Bug 38250

Summary: Stack Corruption in mono involving tailcalls (where code is fine on Windows)
Product: [Mono] Runtime Reporter: donsyme
Component: JITAssignee: Bugzilla <bugzilla>
Severity: normal CC: mono-bugs+mono, mono-bugs+runtime, vargaz
Priority: ---    
Version: 4.2.0 (C6)   
Target Milestone: ---   
Hardware: PC   
OS: Linux   
Tags: Is this bug a regression?: ---
Last known good build:

Description donsyme 2016-02-01 14:34:23 UTC
Bug report from: https://github.com/fsharp/fsharp/issues/537#issuecomment-177626486

Awaiting clarification of exact Mono version

If you take the following complete program and complie/run under mono on Ubuntu using "fsharpc program.fs":

open System

let  Bits (n:int) =
    let rec look n cnt =
        //printfn "  ... %2d %2d" n cnt
        if n = 0 then cnt
        else look (n>>>1) (cnt+1)
    look n 0

let main argv =
    for i in 0..7 do
        let bits    =  Bits i
        printfn "%2d = %2d" i bits

You get:

0 =  0
* Assertion: should not be reached at tramp-amd64.c:396


Native stacktrace:

    mono() [0x49cf0c]
    /lib/x86_64-linux-gnu/libpthread.so.0(+0x10340) [0x7f82009c8340]
    /lib/x86_64-linux-gnu/libc.so.6(gsignal+0x39) [0x7f8200628bb9]
    /lib/x86_64-linux-gnu/libc.so.6(abort+0x148) [0x7f820062bfc8]
    mono() [0x62a329]
    mono() [0x62a537]
    mono() [0x62a686]
    mono() [0x4f368d]

Debug info from gdb:

Could not attach to process.  If your uid matches the uid of the target
process, check the setting of /proc/sys/kernel/yama/ptrace_scope, or try
again as the root user.  For more details, see /etc/sysctl.d/10-ptrace.conf
ptrace: Operation not permitted.
No threads.

Got a SIGABRT while executing native code. This usually indicates
a fatal error in the mono runtime or one of the native libraries 
used by your application.

If you take the compiled executable (Test3.exe) and copy it over to Windows and try to run it, you get:
> Test3.exe
 0 =  0
 1 =  1
 2 =  2
 3 =  2
 4 =  3
 5 =  3
 6 =  3
 7 =  3

If you stay on Linux under mono and just uncomment the  printfn  it also runs perfectly.
Comment 1 Zoltan Varga 2016-02-01 22:46:32 UTC
Fixed in mono master 9a871fa705a23f4ae50c2d514ab65aa434f2c208.