[GHC] #14346: 8.2.1 regression: heap corruption after safe foreign calls
GHC
ghc-devs at haskell.org
Wed Oct 18 23:21:16 UTC 2017
#14346: 8.2.1 regression: heap corruption after safe foreign calls
-------------------------------------+-------------------------------------
Reporter: andrewchen | Owner: (none)
Type: bug | Status: infoneeded
Priority: highest | Milestone:
Component: Runtime System | Version: 8.2.1
Resolution: | Keywords:
Operating System: Unknown/Multiple | Architecture:
| Unknown/Multiple
Type of failure: Runtime crash | Test Case:
Blocked By: | Blocking:
Related Tickets: | Differential Rev(s):
Wiki Page: |
-------------------------------------+-------------------------------------
Comment (by bgamari):
Very good insights, alexbiehl and andrewchen. Indeed it looks indeed the
GC is (correctly, given the code) concluding that the array is
unreachable. Looking at the `-dverbose-core2core` output one sees that the
`touch#` call is dropped during one of the simplifier passes (`SimplMode
{Phase = 0 [post-call-arity], inline, rules, eta-expand, case-of-case}`).
That is certainly the bug.
To answer, a few of your questions:
> is it ok to store an address which clearly points
> into heap allocated memory but doesn't point to
> an info table?
In the above case, the answer is probably yes. This pointer is saved as a
field of a stack frame (namely a return frame for `block_c4Dx_info`). The
info table for this frame likely declares this field as a non-pointer.
--
Ticket URL: <http://ghc.haskell.org/trac/ghc/ticket/14346#comment:17>
GHC <http://www.haskell.org/ghc/>
The Glasgow Haskell Compiler
More information about the ghc-tickets
mailing list