[GHC] #9306: Crash when shifting Integers too much
#9306: Crash when shifting Integers too much ------------------------------------+------------------------------------- Reporter: dfeuer | Owner: Type: bug | Status: new Priority: normal | Milestone: Component: libraries/base | Version: 7.8.3 Keywords: | Operating System: Unknown/Multiple Architecture: Unknown/Multiple | Type of failure: Runtime crash Difficulty: Unknown | Test Case: Blocked By: | Blocking: Related Tickets: | ------------------------------------+------------------------------------- When shifting an Integer by `fromIntegral (maxBound::Int) + 2` or more, the RTS crashes. The attached program gives the following output (on x86_64, at least): [dfeuer@lemur src]$ ./shiftcrash Okay 0 gmp: overflow in mpz type Aborted I found the bug in 7.6.3, but it's been verified to be present also in 7.8.3. The crash also occurs when running similar code in GHCi. -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/9306 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler
#9306: Crash when shifting Integers too much -------------------------------------+------------------------------------ Reporter: dfeuer | Owner: Type: bug | Status: new Priority: normal | Milestone: Component: libraries/base | Version: 7.8.3 Resolution: | Keywords: Operating System: Unknown/Multiple | Architecture: Unknown/Multiple Type of failure: Runtime crash | Difficulty: Unknown Test Case: | Blocked By: Blocking: | Related Tickets: -------------------------------------+------------------------------------ Comment (by hvr): The problem here is that the shift amount is of type `Int`, so `fromIntegral (maxBound::Int) + 1` is actually `minBound`, so the code {{{#!hs okay = 1000 `shiftR` (fromIntegral (maxBound::Int) + 1) :: Integer tooFar = 1 `shiftR` (fromIntegral (maxBound::Int) + 2) :: Integer }}} is the same as {{{#!hs okay = 1000 `shiftR` minBound :: Integer tooFar = 1 `shiftR` (minBound + 1) :: Integer }}} And both should have overflowed, as you are effectively requesting a left- shift by a *huge* amount -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/9306#comment:1 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler
#9306: Crash when shifting Integers too far left -------------------------------------+------------------------------------ Reporter: dfeuer | Owner: Type: bug | Status: new Priority: normal | Milestone: Component: libraries/base | Version: 7.8.3 Resolution: | Keywords: Operating System: Unknown/Multiple | Architecture: Unknown/Multiple Type of failure: Runtime crash | Difficulty: Unknown Test Case: | Blocked By: Blocking: | Related Tickets: -------------------------------------+------------------------------------ Description changed by dfeuer: Old description:
When shifting an Integer by `fromIntegral (maxBound::Int) + 2` or more, the RTS crashes. The attached program gives the following output (on x86_64, at least):
[dfeuer@lemur src]$ ./shiftcrash Okay 0 gmp: overflow in mpz type Aborted
I found the bug in 7.6.3, but it's been verified to be present also in 7.8.3. The crash also occurs when running similar code in GHCi.
New description: When shifting an Integer very far left, the RTS crashes. On x86_64: Prelude Data.Bits> 1 `shiftL` 100000000000000000000000 == 1 gmp: overflow in mpz type Aborted I found the bug in 7.6.3, but it's been verified to be present also in 7.8.3. The crash also occurs when running similar code compiled by ghc. -- -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/9306#comment:2 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler
#9306: Crash when shifting Integers too far left -------------------------------------+------------------------------------ Reporter: dfeuer | Owner: Type: bug | Status: new Priority: normal | Milestone: Component: libraries/base | Version: 7.8.3 Resolution: | Keywords: Operating System: Unknown/Multiple | Architecture: Unknown/Multiple Type of failure: Runtime crash | Difficulty: Unknown Test Case: | Blocked By: Blocking: | Related Tickets: -------------------------------------+------------------------------------ Comment (by simonpj): It's not clear what to do here. After all, arbitrary precision integers are supposed to be, well, arbitrary precision. If it "worked" you'd probably get a heap overflow instead. What should the maximum size of a shift be? If anyone has good ideas, go for it! Simon -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/9306#comment:3 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler
#9306: Crash when shifting Integers too far left -------------------------------------+------------------------------------ Reporter: dfeuer | Owner: Type: bug | Status: new Priority: normal | Milestone: Component: libraries/base | Version: 7.8.3 Resolution: | Keywords: Operating System: Unknown/Multiple | Architecture: Unknown/Multiple Type of failure: Runtime crash | Difficulty: Unknown Test Case: | Blocked By: Blocking: | Related Tickets: -------------------------------------+------------------------------------ Comment (by hvr): Replying to [comment:2 dfeuer]: ...just a minor nit-pick about the code-example: {{{ Literal 100000000000000000000000 is out of the Int range -9223372036854775808..9223372036854775807 }}} -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/9306#comment:4 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler
#9306: Crash when shifting Integers too far left -------------------------------------+------------------------------------- Reporter: dfeuer | Owner: Type: bug | Status: closed Priority: normal | Milestone: Component: Core Libraries | Version: 7.8.3 Resolution: duplicate | Keywords: Operating System: Unknown/Multiple | Architecture: | Unknown/Multiple Type of failure: Runtime crash | Test Case: Blocked By: | Blocking: Related Tickets: #10571 | Differential Rev(s): Wiki Page: | -------------------------------------+------------------------------------- Changes (by thomie): * status: new => closed * resolution: => duplicate * related: => #10571 Comment: Fixed in #10571. -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/9306#comment:7 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler
participants (1)
-
GHC