
<div dir="ltr">would an alternative be to provide a helper that bundles a finalizer with the stable pointer and doens't allow explicit free on the associated stable pointer?</div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Feb 6, 2018 at 4:11 AM, Simon Peyton Jones via Libraries <span dir="ltr"><<a href="mailto:libraries@haskell.org" target="_blank">libraries@haskell.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">


<div lang="EN-GB" link="blue" vlink="purple">

<div class="m_1419794160554187569WordSection1">

<p class="MsoNormal"><span style="font-size:12.0pt">Catching double-frees does sound like a good idea to me.<u></u><u></u></span></p>

<p class="MsoNormal"><span style="font-size:12.0pt"><u></u> <u></u></span></p>

<p class="MsoNormal"><span style="font-size:12.0pt">Also, is the wisdom in Roman’s post captured in the StablePtr docs?  If not, can someone do that?<u></u><u></u></span></p>

<p class="MsoNormal"><span style="font-size:12.0pt"><u></u> <u></u></span></p>

<p class="MsoNormal"><span style="font-size:12.0pt">Simon<u></u><u></u></span></p>

<p class="MsoNormal"><span style="font-size:12.0pt"><u></u> <u></u></span></p>

<div style="border:none;border-left:solid blue 1.5pt;padding:0cm 0cm 0cm 4.0pt">

<div>

<div style="border:none;border-top:solid #e1e1e1 1.0pt;padding:3.0pt 0cm 0cm 0cm">

<p class="MsoNormal"><b><span lang="EN-US">From:</span></b><span lang="EN-US"> Libraries [mailto:<a href="mailto:libraries-bounces@haskell.org" target="_blank">libraries-bounces@<wbr>haskell.org</a>]

<b>On Behalf Of </b>Gershom B<br>

<b>Sent:</b> 05 February 2018 01:38<br>

<b>To:</b> Haskell Libraries <<a href="mailto:libraries@haskell.org" target="_blank">libraries@haskell.org</a>><br>

<b>Subject:</b> Preventing double-free error with `stablePtr`<u></u><u></u></span></p>

</div>

</div><div><div class="h5">

<p class="MsoNormal"><u></u> <u></u></p>

<div id="m_1419794160554187569bloop_customfont">

<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Helvetica",sans-serif">I was just reading Roman Cheplyaka’s very interesting blog-post here: <a href="https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fro-che.info%2Farticles%2F2018-02-03-stableptr-undefined-behavior&data=02%7C01%7Csimonpj%40microsoft.com%7C10dc6ba9e74d4ec2bbbe08d56c39361a%7Cee3303d7fb734b0c8589bcd847f1c277%7C1%7C0%7C636533915338797696&sdata=Y3cT1XpzbPoD%2BTsf2qSkFhxPMkDeyRqV073fe2IRvaY%3D&reserved=0" target="_blank">https://ro-che.info/<wbr>articles/2018-02-03-stableptr-<wbr>undefined-behavior</a>.<u></u><u></u></span></p>

</div>

<div id="m_1419794160554187569bloop_customfont">

<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Helvetica",sans-serif"><u></u> <u></u></span></p>

</div>

<div id="m_1419794160554187569bloop_customfont">

<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Helvetica",sans-serif">As he points out, the docs for `freeStablePtr` say<u></u><u></u></span></p>

</div>

<div id="m_1419794160554187569bloop_customfont">

<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Helvetica",sans-serif"><u></u> <u></u></span></p>

</div>

<div id="m_1419794160554187569bloop_customfont">

<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Helvetica",sans-serif;color:black">"</span><span style="font-size:10.0pt;font-family:"Helvetica",sans-serif">if the stable pointer is passed to deRefStablePtr or freeStablePtr, the behaviour is

 undefined.”<u></u><u></u></span></p>

</div>

<div id="m_1419794160554187569bloop_customfont">

<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Helvetica",sans-serif"><u></u> <u></u></span></p>

</div>

<div id="m_1419794160554187569bloop_customfont">

<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Helvetica",sans-serif">And indeed we can observe weird behavior as a result of sucn an error.<u></u><u></u></span></p>

</div>

<div id="m_1419794160554187569bloop_customfont">

<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Helvetica",sans-serif"><u></u> <u></u></span></p>

</div>

<div id="m_1419794160554187569bloop_customfont">

<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Helvetica",sans-serif">A deRef of a stable pointer is arguably the sort of sharp-edge we know how to code to avoid. But a double free is a bit trickier. Would it be worth adding a bit more overhead

 to make such an operation idempotent?<u></u><u></u></span></p>

</div>

<div id="m_1419794160554187569bloop_customfont">

<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Helvetica",sans-serif"><u></u> <u></u></span></p>

</div>

<div id="m_1419794160554187569bloop_customfont">

<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Helvetica",sans-serif">Additionally, would it be worthwhile to add `withStablePtr` to the `Foreign.StablePtr` module? I imagine there are cases that it won’t cover, but it would at least encourage

 good discipline in the cases that it does handle. The evident utility of such a function is witnessed by its existence in a few different codebases, not least the Win32 library (<a href="https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fhackage.haskell.org%2Fpackage%2FWin32-2.6.2.0%2Fdocs%2FSystem-Win32-Types.html%23v%3AwithStablePtr&data=02%7C01%7Csimonpj%40microsoft.com%7C10dc6ba9e74d4ec2bbbe08d56c39361a%7Cee3303d7fb734b0c8589bcd847f1c277%7C1%7C0%7C636533915338797696&sdata=L45oTzaUhG8G7U%2Fp%2FIV85smqkxbub5UQqvGA%2B9cGuJI%3D&reserved=0" target="_blank">https://hackage.haskell.org/<wbr>package/Win32-2.6.2.0/docs/<wbr>System-Win32-Types.html#v:<wbr>withStablePtr</a>)<u></u><u></u></span></p>

</div>

<div id="m_1419794160554187569bloop_customfont">

<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Helvetica",sans-serif"><u></u> <u></u></span></p>

</div>

<div id="m_1419794160554187569bloop_customfont">

<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Helvetica",sans-serif">Cheers,<u></u><u></u></span></p>

</div>

<div id="m_1419794160554187569bloop_customfont">

<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Helvetica",sans-serif">Gershom<u></u><u></u></span></p>

</div>

</div></div></div>

</div>

</div>


<br>______________________________<wbr>_________________<br>

Libraries mailing list<br>

<a href="mailto:Libraries@haskell.org">Libraries@haskell.org</a><br>

<a href="http://mail.haskell.org/cgi-bin/mailman/listinfo/libraries" rel="noreferrer" target="_blank">http://mail.haskell.org/cgi-<wbr>bin/mailman/listinfo/libraries</a><br>

<br></blockquote></div><br></div>