[GHC] #16057: GHC 8.6.3 byte-code interpreter segfaults on any object.

GHC ghc-devs at haskell.org
Sat Dec 22 18:41:28 UTC 2018 

#16057: GHC 8.6.3 byte-code interpreter segfaults on any object.
-------------------------------------+-------------------------------------
        Reporter:  gizmo.mk0         |                Owner:  (none)
            Type:  bug               |               Status:  new
        Priority:  highest           |            Milestone:
       Component:  Runtime System    |              Version:  8.6.3
      Resolution:                    |             Keywords:
Operating System:  Windows           |         Architecture:
 Type of failure:  Compile-time      |  Unknown/Multiple
  crash or panic                     |            Test Case:
      Blocked By:                    |             Blocking:
 Related Tickets:  #16071 #13617     |  Differential Rev(s):
       Wiki Page:                    |
-------------------------------------+-------------------------------------
Changes (by Phyx-):

 * architecture:  x86 => Unknown/Multiple
 * related:  #16071 => #16071 #13617


Comment:

 Like all good and bad things in life, this comes down to alignment.

 The change in ed86e3b531322f74d2c2d00d7ff8662b08fabde6 triggers a missing
 feature in the 8.6 branch. The `-Wa,-mbig-obj` changes the object code
 format, causing the COFF header to grow by 2 bytes.

 These two bytes push everything down, and causes the symbols which just
 happened to be aligned to the required section alignment to be misaligned.

 The `.text` section requires 16 byte alignment, and the ByteCode
 interpeter makes use of this to store tag bits in the lower bits.

 So a couple of things go wrong here. The new misaligned sections require
 the linker to actually do section alignment.

 Before:

 {{{
 addSymbol 000000000c6900f0 `Main_main_info'
 addSymbol 000000000c6901e0 `Main_main_closure'
 addSymbol 000000000c690158 `ZCMain_main_info'
 addSymbol 000000000c690220 `ZCMain_main_closure'
 addSymbol 000000000c690260 `Main_zdtrModule_closure
 }}}

 Everything happened to be aligned in most cases.

 Now everything is unaligned:

 {{{
 addSymbol 000000000c690114 `Main_main_info
 addSymbol 000000000c690204 `Main_main_closure'
 addSymbol 000000000c69017c `ZCMain_main_info'
 addSymbol 000000000c690244 `ZCMain_main_closure'
 addSymbol 000000000c690284 `Main_zdtrModule_closure'
 }}}

 The byte code interpreter then gets the unaligned address and thinks it's
 a tagged object and strips the bottom bits off

 {{{
 bcoSize = 3
 Sp = 00000000061f0be0   pc = 0    PUSH_G   000000000d8801b4
 Sp = 00000000061f0bd8   pc = 2    ENTER

 ---------------------------------------------------------------
 Evaluating: Object 000000000d8801b0 =
 }}}

 And segfaults as the address is now nonsense.

 The change works on HEAD as I added alignment support to the linker in
 head for GHC 8.8.

 Now the question is how to proceed. There are two options

 1) Revert this patch for the 8.6 branches and lose profiling support for a
 while till GHC 8.8

 2) I can produce a much simpler alignment fix patch, but it'll consume
 more memory then the bigger linker overhaul in HEAD currently, but.. it
 won't have had as much testing as the version in HEAD has.. so will need
 to be able to reason about it's correctness instead.

 I suppose most people would favor no# 2 so I'll get started on that.

-- 
Ticket URL: <http://ghc.haskell.org/trac/ghc/ticket/16057#comment:11>
GHC <http://www.haskell.org/ghc/>
The Glasgow Haskell Compiler

More information about the ghc-tickets mailing list