Boost logo

Boost Users :

Date view Thread view Subject view Author view

From: Eduardo Panisset (eduardo.panisset_at_[hidden])
Date: 2008-08-15 15:34:32

Hi,

I have studied the sp_counted_base implementation and I can't see how it is
trade safe.

For instance:

 bool add_ref_lock() // true on success
    {
        pthread_mutex_lock( &m_ );
        bool r = use_count_ == 0? false: ( ++use_count_, true );
        pthread_mutex_unlock( &m_ );
        return r;
    }

 void release() // nothrow
    {
        pthread_mutex_lock( &m_ );
        long new_use_count = --use_count_;
        pthread_mutex_unlock( &m_ );

        if( new_use_count == 0 )
        {
            dispose();
            weak_release();
        }
    }

I suppose to exist a race condition because I can't execute the comparation
"if( new_use_count) == 0" outside of critical region delimited by mutex.

So if:

1. Reference count = 1
2. Thread A executes release and is interrupted after execute the
comparation if( new_use_count) == 0 (the comparation returns true)
3. Thread B executes add_ref_lock, then Ref count = 1
4. Thread A executes "dispose()" and releases the pointer !

What Do you think about ?

Eduardo Panisset.

Date view Thread view Subject view Author view

Boost-users list run by williamkempf at hotmail.com, kalb at libertysoft.com, bjorn.karlsson at readsoft.com, gregod at cs.rpi.edu, wekempf at cox.net