[GHC] #10571: GHC 7.10.1 segfaults when shiftL-ing Integers by negative amounts
GHC
ghc-devs at haskell.org
Sun Jun 28 13:18:32 UTC 2015
#10571: GHC 7.10.1 segfaults when shiftL-ing Integers by negative amounts
-------------------------------------+-------------------------------------
Reporter: anders_ | Owner:
Type: bug | Status: new
Priority: high | Milestone:
Component: Compiler | Version: 7.10.1
Resolution: | Keywords:
Operating System: MacOS X | Architecture: x86_64
Type of failure: Runtime crash | (amd64)
Blocked By: | Test Case:
Related Tickets: | Blocking:
| Differential Revisions:
-------------------------------------+-------------------------------------
Comment (by hvr):
Replying to [comment:4 rwbarton]:
> BTW, I'm curious why the program is segfaulting, rather than reporting
an out-of-memory condition like it does if I try to evaluate {{{2 `shiftL`
1000000000000000}}}.
Most likely because `integer_gmp_mpn_lshift` gets called with unsound
parameters, leading to `memset(3)` overwriting memory it isn't supposed to
touch...
The low-level api in `integer-gmp` has very little safeguards (for one to
avoid having to check the same conditions multiple times, but also because
we can't report errors), I've tried to document all pre-conditions on
input-arguments which are required to be satisfied to avoid segfaults. To
some degree this also a result of having to use `Int#` for quantities
which then are converted into a `Word#` rightaway...
--
Ticket URL: <http://ghc.haskell.org/trac/ghc/ticket/10571#comment:5>
GHC <http://www.haskell.org/ghc/>
The Glasgow Haskell Compiler
More information about the ghc-tickets
mailing list