#10571: GHC 7.10.1 segfaults when shiftL-ing Integers by negative amounts -------------------------------------+------------------------------------- Reporter: anders_ | Owner: Type: bug | Status: new Priority: high | Milestone: Component: Compiler | Version: 7.10.1 Resolution: | Keywords: Operating System: MacOS X | Architecture: x86_64 Type of failure: Runtime crash | (amd64) Blocked By: | Test Case: Related Tickets: | Blocking: | Differential Revisions: -------------------------------------+------------------------------------- Comment (by hvr): Replying to [comment:4 rwbarton]:
BTW, I'm curious why the program is segfaulting, rather than reporting an out-of-memory condition like it does if I try to evaluate {{{2 `shiftL` 1000000000000000}}}.
Most likely because `integer_gmp_mpn_lshift` gets called with unsound parameters, leading to `memset(3)` overwriting memory it isn't supposed to touch... The low-level api in `integer-gmp` has very little safeguards (for one to avoid having to check the same conditions multiple times, but also because we can't report errors), I've tried to document all pre-conditions on input-arguments which are required to be satisfied to avoid segfaults. To some degree this also a result of having to use `Int#` for quantities which then are converted into a `Word#` rightaway... -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/10571#comment:5 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler