[GHC] #13916: Optimizations create run time seg faults

GHC ghc-devs at haskell.org
Fri Jul 14 18:55:25 UTC 2017 

#13916: Optimizations create run time seg faults
-------------------------------------+-------------------------------------
        Reporter:  newthin           |                Owner:  (none)
            Type:  bug               |               Status:  new
        Priority:  highest           |            Milestone:  8.2.2
       Component:  Compiler          |              Version:  8.0.2
  (CodeGen)                          |
      Resolution:                    |             Keywords:  optimization
Operating System:  Unknown/Multiple  |         Architecture:
                                     |  Unknown/Multiple
 Type of failure:  Runtime crash     |            Test Case:
      Blocked By:                    |             Blocking:
 Related Tickets:                    |  Differential Rev(s):
       Wiki Page:                    |
-------------------------------------+-------------------------------------

Comment (by bgamari):

 So it looks like when we are in `limitMakeEnv.go` we find that
 `eenvpermission` is the `MVar ()` instead of an `Either (MVar ()) ()`.
 Consequently when we extract the field while performing the case analysis
 on it, we extract the `MVar#` instead of an `MVar()` as the code expects.
 This is how we end up passing a `MVAR_DIRTY` to `readMVar`.

 It looks like we end up in this situation due to miscompilation. The STG
 has this in the body of `limitMakeEnv.go`,
 {{{#!hs
                                                 sat_s6tv [Occ=Once]
                                                   :: GHC.Prim.State#
 GHC.Prim.RealWorld
                                                      -> (# GHC.Prim.State#
 GHC.Prim.RealWorld,
 Data.Either.Either env_a3xy () #)
                                                 [LclId] =
                                                     \r [void_0E]
 src<Bracket.hs:99:40-68>
 src<Bracket.hs:92:34-39>
 src<Bracket.hs:62:47-52>
                                                         Bracket.$wtakeEnv
                                                             ww1_s6tk
                                                             ww2_s6tl
                                                             ww3_s6tm
 GHC.Prim.void#; } in ...
 }}}
 where,
 {{{#!hs
 Bracket.$wtakeEnv [InlPrag=[0]]
   :: forall env.
      GHC.Prim.Int#
      -> GHC.Prim.Int#
      -> GHC.Prim.Array# (Control.Concurrent.STM.TMVar.TMVar env)
      -> GHC.Prim.State# GHC.Prim.RealWorld
      -> (# GHC.Prim.State# GHC.Prim.RealWorld, env #)
 }}}

 Clearly this is bogus: `$wtakeEnv` returns an `env` whereas `sat_s6tv` is
 supposed to be returning an `Either`. Presumably stg-lint didn't catch
 this due to its poor sensitivity to type errors.

-- 
Ticket URL: <http://ghc.haskell.org/trac/ghc/ticket/13916#comment:15>
GHC <http://www.haskell.org/ghc/>
The Glasgow Haskell Compiler

More information about the ghc-tickets mailing list