From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail4-relais-sop.national.inria.fr (mail4-relais-sop.national.inria.fr [192.134.164.105]) by walapai.inria.fr (8.13.6/8.13.6) with ESMTP id q42Ebcv8006116 for ; Wed, 2 May 2012 16:37:38 +0200 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AsQBADpGoU9KfVM2kGdsb2JhbABEr3qCewgiAQEBAQkJDQcUBCOCCQEBAQQSAjUwEAsLAwouAiASAQUBHAYTGgiHawucEQkDnkuRCASOd4EjhWSBEY1RPYQN X-IronPort-AV: E=Sophos;i="4.75,516,1330902000"; d="scan'208";a="142305728" Received: from mail-ee0-f54.google.com ([74.125.83.54]) by mail4-smtp-sop.national.inria.fr with ESMTP/TLS/RC4-SHA; 02 May 2012 16:37:20 +0200 Received: by eekd17 with SMTP id d17so274099eek.27 for ; Wed, 02 May 2012 07:37:20 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:x-gm-message-state; bh=EBQZF9rhOysw7gRdT6pW5c2MRLJBJytJfYIqNqSVPK8=; b=jL1KgMFagOjECGl3Ob1te2ZsbZVK3NM42Ql0aoiBIeePiiqClRqrzsEUtjquo9aJa8 hTAEpZ41LrtIfpkUUeSMe592RF/0lmc9f5u28yAc+VRS0Ine33Fhc9ArATckSknS9Ukd nW0H3LoVbv2BsJ2cFJL5yn0NrrFnjSZob/6icZ9SUdgXucmV7rPjvCHy+tMRI8vknWzp 0TXQx4LXBDKSeacbfsoU2ahRLV9TSvl4Gwnl6SPqdz3yuDZTxXk+n2RKq3mXdVhNvrYD 3+FbMe9ZicmgsVsGFxzaTXFuxvM6GS4uo4mk0EnRBFG2OMS+s3Toddh8U2N89xChuLeG oLJA== MIME-Version: 1.0 Received: by 10.50.193.132 with SMTP id ho4mr5254436igc.17.1335969439444; Wed, 02 May 2012 07:37:19 -0700 (PDT) Received: by 10.50.163.102 with HTTP; Wed, 2 May 2012 07:37:19 -0700 (PDT) In-Reply-To: References: Date: Wed, 2 May 2012 16:37:19 +0200 Message-ID: From: Alexey Rodriguez To: David Allsopp Cc: "caml-list@inria.fr" Content-Type: multipart/mixed; boundary=14dae9340b37de6ed704bf0e9f8e X-Gm-Message-State: ALoCoQlIWwRUcYJ+q73c/PNj4gap8yCqBmYy9QckwBNBgYH8D7MUhBEdDvaMpmTnAMFAbXfWrI4Q Subject: Re: [Caml-list] Exception values may crash GC when interfacing C and Caml --14dae9340b37de6ed704bf0e9f8e Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable I added a warning to the documentation. Can someone with commit rights have a look at it and apply it? This would have definitely saved us a lot of time. And I am sure this will help other people too. Cheers, Alexey On Wed, May 2, 2012 at 1:28 PM, David Allsopp wrot= e: > Alexey Rodriguez wrote: >> Dear all, >> >> We are experiencing crashes in Caml-calling C code. This happens if >> garbage collection runs after Caml code has raised an exception. We now >> understand why this happens but we are puzzled as to why the "Interfacing >> C with Ocaml" chapter of the Ocaml manual doesn't warn about this >> situation. >> >> Suppose you have C code that calls Caml code as follows: >> >> ... >> CAMLparam2(v1,v2); >> CAMLlocal2(...,res); >> res =3D callback2_exn(...,v1,v2); >> foobar(); >> ... >> >> We have found that this code will crash with "Fatal error: out of memory= ." >> if the following two things happen: >> * the function called by [callback2_exn] raises an exception, and >> * [foobar] triggers a garbage collection through the allocation of values >> in the Caml heap. (just calling [caml_gc_full_major] is enough to cause >> the crash). >> >> The reason for this crash is that [res] will contain an invalid pointer = if >> an exception is thrown. The GC follows this bogus pointer ([res] is >> registered as a root by [CAMLlocal2]) which ultimately causes a crash in >> the GC code. Why does [res] contain a bogus pointer? >> It's not really a bogus pointer, but the lower bits are tagged in order = to >> denote a thrown exception. These bits are usually tested/cleared by >> [Is_exception_result] and [Extract_exception]. > > This is already in the manual, but I agree that the requirement to do so = could be stated more clearly. Section 18.7.1[1], last paragraph states "The= return v of the caml_callback*_exn function **must** be tested with the ma= cro Is_exception_result(v)". It also clearly indicates that v is only a val= id [value] if Is_exception_result(v) returns false so storing the return of= caml_callback*_exn in a local root and allowing the Gc to run before you u= pdate that root with the result of Extract_exception is "obviously" a Gc vi= olation. > > > David > > [1] http://caml.inria.fr/pub/docs/manual-ocaml/manual032.html#htoc245 --=20 dr. Alexey Rodriguez Yakushev Vector Fabrics included in EE Times 'Silicon 60' list of emerging startups O +31 (0)40 8200960=A0=A0 |=A0 D + 31 (0)40 8200974 =A0|=A0 F +31 (0)40 820= 0979 Vonderweg 22, 5616 RM =A0|=A0 Eindhoven |=A0 The Netherlands www.vectorfabrics.com=A0 |=A0=A0alexey@vectorfabrics.com --14dae9340b37de6ed704bf0e9f8e Content-Type: application/octet-stream; name="warning_exception.patch" Content-Disposition: attachment; filename="warning_exception.patch" Content-Transfer-Encoding: base64 X-Attachment-Id: f_h1qhmjda0 SW5kZXg6IG1hbnVhbC9jbWRzL2ludGYtYy5ldGV4Cj09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT0KLS0tIG1hbnVhbC9jbWRzL2ludGYtYy5ldGV4CShyZXZpc2lv biAxMjQxMykKKysrIG1hbnVhbC9jbWRzL2ludGYtYy5ldGV4CSh3b3JraW5n IGNvcHkpCkBAIC0xMjczLDYgKzEyNzMsMTIgQEAKIGFuIGV4Y2VwdGlvbiBl c2NhcGVkLCBhbmQgaXRzIHZhbHVlICh0aGUgZXhjZXB0aW9uIGRlc2NyaXB0 b3IpIGNhbiBiZQogcmVjb3ZlcmVkIHVzaW5nICJFeHRyYWN0X2V4Y2VwdGlv bigiXHZhcnt2fSIpIi4KIAorXHBhcmFncmFwaHtXYXJuaW5nOn0gSWYgYW4g ZXhjZXB0aW9uIGRpZCBlc2NhcGUgdGhlIE9DYW1sIGZ1bmN0aW9uLCBcdmFy e3Z9Citkb2VzIG5vdCBjb250YWluIGEgdmFsaWQgdmFsdWUuIEl0IGZvbGxv d3MgdGhhdCBwcmlvciB0byBjYWxsaW5nIGEgbWVtb3J5LWFsbG9jYXRpbmcK K2Z1bmN0aW9uLCBcdmFye3Z9IHNob3VsZCBub3QgYmUgcmVhY2hhYmxlIGJ5 IHRoZSBnYXJiYWdlIGNvbGxlY3Rvci4gRm9yIGluc3RhbmNlLAorXHZhcnt2 fSBzaG91bGQgbm90IGJlIGFzc2lnbmVkIHRvIGEgdmFyaWFibGUgZGVjbGFy ZWQgd2l0aCBvbmUgb2YgdGhlICJDQU1MbG9jYWwqIgorbWFjcm9zLgorCiBc c3Vic2VjdGlvbntPYnRhaW5pbmcgb3IgcmVnaXN0ZXJpbmcgT0NhbWwgY2xv c3VyZXMgZm9yIHVzZSBpbiBDIGZ1bmN0aW9uc30KIAogVGhlcmUgYXJlIHR3 byB3YXlzIHRvIG9idGFpbiBPQ2FtbCBmdW5jdGlvbiB2YWx1ZXMgKGNsb3N1 cmVzKSB0bwo= --14dae9340b37de6ed704bf0e9f8e--