[Freeciv-Dev] Re: Segfault after race eliminated (PR#187)

[David Pfitzner <dwp@xxxxxxxxxxxxxx>]

Jeff Mallatt wrote:

> The ai_manage_units() code seems to assume that no more than the one unit
> it is currently examining will be wiped.  Hence, wiping the Galleon (which
> causes the two Horsemen to be wiped) left an iterator in ai_manage_units()
> with a dangling pointer.  I simply changed to code to use wipe_unit_safe(),
> rather than wipe_unit(), and passed in the iterator.

Lets hear it for wipe_unit_safe()!  <fx: crowd goes wild>

At the time wipe_unit_safe() was implemented I tried to think
of a way to make wipe_unit() always safe, but didn't have
much success.  It would be nice, since these problems seem
to re-cur.

One possibility would be to have iterator loops put a pointer
to their iterator on a global stack, so wipe_unit() could check
all the active iterators to avoid leaving any dangling.  
The main problem would be to make sure all the iterator loops
terminate correctly, rather than eg break or return in the
middle (leading to dangling pointers in the proposed stack...)

Maybe it would help to remove wipe_unit() (or rename wipe_unit_safe()
to wipe_unit()) and make the programmer always consider whether to
pass an iterator (or explicit NULL), but could still be subject
to cut and paste errors...

-- David