This is the mail archive of the java@gcc.gnu.org mailing list for the Java project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Patch to fix Reference/natReference.

From: David Daney <ddaney at avtrex dot com>
To: tromey at redhat dot com
Cc: java at gcc dot gnu dot org
Date: Thu, 21 Aug 2003 11:58:58 -0700
Subject: Re: Patch to fix Reference/natReference.
References: <3F450232.9000409@avtrex.com> <87isoq28ki.fsf@fleche.redhat.com>

Tom Tromey wrote:

David> If Reference.clear() is called and then the Reference is finalized
David> before its referent, a dangling pointer is created in the object_list
David> structure in natReference.cc.  This happens because the 'copy' field
David> of the Reference is cleared and that is what is used to find the slot
David> in the object_list table.

Could you try the appended patch instead?

We think that your patch will cause incorrect Reference semantics, so we did not try it.

There would be a race condition as follows:

1) GC decides that referent is collectable and puts it on the finalizer queue.

2) User program calles Reference.get() and obtains a valid hard reference to referent.

3) GC runs finalizer, causing the Reference to be cleared and put on the ReferenceQueue.

Step 3 should never have happened because there is a valid hard reference to the referent.

Disappearing links are cleared with the "World Stopped", so there is no race if they are used.

David.

Follow-Ups:
- Re: Patch to fix Reference/natReference.
  - From: Tom Tromey

References:
- Patch to fix Reference/natReference.
  - From: David Daney
- Re: Patch to fix Reference/natReference.
  - From: Tom Tromey

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]