Use dynamic array for channel registry, fail on registration error

The fixed-size registry (1024 entries) silently dropped registrations
when full, causing:
- Round-trip failures (capsules converted to strings)
- Memory leaks (enif_release_resource skipped)

Now uses a dynamic array that grows as needed:
- Starts at 64 entries, doubles when full
- Registration failure causes channel_alloc to fail
- No silent data loss

Author: benoitc

c_src/py_channel.c

@@ -42,73 +42,91 @@ static ERL_NIF_TERM ATOM_EMPTY;
  * A thread-safe registry of valid channel pointers. Used to validate
  * capsule pointers without dereferencing them, preventing crashes from
  * forged PyCapsules.
+ *
+ * Uses a dynamic array that grows as needed. Registration never fails.
  * ============================================================================ */
 
-#define CHANNEL_REGISTRY_SIZE 1024  /* Must be power of 2 */
-#define CHANNEL_REGISTRY_MASK (CHANNEL_REGISTRY_SIZE - 1)
+#define CHANNEL_REGISTRY_INITIAL_SIZE 64
+
+static void **g_channel_registry = NULL;
+static size_t g_channel_registry_count = 0;
+static size_t g_channel_registry_capacity = 0;
+static pthread_mutex_t g_channel_registry_lock = PTHREAD_MUTEX_INITIALIZER;
+
+/* Initialize the registry (called once, lazily) */
+static bool channel_registry_init_locked(void) {
+    if (g_channel_registry != NULL) return true;
+
+    g_channel_registry = enif_alloc(CHANNEL_REGISTRY_INITIAL_SIZE * sizeof(void *));
+    if (g_channel_registry == NULL) return false;
 
-static void *g_channel_registry[CHANNEL_REGISTRY_SIZE];
-static pthread_rwlock_t g_channel_registry_lock = PTHREAD_RWLOCK_INITIALIZER;
+    g_channel_registry_capacity = CHANNEL_REGISTRY_INITIAL_SIZE;
+    g_channel_registry_count = 0;
+    return true;
+}
 
-/* Hash a pointer to a registry index */
-static inline size_t channel_registry_hash(void *ptr) {
-    uintptr_t p = (uintptr_t)ptr;
-    /* Mix bits for better distribution */
-    p ^= p >> 16;
-    p *= 0x85ebca6b;
-    p ^= p >> 13;
-    return p & CHANNEL_REGISTRY_MASK;
+/* Grow the registry (called when full) */
+static bool channel_registry_grow_locked(void) {
+    size_t new_capacity = g_channel_registry_capacity * 2;
+    void **new_registry = enif_alloc(new_capacity * sizeof(void *));
+    if (new_registry == NULL) return false;
+
+    memcpy(new_registry, g_channel_registry, g_channel_registry_count * sizeof(void *));
+    enif_free(g_channel_registry);
+    g_channel_registry = new_registry;
+    g_channel_registry_capacity = new_capacity;
+    return true;
 }
 
 /* Register a channel pointer (called from channel_alloc) */
-static void channel_registry_add(void *ptr) {
-    pthread_rwlock_wrlock(&g_channel_registry_lock);
-    size_t idx = channel_registry_hash(ptr);
-    for (size_t i = 0; i < CHANNEL_REGISTRY_SIZE; i++) {
-        size_t slot = (idx + i) & CHANNEL_REGISTRY_MASK;
-        if (g_channel_registry[slot] == NULL) {
-            g_channel_registry[slot] = ptr;
-            break;
+static bool channel_registry_add(void *ptr) {
+    pthread_mutex_lock(&g_channel_registry_lock);
+
+    /* Initialize on first use */
+    if (g_channel_registry == NULL && !channel_registry_init_locked()) {
+        pthread_mutex_unlock(&g_channel_registry_lock);
+        return false;
+    }
+
+    /* Grow if full */
+    if (g_channel_registry_count >= g_channel_registry_capacity) {
+        if (!channel_registry_grow_locked()) {
+            pthread_mutex_unlock(&g_channel_registry_lock);
+            return false;
         }
     }
-    pthread_rwlock_unlock(&g_channel_registry_lock);
+
+    g_channel_registry[g_channel_registry_count++] = ptr;
+    pthread_mutex_unlock(&g_channel_registry_lock);
+    return true;
 }
 
 /* Unregister a channel pointer (called from destructor) */
 static void channel_registry_remove(void *ptr) {
-    pthread_rwlock_wrlock(&g_channel_registry_lock);
-    size_t idx = channel_registry_hash(ptr);
-    for (size_t i = 0; i < CHANNEL_REGISTRY_SIZE; i++) {
-        size_t slot = (idx + i) & CHANNEL_REGISTRY_MASK;
-        if (g_channel_registry[slot] == ptr) {
-            g_channel_registry[slot] = NULL;
+    pthread_mutex_lock(&g_channel_registry_lock);
+    for (size_t i = 0; i < g_channel_registry_count; i++) {
+        if (g_channel_registry[i] == ptr) {
+            /* Move last element to this slot (order doesn't matter) */
+            g_channel_registry[i] = g_channel_registry[--g_channel_registry_count];
             break;
         }
-        if (g_channel_registry[slot] == NULL) {
-            break;  /* Not found */
-        }
     }
-    pthread_rwlock_unlock(&g_channel_registry_lock);
+    pthread_mutex_unlock(&g_channel_registry_lock);
 }
 
 /* Validate a pointer without dereferencing (public API) */
 bool channel_validate(void *ptr) {
     if (ptr == NULL) return false;
 
-    pthread_rwlock_rdlock(&g_channel_registry_lock);
+    pthread_mutex_lock(&g_channel_registry_lock);
     bool found = false;
-    size_t idx = channel_registry_hash(ptr);
-    for (size_t i = 0; i < CHANNEL_REGISTRY_SIZE; i++) {
-        size_t slot = (idx + i) & CHANNEL_REGISTRY_MASK;
-        if (g_channel_registry[slot] == ptr) {
+    for (size_t i = 0; i < g_channel_registry_count; i++) {
+        if (g_channel_registry[i] == ptr) {
             found = true;
             break;
         }
-        if (g_channel_registry[slot] == NULL) {
-            break;  /* Not found */
-        }
     }
-    pthread_rwlock_unlock(&g_channel_registry_lock);
+    pthread_mutex_unlock(&g_channel_registry_lock);
     return found;
 }
 
@@ -172,8 +190,13 @@ py_channel_t *channel_alloc(size_t max_size) {
         return NULL;
     }
 
-    /* Register in the pointer registry for validation */
-    channel_registry_add(channel);
+    /* Register in the pointer registry for validation - fail if registration fails */
+    if (!channel_registry_add(channel)) {
+        pthread_mutex_destroy(&channel->mutex);
+        enif_ioq_destroy(channel->queue);
+        enif_release_resource(channel);
+        return NULL;
+    }
 
     return channel;
 }