Fwd: Unusual behaviour of taglib using threads.

Michael Pyne michael.pyne at kdemail.net
Tue May 1 02:40:10 CEST 2007


On Monday 30 April 2007 11:49, William Pitcock wrote:
> This is a double free. You are probably calling delete on the same
> resource in both threads.
>
> You should set the resource to NULL (if it is a pointer), and then check
> to make sure that the resource is not NULL before calling delete on it. If
> you do this, you shouldn't encounter this problem.
>
> It is possible that TagLib has a bug, but as far as I know it is
> reentrant.

reentrant does not imply thread-safe.  AFAIK TagLib is not designed for 
multithreading, but Scott would have to say for sure.

Also, the delete operator in C++ checks that pointers are not 0 (the 
C++ "null") before deleting them, so don't code the check yourself.  You 
should, of course, always set pointers to 0 after deleting them so that you 
can take advantage of that fact.

In other words, it may perhaps be a double-free somewhere in Taglib code, 
where if the delete and zero-assignment operations are not done atomically 
(i.e. both actions are executed by one thread before any other thread may 
execute those actions) then you can get a double-free.

Regards,
 - Michael Pyne
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://mail.kde.org/pipermail/taglib-devel/attachments/20070430/cb9aa896/attachment.pgp 


More information about the taglib-devel mailing list