#14346: 8.2.1 regression: heap corruption after safe foreign calls -------------------------------------+------------------------------------- Reporter: andrewchen | Owner: (none) Type: bug | Status: infoneeded Priority: highest | Milestone: Component: Runtime System | Version: 8.2.1 Resolution: | Keywords: Operating System: Unknown/Multiple | Architecture: | Unknown/Multiple Type of failure: Runtime crash | Test Case: Blocked By: | Blocking: Related Tickets: | Differential Rev(s): Wiki Page: | -------------------------------------+------------------------------------- Comment (by bgamari): Very good insights, alexbiehl and andrewchen. Indeed it looks indeed the GC is (correctly, given the code) concluding that the array is unreachable. Looking at the `-dverbose-core2core` output one sees that the `touch#` call is dropped during one of the simplifier passes (`SimplMode {Phase = 0 [post-call-arity], inline, rules, eta-expand, case-of-case}`). That is certainly the bug. To answer, a few of your questions:
is it ok to store an address which clearly points into heap allocated memory but doesn't point to an info table?
In the above case, the answer is probably yes. This pointer is saved as a field of a stack frame (namely a return frame for `block_c4Dx_info`). The info table for this frame likely declares this field as a non-pointer. -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/14346#comment:17 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler