From: Eli Zaretskii <eliz@gnu.org>
To: Stefan Monnier <monnier@IRO.UMontreal.CA>
Cc: lekktu@gmail.com, eggert@cs.ucla.edu, emacs-devel@gnu.org
Subject: Re: Lisp object that refers to a C struct
Date: Fri, 19 Oct 2012 20:54:32 +0200 [thread overview]
Message-ID: <83txtqz40n.fsf@gnu.org> (raw)
In-Reply-To: <jwvmwzih6td.fsf-monnier+emacs@gnu.org>
> From: Stefan Monnier <monnier@IRO.UMontreal.CA>
> Cc: lekktu@gmail.com, eggert@cs.ucla.edu, emacs-devel@gnu.org
> Date: Fri, 19 Oct 2012 10:44:32 -0400
>
> >> > It doesn't. I meant the need to manage the table itself, grow it when
> >> > needed, etc.
> >> To me "table" doesn't imply "array". It's just some kind of
> >> data-structure that keeps the elements at hand. It can be a list, an
> >> array, a tree, a has-table, you name it.
> > If we use a Lisp data structure, then the same issue of putting a bare
> > pointer into that started this thread it pops up again, doesn't it?
> > Anyway, a Lisp data structure is what I have now.
>
> In any case, the code now does keep a table of those C structs, and they
> are not reclaimed when the Lisp code loses the last "handle".
> Instead they are only reclaimed when the Lisp code calls
> remove-watch explicitly.
That's true. The reason is that the C struct cannot be reclaimed as
long as the watcher thread runs, because that thread constantly
dereferences a pointer to the struct. The remove-watch API takes care
of orderly shutting down the thread (which is not trivial, because it
is mostly stuck in a system call), and then frees the struct.
> This design means we don't need a "finalizer" (i.e. code in gc_sweep
> that calls us back to free the C struct), but it also means that we may
> "leak" those C structs if the Lisp code just forgets to `remove-watch'.
Correct.
> I think that's OK for now.
I concur.
> >> > Call w32_valid_pointer_p, and in addition verify that the struct
> >> > pointed to by it has the correct magic signature.
> >> Why is that needed?
> > To make sure we never dereference a pointer that doesn't point to the
> > watch object. Since the remove-watch API accepts a Lisp integer, it
> > could be called with any arbitrary integer value.
>
> But as long as the table is not corrupted, there's no risk of such
> a thing happening anyway.
Right.
> > IOW, I don't want to crash, even if somehow a bad pointer is found in
> > the alist described below.
>
> OK, so it's just done out of paranoia. That's fine, but please make it
> clear in the code, e.g. by placing it in an eassert.
Will do.
> > As I wrote, the reason for this design of the alist was to be 100%
> > compatible with what Rüdiger did. Otherwise, I could keep CALLBACK in
> > the C struct as well, for example.
>
> I think it's OK. Encoding C pointers in Lisp integers is pretty ugly,
> so we should make sure that no part of the design depends on it (so it
> can be changed in the future)
Well, the way to get the pointer to the struct given the descriptor
and vice versa _will_ have to change if the design changes. Other
than that, nothing depends on that.
> and we should also make it very clear in the doc that Elisp code
> should not rely on those handles being integers (treat them as black
> boxes instead).
They are documented as "descriptors". I will see if there's a place
to make the point you want to drive home.
Anyway, I guess I'm waiting for Rüdiger to install his changes, is
that right?
next prev parent reply other threads:[~2012-10-19 18:54 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-10-15 21:24 Lisp object that refers to a C struct Eli Zaretskii
2012-10-16 1:07 ` Stefan Monnier
2012-10-16 3:53 ` Eli Zaretskii
2012-10-16 13:11 ` Stefan Monnier
2012-10-16 17:22 ` Eli Zaretskii
2012-10-16 21:43 ` Stefan Monnier
2012-10-17 4:05 ` Eli Zaretskii
2012-10-17 6:21 ` Stephen J. Turnbull
2012-10-17 15:50 ` Eli Zaretskii
2012-10-17 17:45 ` Stephen J. Turnbull
2012-10-17 13:34 ` Stefan Monnier
2012-10-17 16:08 ` Eli Zaretskii
2012-10-17 20:23 ` Stefan Monnier
2012-10-17 20:46 ` Eli Zaretskii
2012-10-17 22:08 ` Paul Eggert
2012-10-18 0:22 ` Stefan Monnier
2012-10-18 3:43 ` Stephen J. Turnbull
2012-10-18 4:50 ` Eli Zaretskii
2012-10-18 7:20 ` Paul Eggert
2012-10-18 11:09 ` Eli Zaretskii
2012-10-18 16:42 ` Paul Eggert
2012-10-18 17:21 ` Eli Zaretskii
2012-10-18 8:52 ` Juanma Barranquero
2012-10-18 11:17 ` Eli Zaretskii
2012-10-18 12:33 ` Stefan Monnier
2012-10-18 17:16 ` Eli Zaretskii
2012-10-18 22:09 ` Stefan Monnier
2012-10-19 7:14 ` Eli Zaretskii
2012-10-19 14:44 ` Stefan Monnier
2012-10-19 18:54 ` Eli Zaretskii [this message]
2012-10-19 21:35 ` Stefan Monnier
2012-10-19 22:35 ` Eli Zaretskii
2012-10-20 1:52 ` Stefan Monnier
2012-10-20 8:34 ` Eli Zaretskii
2012-10-17 16:05 ` Eli Zaretskii
2012-10-17 16:59 ` Davis Herring
2012-10-17 20:27 ` Stefan Monnier
2012-10-17 21:02 ` Eli Zaretskii
2012-10-18 0:23 ` Stefan Monnier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=83txtqz40n.fsf@gnu.org \
--to=eliz@gnu.org \
--cc=eggert@cs.ucla.edu \
--cc=emacs-devel@gnu.org \
--cc=lekktu@gmail.com \
--cc=monnier@IRO.UMontreal.CA \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.