Return-Path: <amdragon@mit.edu>
X-Original-To: notmuch@notmuchmail.org
Delivered-To: notmuch@notmuchmail.org
Received: from localhost (localhost [127.0.0.1])
	by olra.theworths.org (Postfix) with ESMTP id 6219E429E26
	for <notmuch@notmuchmail.org>; Fri,  9 Sep 2011 10:51:02 -0700 (PDT)
X-Virus-Scanned: Debian amavisd-new at olra.theworths.org
X-Spam-Flag: NO
X-Spam-Score: -0.7
X-Spam-Level: 
X-Spam-Status: No, score=-0.7 tagged_above=-999 required=5
	tests=[RCVD_IN_DNSWL_LOW=-0.7] autolearn=disabled
Received: from olra.theworths.org ([127.0.0.1])
	by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id KuUa1h2807sf for <notmuch@notmuchmail.org>;
	Fri,  9 Sep 2011 10:51:01 -0700 (PDT)
Received: from dmz-mailsec-scanner-7.mit.edu (DMZ-MAILSEC-SCANNER-7.MIT.EDU
	[18.7.68.36])
	by olra.theworths.org (Postfix) with ESMTP id AF0A5431FB6
	for <notmuch@notmuchmail.org>; Fri,  9 Sep 2011 10:51:01 -0700 (PDT)
X-AuditID: 12074424-b7bcaae000000a05-78-4e6a523e1fe6
Received: from mailhub-auth-1.mit.edu ( [18.9.21.35])
	by dmz-mailsec-scanner-7.mit.edu (Symantec Messaging Gateway) with SMTP
	id E5.A8.02565.E325A6E4; Fri,  9 Sep 2011 13:51:58 -0400 (EDT)
Received: from outgoing.mit.edu (OUTGOING-AUTH.MIT.EDU [18.7.22.103])
	by mailhub-auth-1.mit.edu (8.13.8/8.9.2) with ESMTP id p89Hoxua027925; 
	Fri, 9 Sep 2011 13:51:00 -0400
Received: from awakening.csail.mit.edu (awakening.csail.mit.edu [18.26.4.91])
	(authenticated bits=0)
	(User authenticated as amdragon@ATHENA.MIT.EDU)
	by outgoing.mit.edu (8.13.6/8.12.4) with ESMTP id p89HowDL020438
	(version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NOT);
	Fri, 9 Sep 2011 13:50:59 -0400 (EDT)
Received: from amthrax by awakening.csail.mit.edu with local (Exim 4.72)
	(envelope-from <amdragon@mit.edu>)
	id 1R25Ga-000685-Al; Fri, 09 Sep 2011 13:53:28 -0400
Date: Fri, 9 Sep 2011 13:53:28 -0400
From: Austin Clements <amdragon@MIT.EDU>
To: Sebastian Spaeth <Sebastian@sspaeth.de>
Subject: Re: Memory management practices
Message-ID: <20110909175328.GV5688@mit.edu>
References: <8739h1pbaq.fsf@gmail.com> <87pqjprzu2.fsf@gmail.com>
	<20110829183010.GA2605@24f89f8c-e6a1-4e75-85ee-bb8a3743bb9f>
	<87liucyn7i.fsf@gmail.com> <87aaag3xaf.fsf@gmail.com>
	<CAH-f9WsfHUm_D-+wB89Lt9Wt=hjwDyywvJTK-0NwmHRg0TUsxQ@mail.gmail.com>
	<CAH-f9WveBfvmv2jOF+C81OeeQJt06g6U0q3J_idHrs60DLw7+g@mail.gmail.com>
	<87zkiff8in.fsf@SSpaeth.de> <20110908151557.GM5688@mit.edu>
	<8762l22hgk.fsf@SSpaeth.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <8762l22hgk.fsf@SSpaeth.de>
User-Agent: Mutt/1.5.20 (2009-06-14)
X-Brightmail-Tracker:
 H4sIAAAAAAAAA+NgFtrKKsWRmVeSWpSXmKPExsUixCmqrGsXlOVncOy/iEXj33tMFjOf7GW2
	WL5KyuL6zZnMFrPmzGN0YPV4vXoaq8fOWXfZPZ5OmMzu8WzVLWaPxV+WsgSwRnHZpKTmZJal
	FunbJXBlrL6/gb3gnGjFloU/WRoYXwl2MXJySAiYSCzo3M0CYYtJXLi3nq2LkYtDSGAfo8TP
	8yehnPWMEs/+vGKEcE4wSbz++YkFwlnCKDHx0zQ2kH4WARWJ283/2EFsNgENiW37lzOC2CIC
	2hJHW3awgjQwC2xllPj3rgmsSBioaOaDbrBmXqCi3rmn2SGmrmCWOHrxCiNEQlDi5MwnYBcy
	C2hJ3Pj3kqmLkQPIlpZY/o8DJMwJNOdb30SwmaJAR1zb3842gVFoFpLuWUi6ZyF0L2BkXsUo
	m5JbpZubmJlTnJqsW5ycmJeXWqRrrpebWaKXmlK6iREUF+wuKjsYmw8pHWIU4GBU4uFdaZrl
	J8SaWFZcmXuIUZKDSUmUNzsQKMSXlJ9SmZFYnBFfVJqTWnyIUYKDWUmEN04CKMebklhZlVqU
	D5OS5mBREue12engJySQnliSmp2aWpBaBJOV4eBQkuDNAxkqWJSanlqRlplTgpBm4uAEGc4D
	NPxpAMjw4oLE3OLMdIj8KUZjjvNrrx9n5Dh0+NZxRiGWvPy8VClxXlOQcQIgpRmleXDTYKnt
	FaM40HPCvIkgVTzAtAg37xXQKiagVQHbM0FWlSQipKQaGGt2/njcXqWUy8qybdeXbfd+1aaL
	8B40Xr/trMmeVrlI24fL7n3sTtFZ+OzSfYE7m9evsHqZr9ip+XVny2pjrZPiOXdMlxrN9Kkr
	2Pkw9eT3lj0M2+7cvG2iV7YnOWVyz72rqtvWeWR/K+9sr8y8YyBZs7pEsK3OfmtU7jerbRV7
	44oOf1luGqPEUpyRaKjFXFScCAC+6weZSAMAAA==
Cc: Bertram Felgenhauer <bertram.felgenhauer@googlemail.com>,
	Bart Massey <bart@cs.pdx.edu>, notmuch <notmuch@notmuchmail.org>
X-BeenThere: notmuch@notmuchmail.org
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: "Use and development of the notmuch mail system."
	<notmuch.notmuchmail.org>
List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,
	<mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>
List-Archive: <http://notmuchmail.org/pipermail/notmuch>
List-Post: <mailto:notmuch@notmuchmail.org>
List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>
List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,
	<mailto:notmuch-request@notmuchmail.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Sep 2011 17:51:02 -0000

Quoth Sebastian Spaeth on Sep 09 at 11:27 am:
> On Thu, 8 Sep 2011 11:15:57 -0400, Austin Clements <amdragon@MIT.EDU> wrote:
> > In general, a garbage collector can't make any guarantees about
> > finalization order.  When a collection of objects all become
> > unreachable simultaneously (for example, the last reference to any
> > Messages object is dropped, causing the Query object and the Message
> > object to both become unreachable), the garbage collector *could*
> > finalize the Query first (causing talloc to free the
> > notmuch_messages_t) and then the Messages object (causing it to
> > crash).  There's no guarantee in general because, in the presence of
> > cycles, there is no meaningful finalization order.
> 
> Right, but that should not pose a problem for python. If e.g. both a
> Query and derived Message objects become unreachable, the python objects
> would not care which object is ditched and deleted first. Currently, it
> seems that we finalize the Messages first, and the Query second. But we
> would not fail if the Query were finalized first. Granted, the
> underlying libnotmuch Message objects were torn away while the python
> Message objects were still around. But they would ultimately also be
> sweeped away, and that would not cause any problems.
> 
> But I am sure that I am missing out something. I'll leave this
> discussion to the pros :-).

Ah, the *Python* objects don't care, but the underlying C objects do.
Suppose the Query were finalized first.  Python calls Query.__del__,
which calls notmuch_query_destroy, which releases the underlying
talloc references to the C notmuch_messages_t objects, causing talloc
to free the notmuch_messages_t.  Messages._msgs now points to freed
memory, so when Python then finalizes the Messages object,
Messages.__del__ will pass this dangling pointer to
notmuch_messages_destroy, which will crash.

Hence my suggestion that, rather than trying to emulate C-style memory
management in bindings, bindings should create an additional talloc
reference to the underlying objects and rather than calling
notmuch_*_destroy during finalization, they should simply unlink this
additional reference.  Any remaining library-created references will
keep the object alive as long as it's still needed by the library.
Then there's also no need to replicate the library's reference
structure in the bindings (though there is a danger of needlessly
delaying free's when the library creates convenience references like
the one from notmuch_query_t to notmuch_messages_t; for these I'd
recommend that the bindings undo such references, which requires a
little knowledge of the library's reference structure, but nothing
beyond what should be documented).