[GHC] #11792: Optimised unsafe FFI call can get wrong argument

5 Apr 2016

      #11792: Optimised unsafe FFI call can get wrong argument
-------------------------------------+-------------------------------------
           Reporter:  Szunti         |             Owner:
               Type:  bug            |            Status:  new
           Priority:  normal         |         Milestone:
          Component:  Compiler       |           Version:  7.10.3
           Keywords:                 |  Operating System:  Unknown/Multiple
       Architecture:                 |   Type of failure:  Incorrect result
  Unknown/Multiple                   |  at runtime
          Test Case:                 |        Blocked By:
           Blocking:                 |   Related Tickets:
Differential Rev(s):                 |         Wiki Page:
-------------------------------------+-------------------------------------
 Attached a simple test case. It should print 7457, but the C function is
 called with 0 as the third argument.

 If I compile with -O0 or omit the unsafe keyword in the FFI import it
 works as it should.

 In gdb disassembly looks to me as edx (the place for third argument on
 64-bit) is set to 7457, then the opaquify is inlined, but it doesn't
 preserve
 edx and then third_arg is called with the zeroed edx.

 ----------------
 Specs
 -------------
 64-bit Archlinux with arch-haskell repo

 gcc -v:
 {{{
 Using built-in specs.
 COLLECT_GCC=gcc
 COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-unknown-linux-gnu/5.3.0/lto-
 wrapper
 Target: x86_64-unknown-linux-gnu
 Configured with: /build/gcc-multilib/src/gcc-5-20160209/configure
 --prefix=/usr --libdir=/usr/lib --libexecdir=/usr/lib
 --mandir=/usr/share/man --infodir=/usr/share/info --with-
 bugurl=https://bugs.archlinux.org/ --enable-
 languages=c,c++,ada,fortran,go,lto,objc,obj-c++ --enable-shared --enable-
 threads=posix --enable-libmpx --with-system-zlib --with-isl --enable-
 __cxa_atexit --disable-libunwind-exceptions --enable-clocale=gnu
 --disable-libstdcxx-pch --disable-libssp --enable-gnu-unique-object
 --enable-linker-build-id --enable-lto --enable-plugin --enable-install-
 libiberty --with-linker-hash-style=gnu --enable-gnu-indirect-function
 --enable-multilib --disable-werror --enable-checking=release
 Thread model: posix
 gcc version 5.3.0 (GCC)
 }}}

 ghc compile output:
 {{{
 Glasgow Haskell Compiler, Version 7.10.3, stage 2 booted by GHC version
 7.10.3
 Using binary package database:
 /usr/lib/ghc-7.10.3/package.conf.d/package.cache
 wired-in package ghc-prim mapped to ghc-
 prim-0.4.0.0-6cdc86811872333585fa98756aa7c51e
 wired-in package integer-gmp mapped to integer-
 gmp-1.0.0.0-3c8c40657a9870f5c33be17496806d8d
 wired-in package base mapped to
 base-4.8.2.0-0d6d1084fbc041e1cded9228e80e264d
 wired-in package rts mapped to builtin_rts
 wired-in package template-haskell mapped to template-
 haskell-2.10.0.0-3c4cb52230f347282af9b2817f013181
 wired-in package ghc mapped to ghc-7.10.3-3a39f8f970ff545623196002970730d1
 wired-in package dph-seq not found.
 wired-in package dph-par not found.
 Hsc static flags:
 wired-in package ghc-prim mapped to ghc-
 prim-0.4.0.0-6cdc86811872333585fa98756aa7c51e
 wired-in package integer-gmp mapped to integer-
 gmp-1.0.0.0-3c8c40657a9870f5c33be17496806d8d
 wired-in package base mapped to
 base-4.8.2.0-0d6d1084fbc041e1cded9228e80e264d
 wired-in package rts mapped to builtin_rts
 wired-in package template-haskell mapped to template-
 haskell-2.10.0.0-3c4cb52230f347282af9b2817f013181
 wired-in package ghc mapped to ghc-7.10.3-3a39f8f970ff545623196002970730d1
 wired-in package dph-seq not found.
 wired-in package dph-par not found.
 *** Chasing dependencies:
 Chasing modules from: *Main.hs
 Stable obj: []
 Stable BCO: []
 Ready for upsweep
   [NONREC
       ModSummary {
          ms_hs_date = 2016-04-05 14:24:20.801997492 UTC
          ms_mod = Main,
          ms_textual_imps = [import (implicit) Prelude, import Data.Word]
          ms_srcimps = []
       }]
 *** Deleting temp files:
 Deleting:
 compile: input file Main.hs
 Created temporary directory: /tmp/ghc1541_0
 *** Checking old interface for Main:
 [1 of 1] Compiling Main             ( Main.hs, Main.o )
 *** Parser:
 *** Renamer/typechecker:
 *** Desugar:
 Result size of Desugar (after optimization)
   = {terms: 317, types: 387, coercions: 3}
 *** Core Linted result of Desugar (after optimization):
 *** Simplifier:
 Result size of Simplifier iteration=1
   = {terms: 261, types: 290, coercions: 14}
 *** Core Linted result of Simplifier:
 Result size of Simplifier iteration=2
   = {terms: 216, types: 262, coercions: 18}
 *** Core Linted result of Simplifier:
 Result size of Simplifier = {terms: 216, types: 262, coercions: 18}
 *** Core Linted result of Simplifier:
 *** Specialise:
 Result size of Specialise = {terms: 216, types: 262, coercions: 18}
 *** Core Linted result of Specialise:
 *** Float out(FOS {Lam = Just 0, Consts = True, OverSatApps = False}):
 Result size of Float out(FOS {Lam = Just 0,
                               Consts = True,
                               OverSatApps = False})
   = {terms: 274, types: 305, coercions: 18}
 *** Core Linted result of Float out(FOS {Lam = Just 0, Consts = True,
 OverSatApps = False}):
 *** Simplifier:
 Result size of Simplifier iteration=1
   = {terms: 407, types: 388, coercions: 70}
 *** Core Linted result of Simplifier:
 Result size of Simplifier iteration=2
   = {terms: 463, types: 375, coercions: 25}
 *** Core Linted result of Simplifier:
 Result size of Simplifier = {terms: 430, types: 362, coercions: 25}
 *** Core Linted result of Simplifier:
 *** Simplifier:
 Result size of Simplifier iteration=1
   = {terms: 426, types: 363, coercions: 25}
 *** Core Linted result of Simplifier:
 Result size of Simplifier = {terms: 426, types: 363, coercions: 25}
 *** Core Linted result of Simplifier:
 *** Simplifier:
 Result size of Simplifier iteration=1
   = {terms: 310, types: 291, coercions: 25}
 *** Core Linted result of Simplifier:
 Result size of Simplifier iteration=2
   = {terms: 248, types: 217, coercions: 25}
 *** Core Linted result of Simplifier:
 Result size of Simplifier iteration=3
   = {terms: 336, types: 242, coercions: 25}
 *** Core Linted result of Simplifier:
 Result size of Simplifier = {terms: 336, types: 242, coercions: 25}
 *** Core Linted result of Simplifier:
 *** Float inwards:
 Result size of Float inwards
   = {terms: 336, types: 242, coercions: 25}
 *** Core Linted result of Float inwards:
 *** Called arity analysis:
 Result size of Called arity analysis
   = {terms: 336, types: 242, coercions: 25}
 *** Core Linted result of Called arity analysis:
 *** Simplifier:
 Result size of Simplifier = {terms: 336, types: 242, coercions: 25}
 *** Core Linted result of Simplifier:
 *** Demand analysis:
 Result size of Demand analysis
   = {terms: 336, types: 242, coercions: 25}
 *** Core Linted result of Demand analysis:
 *** Worker Wrapper binds:
 Result size of Worker Wrapper binds
   = {terms: 369, types: 283, coercions: 25}
 *** Core Linted result of Worker Wrapper binds:
 *** Simplifier:
 Result size of Simplifier iteration=1
   = {terms: 354, types: 266, coercions: 25}
 *** Core Linted result of Simplifier:
 Result size of Simplifier = {terms: 354, types: 266, coercions: 25}
 *** Core Linted result of Simplifier:
 *** Float out(FOS {Lam = Just 0, Consts = True, OverSatApps = True}):
 Result size of Float out(FOS {Lam = Just 0,
                               Consts = True,
                               OverSatApps = True})
   = {terms: 356, types: 267, coercions: 25}
 *** Core Linted result of Float out(FOS {Lam = Just 0, Consts = True,
 OverSatApps = True}):
 *** Common sub-expression:
 Result size of Common sub-expression
   = {terms: 356, types: 267, coercions: 25}
 *** Core Linted result of Common sub-expression:
 *** Float inwards:
 Result size of Float inwards
   = {terms: 356, types: 267, coercions: 25}
 *** Core Linted result of Float inwards:
 *** Simplifier:
 Result size of Simplifier = {terms: 356, types: 267, coercions: 25}
 *** Core Linted result of Simplifier:
 *** Tidy Core:
 Result size of Tidy Core = {terms: 356, types: 267, coercions: 25}
 *** Core Linted result of Tidy Core:
 writeBinIface: 18 Names
 writeBinIface: 81 dict entries
 *** CorePrep:
 Result size of CorePrep = {terms: 654, types: 379, coercions: 25}
 *** Core Linted result of CorePrep:
 *** Stg2Stg:
 *** CodeGen:
 *** Assembler:
 /usr/bin/gcc -fno-stack-protector -DTABLES_NEXT_TO_CODE -I. -x assembler
 -c /tmp/ghc1541_0/ghc_2.s -o Main.o
 Upsweep completely successful.
 *** Deleting temp files:
 Deleting: /tmp/ghc1541_0/ghc_3.c /tmp/ghc1541_0/ghc_2.s
 /tmp/ghc1541_0/ghc_1.s
 Warning: deleting non-existent /tmp/ghc1541_0/ghc_3.c
 Warning: deleting non-existent /tmp/ghc1541_0/ghc_1.s
 link: linkables are ...
 LinkableM (2016-04-05 15:42:11.288210053 UTC) Main
    [DotO Main.o]
 Linking Main ...
 *** C Compiler:
 /usr/bin/gcc -fno-stack-protector -DTABLES_NEXT_TO_CODE -c
 /tmp/ghc1541_0/ghc_4.c -o /tmp/ghc1541_0/ghc_5.o
 -I/usr/lib/ghc-7.10.3/include
 *** C Compiler:
 /usr/bin/gcc -fno-stack-protector -DTABLES_NEXT_TO_CODE -c
 /tmp/ghc1541_0/ghc_7.s -o /tmp/ghc1541_0/ghc_8.o
 -I/usr/lib/ghc-7.10.3/include
 *** Linker:
 /usr/bin/gcc -fno-stack-protector -DTABLES_NEXT_TO_CODE '-Wl,--hash-
 size=31' -Wl,--reduce-memory-overheads -Wl,--no-as-needed -o Main Main.o
 Test.o -L/usr/lib/ghc-7.10.3/base_HQfYBxpPvuw8OunzQu6JGM
 -L/usr/lib/ghc-7.10.3/integ_2aU3IZNMF9a7mQ0OzsZ0dS
 -L/usr/lib/ghc-7.10.3/ghcpr_8TmvWUcS1U1IKHT0levwg3
 -L/usr/lib/ghc-7.10.3/rts /tmp/ghc1541_0/ghc_5.o /tmp/ghc1541_0/ghc_8.o
 -Wl,-u,ghczmprim_GHCziTypes_Izh_static_info
 -Wl,-u,ghczmprim_GHCziTypes_Czh_static_info
 -Wl,-u,ghczmprim_GHCziTypes_Fzh_static_info
 -Wl,-u,ghczmprim_GHCziTypes_Dzh_static_info
 -Wl,-u,base_GHCziPtr_Ptr_static_info
 -Wl,-u,ghczmprim_GHCziTypes_Wzh_static_info
 -Wl,-u,base_GHCziInt_I8zh_static_info
 -Wl,-u,base_GHCziInt_I16zh_static_info
 -Wl,-u,base_GHCziInt_I32zh_static_info
 -Wl,-u,base_GHCziInt_I64zh_static_info
 -Wl,-u,base_GHCziWord_W8zh_static_info
 -Wl,-u,base_GHCziWord_W16zh_static_info
 -Wl,-u,base_GHCziWord_W32zh_static_info
 -Wl,-u,base_GHCziWord_W64zh_static_info
 -Wl,-u,base_GHCziStable_StablePtr_static_info
 -Wl,-u,ghczmprim_GHCziTypes_Izh_con_info
 -Wl,-u,ghczmprim_GHCziTypes_Czh_con_info
 -Wl,-u,ghczmprim_GHCziTypes_Fzh_con_info
 -Wl,-u,ghczmprim_GHCziTypes_Dzh_con_info -Wl,-u,base_GHCziPtr_Ptr_con_info
 -Wl,-u,base_GHCziPtr_FunPtr_con_info
 -Wl,-u,base_GHCziStable_StablePtr_con_info
 -Wl,-u,ghczmprim_GHCziTypes_False_closure
 -Wl,-u,ghczmprim_GHCziTypes_True_closure
 -Wl,-u,base_GHCziPack_unpackCString_closure
 -Wl,-u,base_GHCziIOziException_stackOverflow_closure
 -Wl,-u,base_GHCziIOziException_heapOverflow_closure
 -Wl,-u,base_ControlziExceptionziBase_nonTermination_closure
 -Wl,-u,base_GHCziIOziException_blockedIndefinitelyOnMVar_closure
 -Wl,-u,base_GHCziIOziException_blockedIndefinitelyOnSTM_closure
 -Wl,-u,base_GHCziIOziException_allocationLimitExceeded_closure
 -Wl,-u,base_ControlziExceptionziBase_nestedAtomically_closure
 -Wl,-u,base_GHCziEventziThread_blockedOnBadFD_closure
 -Wl,-u,base_GHCziWeak_runFinalizzerBatch_closure
 -Wl,-u,base_GHCziTopHandler_flushStdHandles_closure
 -Wl,-u,base_GHCziTopHandler_runIO_closure
 -Wl,-u,base_GHCziTopHandler_runNonIO_closure
 -Wl,-u,base_GHCziConcziIO_ensureIOManagerIsRunning_closure
 -Wl,-u,base_GHCziConcziIO_ioManagerCapabilitiesChanged_closure
 -Wl,-u,base_GHCziConcziSync_runSparks_closure
 -Wl,-u,base_GHCziConcziSignal_runHandlersPtr_closure
 -lHSbase-4.8.2.0-HQfYBxpPvuw8OunzQu6JGM -lHSinteger-
 gmp-1.0.0.0-2aU3IZNMF9a7mQ0OzsZ0dS -lHSghc-
 prim-0.4.0.0-8TmvWUcS1U1IKHT0levwg3 -lHSrts -lCffi -lgmp -lm -lrt -ldl
 link: done
 *** Deleting temp files:
 Deleting: /tmp/ghc1541_0/ghc_10.rsp /tmp/ghc1541_0/ghc_9.rsp
 /tmp/ghc1541_0/ghc_8.o /tmp/ghc1541_0/ghc_7.s /tmp/ghc1541_0/ghc_6.rsp
 /tmp/ghc1541_0/ghc_5.o /tmp/ghc1541_0/ghc_4.c
 *** Deleting temp dirs:
 Deleting: /tmp/ghc1541_0
 }}}

--
Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/11792
GHC http://www.haskell.org/ghc/
The Glasgow Haskell Compiler