GNU bug report logs -
#19246
bindings: void return function *can* trigger a segfault
Previous Next
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 19246 in the body.
You can then email your comments to 19246 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
bug-guile <at> gnu.org:
bug#19246; Package
guile.
(Mon, 01 Dec 2014 20:20:01 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Amirouche Boubekki <amirouche.boubekki <at> gmail.com>:
New bug report received and forwarded. Copy sent to
bug-guile <at> gnu.org.
(Mon, 01 Dec 2014 20:20:01 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Héllo,
I reproduce the bug every time with the attached files. Here is gdb backtrace:
----8<--------------8<--------------8<--------------8<--------------8<--------------8<--------------8<----------
#0 0x00007ffff7921e56 in vm_debug_engine (vm=0x6f8020,
program=0xf5b280, argv=0x7fffffffc100, nargs=2) at vm-i-system.c:890
#1 0x00007ffff7932826 in scm_c_vm_run (vm=0x6f8020, program=0x786680,
argv=0x7fffffffc0f8, nargs=1) at vm.c:768
#2 0x00007ffff78622a7 in scm_primitive_eval (exp=0xf62420) at eval.c:692
#3 0x00007ffff78932df in scm_primitive_load (filename=0xf53360) at load.c:124
#4 0x00007ffff7921aa3 in vm_debug_engine (vm=0x6f8020,
program=0x7ffff7bb79c0 <scm_primitive_load.subr_raw_cell>,
argv=0x7fffffffcf90, nargs=1) at vm-i-system.c:855
#5 0x00007ffff7932826 in scm_c_vm_run (vm=0x6f8020, program=0x786680,
argv=0x7fffffffcf88, nargs=1) at vm.c:768
#6 0x00007ffff78622a7 in scm_primitive_eval (exp=0x8c25c0) at eval.c:692
#7 0x00007ffff7862361 in scm_eval (exp=0x8c25c0,
module_or_state=0x888c60) at eval.c:726
#8 0x00007ffff78d6903 in scm_shell (argc=1, argv=0x7fffffffe318) at
script.c:439
#9 0x0000000000400c81 in inner_main (closure=0x0, argc=1,
argv=0x7fffffffe318) at guile.c:62
#10 0x00007ffff788a36d in invoke_main_func (body_data=0x7fffffffe1f0)
at init.c:336
#11 0x00007ffff7857148 in c_body (d=0x7fffffffe0b0) at continuations.c:517
#12 0x00007ffff7903b23 in apply_catch_closure (clo=0x895b60,
args=0x304) at throw.c:140
#13 0x00007ffff78d7126 in apply_1 (smob=0x895b60, a=0x304) at smob.c:142
#14 0x00007ffff790e2d5 in vm_regular_engine (vm=0x6f8020,
program=0x6f3000, argv=0x7fffffffdf80, nargs=2) at vm-i-system.c:858
#15 0x00007ffff7932826 in scm_c_vm_run (vm=0x6f8020, program=0x678c30,
argv=0x7fffffffdf60, nargs=4) at vm.c:768
#16 0x00007ffff7861a28 in scm_call_4 (proc=0x678c30, arg1=0x404,
arg2=0x895b60, arg3=0x895b40, arg4=0x895b20) at eval.c:507
#17 0x00007ffff7903980 in scm_catch_with_pre_unwind_handler
(key=0x404, thunk=0x895b60, handler=0x895b40,
pre_unwind_handler=0x895b20) at throw.c:73
#18 0x00007ffff7903bfb in scm_c_catch (tag=0x404, body=0x7ffff7857120
<c_body>, body_data=0x7fffffffe0b0,
handler=0x7ffff7857157 <c_handler>, handler_data=0x7fffffffe0b0,
pre_unwind_handler=0x7ffff78571b4 <pre_unwind_handler>,
pre_unwind_handler_data=0x77dfa0) at throw.c:207
----8<--------------8<--------------8<--------------8<--------------8<--------------8<--------------8<----------
The related code is:
----8<--------------8<--------------8<--------------8<--------------8<--------------8<--------------8<----------
case 10:
ret = subr (sp[-9], sp[-8], sp[-7], sp[-6], sp[-5], sp[-4],
sp[-3], sp[-2], sp[-1], sp[0]);
break;
default:
abort ();
}
NULLSTACK_FOR_NONLOCAL_EXIT ();
if (SCM_UNLIKELY (SCM_VALUESP (ret)))
{
/* multiple values returned to continuation */
ret = scm_struct_ref (ret, SCM_INUM0);
nvalues = scm_ilength (ret);
PUSH_LIST (ret, scm_is_null);
goto vm_return_values;
}
else
{
PUSH (ret);
goto vm_return;
}
----8<--------------8<--------------8<--------------8<--------------8<--------------8<--------------8<----------
It's seems to me that the code always expects something to be
returned. During my tests ret is according to gdb (SCM) 0xbb8 (=3000 =
c variable from process function)
An easy fix for bindings creator, is to return a valid SCM value like
SCM_BOOL_T.
Best regards.
[void-return.c (text/x-csrc, attachment)]
[void-return.scm (text/x-scheme, attachment)]
Reply sent
to
ludo <at> gnu.org (Ludovic Courtès):
You have taken responsibility.
(Mon, 01 Dec 2014 21:51:01 GMT)
Full text and
rfc822 format available.
Notification sent
to
Amirouche Boubekki <amirouche.boubekki <at> gmail.com>:
bug acknowledged by developer.
(Mon, 01 Dec 2014 21:51:01 GMT)
Full text and
rfc822 format available.
Message #10 received at 19246-done <at> debbugs.gnu.org (full text, mbox):
Hi,
Amirouche Boubekki <amirouche.boubekki <at> gmail.com> skribis:
> void process(SCM integer, SCM other) {
> int a = scm_to_int(integer);
> int b = scm_to_int(other);
> int i, c = 0;
>
> for (i = 0; i<1000; i++) {
> c = c + a + b;
> }
> }
>
>
> void init () {
> scm_c_define_gsubr("process", 2, 0, 0, process);
> }
Functions exposed to Scheme must always return ‘SCM’.
So ‘process’ above must be changed to return ‘SCM’, possibly the
SCM_UNSPECIFIED value since it’s a side-effecting function.
Thanks,
Ludo’.
Added tag(s) notabug.
Request was from
ludo <at> gnu.org (Ludovic Courtès)
to
control <at> debbugs.gnu.org.
(Mon, 01 Dec 2014 21:52:02 GMT)
Full text and
rfc822 format available.
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org.
(Tue, 30 Dec 2014 12:24:04 GMT)
Full text and
rfc822 format available.
This bug report was last modified 10 years and 235 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.