On Tue, 25 Jan 2005 11:20:54 -0600, Serge E. Hallyn <serue(a)us.ibm.com&gt; wrote: I'v CCed the list so we don't get redundant comments :-) Yes, we do care. This will leak memory. Here's why: If we're in a race and we both get to the point of adding the watch to the list because we've both seen that we're not in the list. Two audit_struct watches have been created. If we remove a watch, one will still exist. It might be odd, if say we were watching /tmp/foo, said "stop watching /tmp/foo", deleted "/tmp/foo", recreated "/tmp/foo" and started getting audit messages for "/tmp/foo" -- And at least then we'll consume the memory. The alternative is that the memory just gets forgotton. So let me better protect the list. Should I simply include in the critical section a test to make sure that I've not already been added? -- - Timothy R. Chavez