The CORBA layer should not delay the destruction of Service instances once the owning TaskContext gets destroyed. Accessing a destroyed service instance through CORBA would result in a bad_weak_ptr exception now which is handled by the CORBA implementation, but does not cause a segfault.
The usage of the weak_ptr instances in #238 was actually invalid: The intention was to trigger an exception when dereferencing an expired weak pointer, which is then returned to the caller through the CORBA layer. But boost::weak_ptr::lock() does not throw and might return a null pointer, which would result in a segmentation fault instead. Not better than before the patch, but at least it resolved the problem that CORBA cannot prevent RTT service instances from being destroyed. Only constructing a shared_ptr from an expired weak_ptr actually throws a bad_weak_ptr exception.
For completeness it would be nice to also use weak pointers in DataFlowI, OperationInterfaceI and ConfigurationInterfaceI, which all have simple raw pointers to their actual non-corba implementations. But it is not straight-forward to apply a similar patch to those servants, because they are not always constructed from a shared_ptr instance. Depending on how they are used within RTT and the CORBA transport layer, dangling servant instances might continue to exist while the actual object has already been destroyed. Calls from a remote would then trigger segmentation faults.
Only port connections should be able to handle disconnection and destruction correctly because they notify the remote end before.
RTT does not depend on C++11 features yet. Otherwise the same could have been done with std::weak_ptr.
Follow-up on #238, but targeting master now:
The usage of the::lock() does not throw and might return a null pointer, which would result in a segmentation fault instead. Not better than before the patch, but at least it resolved the problem that CORBA cannot prevent RTT service instances from being destroyed. Only constructing a
weak_ptrinstances in #238 was actually invalid: The intention was to trigger an exception when dereferencing an expired weak pointer, which is then returned to the caller through the CORBA layer. But boost::weak_ptrshared_ptrfrom an expiredweak_ptractually throws abad_weak_ptrexception.For completeness it would be nice to also use weak pointers in DataFlowI, OperationInterfaceI and ConfigurationInterfaceI, which all have simple raw pointers to their actual non-corba implementations. But it is not straight-forward to apply a similar patch to those servants, because they are not always constructed from a
shared_ptrinstance. Depending on how they are used within RTT and the CORBA transport layer, dangling servant instances might continue to exist while the actual object has already been destroyed. Calls from a remote would then trigger segmentation faults.Only port connections should be able to handle disconnection and destruction correctly because they notify the remote end before.
RTT does not depend on C++11 features yet. Otherwise the same could have been done with std::weak_ptr.