MantisBT - OCaml
View Issue Details
0006489OCamlback end (clambda to assembly)public2014-07-15 21:462015-12-11 19:28
Richard Jones 
shinwell 
normalcrashalways
closedfixed 
4.02.0+beta1 / +rc1 
4.02.0+dev 
0006489: caml_callback2 crashes on aarch64
caml_callback2 segfaults when called, on aarch64.
Compile the attached program using:

ocamlopt.opt callback.c callback_ml.ml -o callback

Then run it using:

./callback

The output is:

$ ./callback
f1 (100)
Segmentation fault

Note that caml_callback and caml_callback3 are fine, it's just caml_callback2 which fails.
No tags attached.
c callback.c (461) 2014-07-15 21:46
https://caml.inria.fr/mantis/file_download.php?file_id=1253&type=bug
? callback_ml.ml (233) 2014-07-15 21:47
https://caml.inria.fr/mantis/file_download.php?file_id=1254&type=bug
Issue History
2014-07-15 21:46Richard JonesNew Issue
2014-07-15 21:46Richard JonesFile Added: callback.c
2014-07-15 21:47Richard JonesFile Added: callback_ml.ml
2014-07-15 21:49Richard JonesNote Added: 0011827
2014-07-15 23:28Richard JonesNote Added: 0011828
2014-07-15 23:32Richard JonesNote Added: 0011829
2014-07-16 08:36shinwellNote Added: 0011830
2014-07-16 08:36shinwellStatusnew => resolved
2014-07-16 08:36shinwellFixed in Version => 4.02.0+dev
2014-07-16 08:36shinwellResolutionopen => fixed
2014-07-16 08:36shinwellAssigned To => shinwell
2015-12-11 19:28xleroyStatusresolved => closed
2017-02-23 16:35doligezCategoryOCaml backend (code generation) => Back end (clambda to assembly)
2017-02-23 16:44doligezCategoryBack end (clambda to assembly) => back end (clambda to assembly)

Notes
(0011827)
Richard Jones   
2014-07-15 21:49   
Well, that's not *quite* true. All of the caml_callback* functions cause heap corruption. If you call Gc.compact () after any of them, then it will segfault. Only caml_callback2 segfaults on its own without any help.
(0011828)
Richard Jones   
2014-07-15 23:28   
Please ignore the previous comment, as I made a mistake in my test. Only caml_callback2 is problematic.
(0011829)
Richard Jones   
2014-07-15 23:32   
This is caused by a missing close comment */ here:

https://github.com/ocaml/ocaml/blob/4.02/asmrun/arm64.S#L481 [^]

The fix is:

--- a/asmrun/arm64.S
+++ b/asmrun/arm64.S
@@ -478,7 +478,7 @@ caml_callback2_exn:
     /* Initial shuffling of arguments (x0 = closure, x1 = arg1, x2 = arg2) */
         mov TMP, x0
         mov x0, x1 /* x0 = first arg */
- mov x1, x2 /* x1 = second arg
+ mov x1, x2 /* x1 = second arg */
         mov x2, TMP /* x2 = closure environment */
         ADDRGLOBAL(ARG, caml_apply2)
         b .Ljump_to_caml
(0011830)
shinwell   
2014-07-16 08:36   
Very good. Thanks for the fix. Committed to 4.02 and trunk.