GHC issues
https://gitlab.haskell.org/ghc/ghc/-/issues
2019-07-07T18:03:13Z
https://gitlab.haskell.org/ghc/ghc/-/issues/15729
Static GHCi can segfault when accessing .bss section in C
2019-07-07T18:03:13Z
Zejun Wu
Static GHCi can segfault when accessing .bss section in C
When an object file is statically linked, GHCi can return junk or segfault when trying to access data defined in .bss section via foreign call.
```
watashi % ~/gao/ghc/inplace/bin/ghc-stage2 --info | grep Dynamic
,("Dynamic by default"...
When an object file is statically linked, GHCi can return junk or segfault when trying to access data defined in .bss section via foreign call.
```
watashi % ~/gao/ghc/inplace/bin/ghc-stage2 --info | grep Dynamic
,("Dynamic by default","NO")
,("GHC Dynamic","NO")
watashi % cat bss.c
int read_bss(int i) {
static int bss[1 << 20];
return bss[i];
}
watashi % ~/gao/ghc/inplace/bin/ghc-stage2 --interactive test.o
GHCi, version 8.7.20180920: http://www.haskell.org/ghc/ :? for help
Loaded GHCi configuration from /home/watashi/.ghci
Prelude> :m + Foreign Foreign.C
Prelude Foreign Foreign.C> foreign import ccall unsafe "read_bss" read_bss :: Int -> IO Int
Prelude Foreign Foreign.C> read_bss 0
4294059519
Prelude Foreign Foreign.C> read_bss 1
65535
Prelude Foreign Foreign.C> mapM (read_bss . bit) [0 .. 19]
zsh: segmentation fault (core dumped) ~/gao/ghc/inplace/bin/ghc-stage2 --interactive test.o
```
<details><summary>Trac metadata</summary>
| Trac field | Value |
| ---------------------- | ----------------- |
| Version | 8.6.1 |
| Type | Bug |
| TypeOfFailure | OtherFailure |
| Priority | normal |
| Resolution | Unresolved |
| Component | GHCi |
| Test case | |
| Differential revisions | |
| BlockedBy | |
| Related | |
| Blocking | |
| CC | simonmar, watashi |
| Operating system | |
| Architecture | |
</details>
<!-- {"blocked_by":[],"summary":"Static GHCi can segfault when accessing .bss section in C","status":"New","operating_system":"","component":"GHCi","related":[],"milestone":"","resolution":"Unresolved","owner":{"tag":"Unowned"},"version":"8.6.1","keywords":[],"differentials":[],"test_case":"","architecture":"","cc":["simonmar","watashi"],"type":"Bug","description":"When an object file is statically linked, GHCi can return junk or segfault when trying to access data defined in .bss section via foreign call.\r\n\r\n{{{\r\nwatashi % ~/gao/ghc/inplace/bin/ghc-stage2 --info | grep Dynamic\r\n ,(\"Dynamic by default\",\"NO\")\r\n ,(\"GHC Dynamic\",\"NO\")\r\nwatashi % cat bss.c\r\nint read_bss(int i) {\r\n static int bss[1 << 20];\r\n return bss[i];\r\n}\r\nwatashi % ~/gao/ghc/inplace/bin/ghc-stage2 --interactive test.o\r\nGHCi, version 8.7.20180920: http://www.haskell.org/ghc/ :? for help\r\nLoaded GHCi configuration from /home/watashi/.ghci\r\nPrelude> :m + Foreign Foreign.C\r\nPrelude Foreign Foreign.C> foreign import ccall unsafe \"read_bss\" read_bss :: Int -> IO Int\r\nPrelude Foreign Foreign.C> read_bss 0\r\n4294059519\r\nPrelude Foreign Foreign.C> read_bss 1\r\n65535\r\nPrelude Foreign Foreign.C> mapM (read_bss . bit) [0 .. 19]\r\nzsh: segmentation fault (core dumped) ~/gao/ghc/inplace/bin/ghc-stage2 --interactive test.o\r\n}}}","type_of_failure":"OtherFailure","blocking":[]} -->
8.10.1
Zejun Wu
Zejun Wu
https://gitlab.haskell.org/ghc/ghc/-/issues/15723
-prof -fPIC -fexternal-dynamic-refs generates non-PIC relocations for externa...
2019-07-07T18:03:15Z
Zejun Wu
-prof -fPIC -fexternal-dynamic-refs generates non-PIC relocations for external symbol
When compiling code with `-prof -fPIC -fexternal-dynamic-refs`, the generated object file may contains R_X86_64_PC32 relocation to symbols defined in another object file.
```
$ cat T15723A.hs T15723B.hs
module T15723A where
{-# INLINE ...
When compiling code with `-prof -fPIC -fexternal-dynamic-refs`, the generated object file may contains R_X86_64_PC32 relocation to symbols defined in another object file.
```
$ cat T15723A.hs T15723B.hs
module T15723A where
{-# INLINE foo #-}
foo :: Int -> Int
foo x = {-# SCC foo1 #-} bar x
{-# NOINLINE bar #-}
bar :: Int -> Int
bar x = x
module T15723B where
import T15723A
test :: Int -> Int
test x = {-# SCC test1 #-} foo $ foo x
$ $HC -prof -prof -fPIC -fexternal-dynamic-refs -O2 -c T15723A.hs
$ $HC -prof -prof -fPIC -fexternal-dynamic-refs -O2 -c T15723B.hs
$ objdump -rdS T15723B.o | less
0000000000000028 <T15723B_test_info>:
28: 48 8d 45 f0 lea -0x10(%rbp),%rax
2c: 4c 39 f8 cmp %r15,%rax
2f: 72 70 jb a1 <T15723B_test_info+0x79>
31: 48 83 ec 08 sub $0x8,%rsp
35: 48 8d 35 00 00 00 00 lea 0x0(%rip),%rsi # 3c <T15723B_test_info+0x14>
38: R_X86_64_PC32 T15723B_test1_EXPR_cc-0x4
3c: 49 8b bd 60 03 00 00 mov 0x360(%r13),%rdi
43: 31 c0 xor %eax,%eax
45: e8 00 00 00 00 callq 4a <T15723B_test_info+0x22>
46: R_X86_64_PLT32 pushCostCentre-0x4
4a: 48 83 c4 08 add $0x8,%rsp
4e: 48 ff 40 30 incq 0x30(%rax)
52: 49 89 85 60 03 00 00 mov %rax,0x360(%r13)
59: 48 83 ec 08 sub $0x8,%rsp
5d: 48 8d 35 00 00 00 00 lea 0x0(%rip),%rsi # 64 <T15723B_test_info+0x3c>
60: R_X86_64_PC32 T15723A_foo1_EXPR_cc-0x4
```
When attempt to link both `T15723A.o` and `T15723B.o` in ghci using `+RTS -xp`, the address of `T15723A_foo1_EXPR_cc` can be more than 2G away from `T15723B_test_info` and cause link error or segfault.
8.10.1
Zejun Wu
Zejun Wu