Re: Library bug report

Brian Goetz writes:
> In HTNet.c, in HTNetCall_deleteAll, you use the following logic to delete
> all elements of a list:
>         while ((pres = (NetCall *) HTList_nextObject(cur))) {
>             HTList_removeObject(list, (void *) pres);
>             HT_FREE(pres);
>         }
> Unfortunately, this involves cur now pointing to an element that has been
> freed.  This works, accidentally, in most non-threaded environments, but
> it's a very dangerous coding practice.  (I think this derives from the
> somewhat non-obvious way in which the HTList_nextObject macro works.)
> This logic is used in other places in the library, too.  Possible solutions:
>  - place the code "cur = list" after the HT_FREE in this loop (not the best
>    solution, IMHO)
>  - Don't remove the object inside the loop; just free all the objects, and then
>    free the list (also has some undesirable behavior in threaded environments)
>  - Use a thread-safe "enumerate" macro, which might allow for the enumerated
>    objects to be deleted.
>  - lots of others.

Yes - you are right - this is a dangerous thing. What I have tried to enfore is to
not remove the list until after the objects have been cleared. Then the cur pointer
are always valid.

BTW: What kind of threaded environment are you using?
I am very interestded in hearing about your experiences!


Henrik Frystyk

Received on Wednesday, 26 June 1996 09:05:53 UTC