[zeromq-dev] race condition in pipe?
Dhammika Pathirana
dhammika at gmail.com
Sun Apr 12 22:14:24 CEST 2009
Hi,
writer_terminated in pipe sends term_ack to other thread and proceeds
to reset pointers.
However, on receiving term_ack api_thread deletes the pipe in
terminate_pipe_ack (in engine_base.hpp)
I think its possible to have a race condition here, and
writer_terminated to could actually endup writing to deallocated
memory.
void zmq::pipe_t::writer_terminated ()
{
// Send termination acknowledgement to the pipe reader.
command_t cmd;
cmd.init_engine_terminate_pipe_ack (destination_engine, this);
source_thread->send_command (destination_thread, cmd);
// Drop the pointers to the writer. This has no real effect and is even
// incorrect w.r.t. CPU cache coherency rules, however, it may cause 0MQ
// to fail faster in case of certain synchronisation bugs.
source_thread = NULL;
source_engine = NULL;
}
Dhammika
More information about the zeromq-dev
mailing list