View Issue Details [ Jump to Notes ]  [ Issue History ] [ Print ] 
ID  Project  Category  View Status  Date Submitted  Last Update 
0006385  OCaml  runtime system and C interface  public  20140429 20:53  20151211 19:26 

Reporter  stedolan  
Assigned To   
Priority  normal  Severity  minor  Reproducibility  always 
Status  closed  Resolution  fixed  
Platform   OS   OS Version  
Product Version   
Target Version   Fixed in Version  4.02.0+dev  

Summary  0006385: CLOSURE opcode tries to allocate large objects on the minor heap 
Description  If a function closes over more than Max_young_wosize variables, the CLOSURE opcode in interp.c will nonetheless try to allocate it on the minor heap.
When using the debug runtime, this causes an assertion failure. For a big enough function / unlucky enough minor heap state, I suspect it would cause memory corruption. 
Steps To Reproduce  Compile the attached file and run with ocamlrund. 
Tags  No tags attached. 

Attached Files  broken.ml [^] (7,192 bytes) 20140429 20:53 [Show Content] [Hide Content]let f a =
let x0 = a + 1
and x1 = a + 1
and x2 = a + 1
and x3 = a + 1
and x4 = a + 1
and x5 = a + 1
and x6 = a + 1
and x7 = a + 1
and x8 = a + 1
and x9 = a + 1
and x10 = a + 1
and x11 = a + 1
and x12 = a + 1
and x13 = a + 1
and x14 = a + 1
and x15 = a + 1
and x16 = a + 1
and x17 = a + 1
and x18 = a + 1
and x19 = a + 1
and x20 = a + 1
and x21 = a + 1
and x22 = a + 1
and x23 = a + 1
and x24 = a + 1
and x25 = a + 1
and x26 = a + 1
and x27 = a + 1
and x28 = a + 1
and x29 = a + 1
and x30 = a + 1
and x31 = a + 1
and x32 = a + 1
and x33 = a + 1
and x34 = a + 1
and x35 = a + 1
and x36 = a + 1
and x37 = a + 1
and x38 = a + 1
and x39 = a + 1
and x40 = a + 1
and x41 = a + 1
and x42 = a + 1
and x43 = a + 1
and x44 = a + 1
and x45 = a + 1
and x46 = a + 1
and x47 = a + 1
and x48 = a + 1
and x49 = a + 1
and x50 = a + 1
and x51 = a + 1
and x52 = a + 1
and x53 = a + 1
and x54 = a + 1
and x55 = a + 1
and x56 = a + 1
and x57 = a + 1
and x58 = a + 1
and x59 = a + 1
and x60 = a + 1
and x61 = a + 1
and x62 = a + 1
and x63 = a + 1
and x64 = a + 1
and x65 = a + 1
and x66 = a + 1
and x67 = a + 1
and x68 = a + 1
and x69 = a + 1
and x70 = a + 1
and x71 = a + 1
and x72 = a + 1
and x73 = a + 1
and x74 = a + 1
and x75 = a + 1
and x76 = a + 1
and x77 = a + 1
and x78 = a + 1
and x79 = a + 1
and x80 = a + 1
and x81 = a + 1
and x82 = a + 1
and x83 = a + 1
and x84 = a + 1
and x85 = a + 1
and x86 = a + 1
and x87 = a + 1
and x88 = a + 1
and x89 = a + 1
and x90 = a + 1
and x91 = a + 1
and x92 = a + 1
and x93 = a + 1
and x94 = a + 1
and x95 = a + 1
and x96 = a + 1
and x97 = a + 1
and x98 = a + 1
and x99 = a + 1
and x100 = a + 1
and x101 = a + 1
and x102 = a + 1
and x103 = a + 1
and x104 = a + 1
and x105 = a + 1
and x106 = a + 1
and x107 = a + 1
and x108 = a + 1
and x109 = a + 1
and x110 = a + 1
and x111 = a + 1
and x112 = a + 1
and x113 = a + 1
and x114 = a + 1
and x115 = a + 1
and x116 = a + 1
and x117 = a + 1
and x118 = a + 1
and x119 = a + 1
and x120 = a + 1
and x121 = a + 1
and x122 = a + 1
and x123 = a + 1
and x124 = a + 1
and x125 = a + 1
and x126 = a + 1
and x127 = a + 1
and x128 = a + 1
and x129 = a + 1
and x130 = a + 1
and x131 = a + 1
and x132 = a + 1
and x133 = a + 1
and x134 = a + 1
and x135 = a + 1
and x136 = a + 1
and x137 = a + 1
and x138 = a + 1
and x139 = a + 1
and x140 = a + 1
and x141 = a + 1
and x142 = a + 1
and x143 = a + 1
and x144 = a + 1
and x145 = a + 1
and x146 = a + 1
and x147 = a + 1
and x148 = a + 1
and x149 = a + 1
and x150 = a + 1
and x151 = a + 1
and x152 = a + 1
and x153 = a + 1
and x154 = a + 1
and x155 = a + 1
and x156 = a + 1
and x157 = a + 1
and x158 = a + 1
and x159 = a + 1
and x160 = a + 1
and x161 = a + 1
and x162 = a + 1
and x163 = a + 1
and x164 = a + 1
and x165 = a + 1
and x166 = a + 1
and x167 = a + 1
and x168 = a + 1
and x169 = a + 1
and x170 = a + 1
and x171 = a + 1
and x172 = a + 1
and x173 = a + 1
and x174 = a + 1
and x175 = a + 1
and x176 = a + 1
and x177 = a + 1
and x178 = a + 1
and x179 = a + 1
and x180 = a + 1
and x181 = a + 1
and x182 = a + 1
and x183 = a + 1
and x184 = a + 1
and x185 = a + 1
and x186 = a + 1
and x187 = a + 1
and x188 = a + 1
and x189 = a + 1
and x190 = a + 1
and x191 = a + 1
and x192 = a + 1
and x193 = a + 1
and x194 = a + 1
and x195 = a + 1
and x196 = a + 1
and x197 = a + 1
and x198 = a + 1
and x199 = a + 1
and x200 = a + 1
and x201 = a + 1
and x202 = a + 1
and x203 = a + 1
and x204 = a + 1
and x205 = a + 1
and x206 = a + 1
and x207 = a + 1
and x208 = a + 1
and x209 = a + 1
and x210 = a + 1
and x211 = a + 1
and x212 = a + 1
and x213 = a + 1
and x214 = a + 1
and x215 = a + 1
and x216 = a + 1
and x217 = a + 1
and x218 = a + 1
and x219 = a + 1
and x220 = a + 1
and x221 = a + 1
and x222 = a + 1
and x223 = a + 1
and x224 = a + 1
and x225 = a + 1
and x226 = a + 1
and x227 = a + 1
and x228 = a + 1
and x229 = a + 1
and x230 = a + 1
and x231 = a + 1
and x232 = a + 1
and x233 = a + 1
and x234 = a + 1
and x235 = a + 1
and x236 = a + 1
and x237 = a + 1
and x238 = a + 1
and x239 = a + 1
and x240 = a + 1
and x241 = a + 1
and x242 = a + 1
and x243 = a + 1
and x244 = a + 1
and x245 = a + 1
and x246 = a + 1
and x247 = a + 1
and x248 = a + 1
and x249 = a + 1
and x250 = a + 1
and x251 = a + 1
and x252 = a + 1
and x253 = a + 1
and x254 = a + 1
and x255 = a + 1
and x256 = a + 1
and x257 = a + 1
and x258 = a + 1
and x259 = a + 1
and x260 = a + 1
and x261 = a + 1
and x262 = a + 1
and x263 = a + 1
and x264 = a + 1
and x265 = a + 1
and x266 = a + 1
and x267 = a + 1
and x268 = a + 1
and x269 = a + 1
and x270 = a + 1
and x271 = a + 1
and x272 = a + 1
and x273 = a + 1
and x274 = a + 1
and x275 = a + 1
and x276 = a + 1
and x277 = a + 1
and x278 = a + 1
and x279 = a + 1
and x280 = a + 1
and x281 = a + 1
and x282 = a + 1
and x283 = a + 1
and x284 = a + 1
and x285 = a + 1
and x286 = a + 1
and x287 = a + 1
and x288 = a + 1
and x289 = a + 1
and x290 = a + 1
and x291 = a + 1
and x292 = a + 1
and x293 = a + 1
and x294 = a + 1
and x295 = a + 1
and x296 = a + 1
and x297 = a + 1
and x298 = a + 1
and x299 = a + 1
and x300 = a + 1 in
[fun z > z
+ x0
+ x1
+ x2
+ x3
+ x4
+ x5
+ x6
+ x7
+ x8
+ x9
+ x10
+ x11
+ x12
+ x13
+ x14
+ x15
+ x16
+ x17
+ x18
+ x19
+ x20
+ x21
+ x22
+ x23
+ x24
+ x25
+ x26
+ x27
+ x28
+ x29
+ x30
+ x31
+ x32
+ x33
+ x34
+ x35
+ x36
+ x37
+ x38
+ x39
+ x40
+ x41
+ x42
+ x43
+ x44
+ x45
+ x46
+ x47
+ x48
+ x49
+ x50
+ x51
+ x52
+ x53
+ x54
+ x55
+ x56
+ x57
+ x58
+ x59
+ x60
+ x61
+ x62
+ x63
+ x64
+ x65
+ x66
+ x67
+ x68
+ x69
+ x70
+ x71
+ x72
+ x73
+ x74
+ x75
+ x76
+ x77
+ x78
+ x79
+ x80
+ x81
+ x82
+ x83
+ x84
+ x85
+ x86
+ x87
+ x88
+ x89
+ x90
+ x91
+ x92
+ x93
+ x94
+ x95
+ x96
+ x97
+ x98
+ x99
+ x100
+ x101
+ x102
+ x103
+ x104
+ x105
+ x106
+ x107
+ x108
+ x109
+ x110
+ x111
+ x112
+ x113
+ x114
+ x115
+ x116
+ x117
+ x118
+ x119
+ x120
+ x121
+ x122
+ x123
+ x124
+ x125
+ x126
+ x127
+ x128
+ x129
+ x130
+ x131
+ x132
+ x133
+ x134
+ x135
+ x136
+ x137
+ x138
+ x139
+ x140
+ x141
+ x142
+ x143
+ x144
+ x145
+ x146
+ x147
+ x148
+ x149
+ x150
+ x151
+ x152
+ x153
+ x154
+ x155
+ x156
+ x157
+ x158
+ x159
+ x160
+ x161
+ x162
+ x163
+ x164
+ x165
+ x166
+ x167
+ x168
+ x169
+ x170
+ x171
+ x172
+ x173
+ x174
+ x175
+ x176
+ x177
+ x178
+ x179
+ x180
+ x181
+ x182
+ x183
+ x184
+ x185
+ x186
+ x187
+ x188
+ x189
+ x190
+ x191
+ x192
+ x193
+ x194
+ x195
+ x196
+ x197
+ x198
+ x199
+ x200
+ x201
+ x202
+ x203
+ x204
+ x205
+ x206
+ x207
+ x208
+ x209
+ x210
+ x211
+ x212
+ x213
+ x214
+ x215
+ x216
+ x217
+ x218
+ x219
+ x220
+ x221
+ x222
+ x223
+ x224
+ x225
+ x226
+ x227
+ x228
+ x229
+ x230
+ x231
+ x232
+ x233
+ x234
+ x235
+ x236
+ x237
+ x238
+ x239
+ x240
+ x241
+ x242
+ x243
+ x244
+ x245
+ x246
+ x247
+ x248
+ x249
+ x250
+ x251
+ x252
+ x253
+ x254
+ x255
+ x256
+ x257
+ x258
+ x259
+ x260
+ x261
+ x262
+ x263
+ x264
+ x265
+ x266
+ x267
+ x268
+ x269
+ x270
+ x271
+ x272
+ x273
+ x274
+ x275
+ x276
+ x277
+ x278
+ x279
+ x280
+ x281
+ x282
+ x283
+ x284
+ x285
+ x286
+ x287
+ x288
+ x289
+ x290
+ x291
+ x292
+ x293
+ x294
+ x295
+ x296
+ x297
+ x298
+ x299
+ x300]
let _ = Printf.printf "%d\n" (List.hd (f 1) 42);;

