Re: Conservative GC isn't safe

[Eli Zaretskii]

> From: Stefan Monnier <address@hidden>
> Date: Sat, 26 Nov 2016 11:29:06 -0500
> 
> > Documentation aspects aside, if by "manipulate struct interval" you
> > mean what we do in intervals.c between the call to make_interval and
> > the return value being plugged into some Lisp object, either a buffer
> 
> Yes, basically, that kind of manipulation.

All of these cases are in intervals.c.  There are no other calls to
make_interval anywhere in our sources.

So the question is: are those _the_only_ cases that you are talking
about, or do you see any others?

> > or a string, then we could set a variable during that time, which
> > would cause an abort in GC, if that happens somehow.
> 
> Such a var would only catch some of the possible issues I think
> (there's also the issue of when we take an existing struct interval
> pointer, remove it from one lvalue and plug it into another, plus
> various other cases).
> 
> IOW it sounds difficult to make such a test be "complete" (catch
> most/all cases).

That doesn't mean we shouldn't do what we can.  Provided that we
consider this danger to be real, of course.

> I also think it could prove fiddly to avoid false positives.

How can this cause false positives?  The current code doesn't allow
any GC in those functions I described above.  This is purely a
defensive technique against possible changes in the future which will
mistakenly allow that.