#15508: concprog001 fails with various errors -------------------------------------+------------------------------------- Reporter: osa1 | Owner: osa1 Type: bug | Status: new Priority: highest | Milestone: 8.8.1 Component: Compiler | Version: 8.5 Resolution: | Keywords: Operating System: Unknown/Multiple | Architecture: | Unknown/Multiple Type of failure: Runtime crash | Test Case: Blocked By: | Blocking: Related Tickets: #15571 | Differential Rev(s): Phab:D5051 Wiki Page: | (reverted), Phab:D5165, Phab:D5178 -------------------------------------+------------------------------------- Comment (by osa1): Looking at the assembly for `returnToStackTop`, we're loading a TSO's `prof` field to `rCCCS` so the problem is with the `prof` field of a TSO. Debugging further, here's where we first update `prof` field of a TSO with the problematic value (0x4207528000): {{{ Thread 2 hit Hardware watchpoint 6: ((StgTSO *) 0x420019d7e0)->prof.cccs Old value = (CostCentreStack *) 0x4207528000 New value = (CostCentreStack *) 0xb44390 0x0000000000a37819 in stg_returnToSched ()
bt #0 0x0000000000a37819 in stg_returnToSched () #1 0x0000000000000000 in ?? ()
print *(CostCentreStack *)0xb44390 $60 = { ccsID = 241, cc = 0xb44350, prevStack = 0xd2df00
, indexTable = 0x0, root = 0xb44390, depth = 1, scc_count = 0, selected = 1, time_ticks = 0, mem_alloc = 59522365, inherited_alloc = 0, inherited_ticks = 0 } }}}
print *(CostCentreStack *)0x4207528000 $62 = { ccsID = 283607809913, cc = 0xb44390,
print *((CostCentreStack *)0x4207528000)->cc $64 = { ccID = 241, label = 0xb44350 "\a", module = 0xd2df00
"|", srcloc = 0x0, mem_alloc = 11813776, time_ticks = 1, is_caf = 0,
(Note that this is reverse executions so "old" is actually new) Interestingly at this point 0x4207528000 actually looks like a valid cost centre stack: {{{ prevStack = 0x5, indexTable = 0x4207528071, root = 0x420752804a, depth = 283607809953, scc_count = 11813776, selected = 4, time_ticks = 0, mem_alloc = 283607809985, inherited_alloc = 11813776, inherited_ticks = 5 } link = 0x1 } }}} So currently we don't have a problem. If I continue: {{{ Thread 2 hit Hardware watchpoint 8: ((StgTSO *) 0x420019d7e0)->prof.cccs Old value = (CostCentreStack *) 0xb44390 New value = (CostCentreStack *) 0x4207528000 0x0000000000a3d1c2 in stg_AP_STACK_info ()
bt #0 0x0000000000a3d1c2 in stg_AP_STACK_info () #1 0x0000000000000000 in ?? ()
print *(StgClosure*)0x4207528000 $69 = { header = { info = 0x9f2200
, prof = { ccs = 0xb44390, hp = { rs = 0x0, ldvw = 0 } } }, payload = 0x4207528018 } }}}
This is the second time we update the `TSO->prof` with the problematic value, and NOW things look bad. I don't understand how we can use the same location for a cost centre stack and a heap closure. As far as I know cost centre stacks are allocated in an arena, and are never freed. -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/15508#comment:29 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler