Daniel Berlin wrote:
On Sat, Jun 20, 2009 at 10:54 AM, Jeff Law<l...@redhat.com> wrote:
Imagine a loop like this
EXECUTE_IF_SET_IN_BITMAP (something, 0, i, bi)
{
bitmap_clear_bit (something, i)
[ ... whatever code we want to process i, ... ]
}
This code is unsafe.
No, this is known, and in fact, has been a source of "interesting"
bugs in the past since it doesn't segfault, but often, as you've
discovered, starts wandering into the free list happily iterating over
elements from bitmaps of dataflows past.
Making it safe is a little tricky, basically, you need to know whether
the element you are currently iterating over disappears.
At the very worst, you could make pre-delete hooks and have the
iterators register for them or something.
At best, you can probably set a bit in the bitmap saying it's being
iterated over, and then add a tombstone bit, which lets you mark
elements as deleted without actually deleting them until the end of
iteration when they are in the middle of iteration or something.
Also, what do you expect the semantics to be?
In particular, are new bits past the current index iterated over, or
do you expect to iterate over the bitmap as it existed at the time you
started iteration?
Could we simply pre-calculate the next index early and store it in the
iterator struct before entering the processing loop for index 'I'? .
This would allow the current index to be deleted without impacting the
next iteration. The changes shouldn't be very significant.
Of course, everything falls apart if you willy nilly change other things
in the list, especially clearing the 'next' bit, but changing the bit at
index 'I' must be the most common case by far...
Andrew
