Home My Page Projects Code Snippets Project Openings SML/NJ Bugs
Summary Activity Tracker Lists

[#216] run-time system fatal error with large top-level value

Date:
2018-10-08 03:06
Priority:
3
State:
Closed
Submitted by:
Bug Submitter (webuser)
Assigned to:
John Reppy (jhr)
Machine Architecture:
None
Operating System:
Generic Unix
Component:
Compiler
Resolution:
Fixed
Severity:
Major
OS Version:
(confirmed on Linux, Mac, and Windows)
SML/NJ Version:
110.84
Keywords:
URL:
Transcript (of reproduction):
-bash-4.2$ sml /cse/web/courses/cse341/18au/buggy.sml Standard ML of New Jersey v110.84 [built: Wed Sep 19 18:31:10 2018] [opening /cse/web/courses/cse341/18au/buggy.sml] /usr/lib/smlnj/bin/sml: Fatal error -- bad string tag 0, obj = 0xf4326a68, desc = 0x61a0000
Source (for reproduction):
The smallest file I have is ~2000 lines, so I've put it here: https://courses.cs.washington.edu/courses/cse341/18au/buggy.sml It contains only two top-level bindings. This file will trigger the bug on Linux or Mac, but not on Windows. If you want an even larger file for Windows, email me -- I have it. :)
Summary:
run-time system fatal error with large top-level value

Detailed description
Reusing a homework assignment we used successfully several times between Winter 2017 and Winter 2018,
we are now seeing fatal errors in 110.84 and 110.83 that look like one of these:

Fatal error -- bad string tag 0, obj = 0x7f6000c, desc = 0xa110200

Fatal error -- bad string tag 0, obj = 0xf3cf6a68, desc = 0x61a0000

We are not seeing these errors with 110.82, so we'll ask students to revert to that version.

Smells like a bug that requires GC to trigger, so producing a small file that causes the bug seems difficult.
Additional comments:
Probably unrelated to this crashing bug, but we'd love to have students be able to load a file like buggy.sml but
with a million reocrds instead of 100 or 1000, but SML becomes intractably slow reading it in
(even a file like the provided one but 10x larger takes several seconds to load).

Actually parsing a real json file with an SML-written parser is of
course super-speedy, but writing such a parser is the extra credit for
the assignment, so we can't give them the parser, which is why we
give them these .sml files with large top-level values.

This slow parsing has been the case for all versions.

Submitted via web form by Dan Grossman <djg@cs.washington.edu>

Comments:

Message  ↓
Date: 2018-10-08 14:01
Sender: John Reppy

This problem was introduced in 110.83 when the old- literal-bytecode interpreter was split off into a different function (BuildLiteralsV1). Because the 8-byte header was already consumed, the byte code pointer (lits) was pointing into the heap object for the literals, instead of pointing to the head of the object. If a major GC happened during literal construction, then this pointer confused the GC, which resulted in the error message.

The bug has been fixed for 110.85.

Attached Files:

Changes

Field Old Value Date By
status_idOpen2018-10-08 14:01jhr
close_dateNone2018-10-08 14:01jhr
assigned_tonone2018-10-08 14:01jhr
detailsReusing a homework assignment we used successfully several times between Winter 2017 and Winter 2018, we are now seeing fatal errors in 110.84 and 110.83 that look like one of these: Fatal error -- bad string tag 0, obj = 0x7f6000c, desc = 0xa110200 Fatal error -- bad string tag 0, obj = 0xf3cf6a68, desc = 0x61a0000 We are not seeing these errors with 110.82, so we'll ask students to revert to that version. Smells like a bug that requires GC to trigger, so producing a small file that causes the bug seems difficult. Additional comments: Probably unrelated to this crashing bug, but we'd love to have students be able to load a file like buggy.sml but with a million reocrds instead of 100 or 1000, but SML becomes intractably slow reading it in (even a file like the provided one but 10x larger takes several seconds to load). Actually parsing a real json file with an SML-written parser is of course super-speedy, but writing such a parser is the extra credit for the assignment, so we can't give them the parser, which is why we give them these .sml files with large top-level values. This slow parsing has been the case for all versions. Submitted via web form by Dan Grossman <djg@cs.washington.edu> 2018-10-08 14:01jhr
ResolutionNone2018-10-08 14:01jhr
SML/NJ Version110.84 and 110.832018-10-08 14:01jhr
Transcript (of reproduction)-bash-4.2$ sml /cse/web/courses/cse341/18au/buggy.sml Standard ML of New Jersey v110.84 [built: Wed Sep 19 18:31:10 2018] [opening /cse/web/courses/cse341/18au/buggy.sml] /usr/lib/smlnj/bin/sml: Fatal error -- bad string tag 0, obj = 0xf4326a68, desc = 0x61a0000 2018-10-08 14:01jhr
Source (for reproduction) The smallest file I have is ~2000 lines, so I've put it here: https://courses.cs.washington.edu/courses/cse341/18au/buggy.sml It contains only two top-level bindings. This file will trigger the bug on Linux or Mac, but not on Windows. If you want an even larger file for Windows, email me -- I have it. :)2018-10-08 14:01jhr