On Tue, Apr 24, 2012 at 4:15 AM, Austin Clements <amdragon@mit.edu> wrote: > Quoth Felipe Contreras on Apr 24 at 3:45 am: >> On Tue, Apr 24, 2012 at 2:46 AM, Ali Polatel <alip@exherbo.org> wrote: >> > 2012/4/24 Felipe Contreras <felipe.contreras@gmail.com>: >> >> >> Personally I don't see why an object, like say a query would remain >> >> working correctly after the database is gone, either by calling >> >> .close() directly, or just loosing the pointer to the original object. >> >> I don't think users would expect that, or, even if they somehow found >> >> it useful, that most likely would be very seldom, and hardly worth >> >> worrying about it. >> > >> > Working correctly is not expected but wouldn't it be more appropriate >> > to throw an exception rather than dumping core or printing on standard error? >> >> Sure, if that was possible. >> >> > I wonder whether we can make both work somehow. >> > Maybe by using talloc explicitly and keeping reference pointers? >> > I don't know whether it's worth bothering. >> >> Maybe, I don't see how, that's just not how C works. Maybe talloc does >> have some way to figure out if a pointer has been freed, but I doubt >> that, and I can't find it by grepping through the API. >> >> Another option would be hook into talloc's destructor so we know when >> an object is freed and taint it, but then we would be overriding >> notmuch's destructor, and there's no way around that (unless we tap >> into talloc's internal structures). A way to workaround that would be >> to modify notmuch's API so that we can specify a destructor for >> notmuch objects, but that would be tedious, and I doubt a lof people >> beside us would benefit from that. > > I believe (though I might be wrong) that bindings could simply > maintain their own talloc references to C objects returned by > libnotmuch to prevent them from being freed until the wrapper object > is garbage collected. This would require modifying all of the > library's _destroy functions to use talloc_find_parent_bytype and > talloc_unlink instead of simply calling talloc_free, but I don't think > this change would be particularly invasive and it certainly wouldn't > affect the library interface. That might work, but still, I don't see why this patch can't be applied. Cheers. -- Felipe Contreras