MoarVM icon indicating copy to clipboard operation
MoarVM copied to clipboard
verified publisher icon MoarVM

"Attempt to read past end of string heap when locating string" in native code with a function pointer

Open jjatria opened this issue 4 years ago • 0 comments

While trying to bind into the following C function (link to implementation)

FANN_EXTERNAL struct fann_train_data *FANN_API fann_create_train_from_callback(
    unsigned int num_data, unsigned int num_input, unsigned int num_output,
    void(FANN_API *user_function)(unsigned int, unsigned int, unsigned int, fann_type *,
                                  fann_type *));

I attempted the following

use NativeCall;

class fann_train_data is repr('CPointer') {*}

sub fann_create_train_from_callback(
    uint32,
    uint32,
    uint32,
    & ( uint32, uint32, uint32, CArray[num32], CArray[num32] )
) returns fann_train_data is native('fann') {*}

fann_create_train_from_callback(
    10_000,  # iterations
    1,       # inputs
    1,       # outputs
    sub (
        uint32 $num,
        uint32 $num-input,
        uint32 $num-output,
        CArray[num32] $input,
        CArray[num32] $output,
    ) {
        note "In callback: $num";
    },
);

And got back

In callback: 0
In callback: 1
...
In callback: 9998
In callback: 9999
Attempt to read past end of string heap when locating string
  in block fann_create_train_from_callback at /home/user/.rakubrew/versions/moar-2021.10/share/perl6/core/sources/947BDAB9F96E0E5FCCB383124F923A6BF6F8D76B (NativeCall) line 636
  in block <unit> at -e line 1

Most of the time I just got a Segmentation fault instead.

If the number of iterations (the 10_000) is small enough, this would not happen.

Of note is the fact that the callback executed correctly, and all iterations ran as well, which suggests to me that this is probably a problem happening after the C code has finished running, maybe on its way back into Raku-land.

FWIW, the only two instances of this error message I could find are on compute_fast_table_upto and MVM_cu_obtain_string, both in src/core/compunit.c

Other calls to the same library work as expected. The only one that has triggered this problem has been this one that uses a callback.

Additional info:

$ raku --version
Welcome to Rakudo™ v2021.10.
Implementing the Raku® Programming Language v6.d.
Built on MoarVM version 2021.10.
$ lsb_release -d
Description:    Ubuntu 18.04.6 LTS

jjatria avatar Nov 29 '21 13:11 jjatria