Avoid traversing ocaml objects when not holding the runtime lock in spawn_unix
#63
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This helps ensure the stability of existing behavior in light of the upcoming bugfix to `spawn_unix`. Signed-off-by: Nick Roberts <[email protected]>
Avoid traversing OCaml data structures when the runtime lock is not held. Signed-off-by: Nick Roberts <[email protected]>
ncik-roberts
force-pushed
the
avoid-traversing-ocaml-objects-in-blocking-section
branch
from
ed49046
to
5a63016
Compare
mshinwell
requested changes
Jul 3, 2024
|
|
||
| sigprocmask_command = Long_val(v_sigprocmask_command); | ||
| sigprocmask_signals_length = Wosize_val(v_sigprocmask_signals); | ||
| sigprocmask_signals = (int*)malloc(sizeof(int) * sigprocmask_signals_length); |
There was a problem hiding this comment.
Need to check return value from malloc
|
|
||
| default: | ||
| caml_failwith("Unknown sigprocmask action"); |
There was a problem hiding this comment.
Can't call caml_failwith in this context -- need caml_leave_blocking_section (etc) first. See the cleanup when safe_pipe fails above.
There was a problem hiding this comment.
Whoops, it's as if I've never read the patch. This makes me convinced that we should split the file in two files:
- the part with bindings that runs with OCaml lock held
- the part with thread-safe code that doesn't even include any of the OCaml headers
I'll prepare a feature that does that.
There was a problem hiding this comment.
(Don’t be too hard on yourself — the failwith was there before. GitHub is just doing a bad job showing changed code, thus revealing bugs nearby.)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Copy
sigprocmaskinto C data structures before releasing the runtime lock inspawn_unix.This fixes a possible bad interaction with the GC. When the runtime lock isn't held by the current thread, another OCaml thread could run the GC and thus move around OCaml heap objects.
The PR takes the approach described in the C FFI section of the OCaml manual:
("entering a blocking section" is the same thing as "releasing the runtime system".)