code, or to do things like asan and valgrind do