[zeromq-dev] Introducing Caravan: Simple, Faithful ZMQ-Bindings for Objective Caml
Guillaume Yziquel
guillaume.yziquel at citycable.ch
Sun Apr 3 19:28:05 CEST 2011
Le Sunday 03 Apr 2011 à 12:33:29 (-0400), Brian Ledger a écrit :
> To the ZeroMQ Community,
>
> Caravan represents my interpretation of the Zero-MQ API into Objective
> Caml.It is true that there exists an OCaml-ZMQ binding, but I think
> that my implementation will bear comparison. I will enumerate the
> features of Caravan which distinguish it from OCaml-ZMQ.
Noticed it with interest.
However, a few things:
-1- No zmq_poll()... snif...
-2- line 87 of wrapper.c, in wrap_socket():
void * socket = zmq_socket(context, type);
if (socket) {
CAMLreturn((value) socket);
}
This is inherently unsafe:
OCaml's GC relies on the low weight bits of a value (i.e. a long) to
determine whether or not this is a pointer into the memory, or an
integral type (such as an integer).
In your case, you have a number of issues:
Background: if the low bits are not null, it is considered as
integral type, and the GC does not follow it. Good enough. If the low
bits are null, the GC follows the pointer if it points in the GC heap,
and doesn't if it points outside of the GC heap. Yours points outside of
the GC heap. Fair enough.
However, this can get to a segfault in the following conditions:
-1- You allocate a socket outside of OCaml's GC heap.
-2- You store the (value) socket pointer in some code.
-3- You free the socket pointer.
-4- Stuff happens
-5- OCaml's GC claims a part of memory in the heap that
your pointer points into.
-6- OCaml garbage collection, finds your pointer, finds that it points
in OCaml's GC heap, therefore assumes it points to an OCaml value,
and then interprets it a such.
-7- Segfault likely.
I'm not meaning to downplay your binding, as it is a very nice effort.
But OCaml GC memory management can get tricky. A simple advice: wrap up
your pointers to stuff outside the heap within so-called custom blocks.
Take care of declaring appropriate finalisers, and your binding will be
much safer.
Best regards,
--
Guillaume Yziquel
More information about the zeromq-dev
mailing list