[Vm-dev] [ENH] Returning from context with sender == nil

Mon May 7 12:15:23 UTC 2012

On Mon, May 07, 2012 at 08:27:43AM +0200, Igor Stasenko wrote:
>  
> Just an idea..
> 
> currently, when returning from bottom context, which has no sender, VM
> generates a message #cannotReturn:
> 
> You can checking by invoking:
> 
> (thisContext privSender: nil). ^ 5
> 
> which is fine, except that i think we can extend this behavior for use
> in cases when we leaving the normal "smalltalk" execution
> back to some C caller, namely:
> 
> - callbacks
> - a "message send" from C
> 
> upon return from method (or block) , an interpreter always checks if
> sender of a context (a caller context) is valid MethodContext
> instance.
> i am thinking about very small change, which will provide additional
> functionality:
>  - if context's sender in non-valid MethodContext, but instance of
> SmallInteger, then
>    we just assume that given smallinteger is an address of C function
> which should be called (by stripping the tag bit of course).
> 
> The function is of kind:
> 
>    void (fn*) (sqInt returnValue).
> 
> i.e. upon discovering sender is smallint, an interpreter will call
> this function with return value as argument.

If you are certain that you will never want your VM to run on a 64-bit
platform, then you can use usqInt to represent a machine address for
32-bit addressing. But it is dangerous to assume SmallInteger, which
is only 31 bits of address space, so this may not work even on a 32-bit
platform. You might be able to treat the 31-bit value as an offset
relative to some base address (i.e. a 32- or 64-bit base address plus
31 bit offset), which seems likely to work on most platforms but still
sounds risky to me.

(BTW, this is the kind of issue that currently causes FFI and all of
the plugins that depend on SurfacePlugin to be broken on 64-bit platforms.
It's an easy thing to do, and very hard to fix the problem once you have
an installed base of users.)

> 
> As an option for additional safety, we can avoid using pure function
> address in small integer instance, but instead
> use a registry of valid addresses (so that smallint will be an index
> in a table, where cool hackers can register own "No-return" handlers).
> Then VM should check if sender is small integer, and if it is a valid
> registered index in  "No-return" handlers table, and if its ok, then
> call that function,
> otherwise, do as usual and raise "cannot return exception".

A table of handler addresses would work. You would of course need to
protect access to the table with a mutex.

> 
> You may argue, that same functionality can be achieved by using
> special primitive(s). Which is true for callbacks, since we definitely
> control the
> callback entry, and on return we can invoke special primitive to
> return back to C caller.
> But thinking about future, imagine that we have an API in VM, similar
> to Objective-C, which allows you to send a message to any object
> and get a result:
> 
> /* C code */
> resultOop = vmSend(receiver, selector, 3 /*num args */ , arg1, arg2, arg3);
> 
> here, we cannot control the execution , since potentially a C caller
> may pick any receiver , any selector, so the entry point, unlike
> from callbacks are not controllable at smalltalk side. However if we
> use the proposed trick, upon return from the context,
> we can clearly detect that it is time to return to C caller and handle
> it accordingly.
> 
> What you think?

Interesting idea. Sounds dangerous too ;-)

> 
> -- 
> Best regards,
> Igor Stasenko.