GNU bug report logs -
#59874
Segfault from string-ref with negative 'k'
Previous Next
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 59874 in the body.
You can then email your comments to 59874 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
bug-guile <at> gnu.org:
bug#59874; Package
guile.
(Wed, 07 Dec 2022 09:19:01 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
rose gibson <birdswinter <at> tutanota.com>:
New bug report received and forwarded. Copy sent to
bug-guile <at> gnu.org.
(Wed, 07 Dec 2022 09:19:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
hi,
i noticed that if i, on my system, run "guile" from a shell and then type into the command prompt that appears,
(string-ref "a string" -1)
guile appears to hang for a few seconds or so, and then prints the message "Segmentation fault (core dumped)".
i'm not really sure if this report is worth anything, it might just be some glitch in my distribution's build or something else unreproducable and weird, idk. but i thought i would say something. just in case.
this is with guile 3.0.8 on arch linux. i didn't do anything special with respect to building guile myself or anything like that, it was (i'm pretty sure) just installed from the repositories.
i'm definitely curious what's up if anyone ever bothers to take the time figuring it out.
thanks :)
Information forwarded
to
bug-guile <at> gnu.org:
bug#59874; Package
guile.
(Wed, 07 Dec 2022 10:03:01 GMT)
Full text and
rfc822 format available.
Message #8 received at submit <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
On Wed, Dec 07, 2022 at 08:50:09AM +0100, rose gibson via Bug reports for GUILE, GNU's Ubiquitous Extension Language wrote:
> hi,
>
> i noticed that if i, on my system, run "guile" from a shell and then type into the command prompt that appears,
>
> (string-ref "a string" -1)
>
> guile appears to hang for a few seconds or so, and then prints the message "Segmentation fault (core dumped)".
>
> i'm not really sure if this report is worth anything, it might just be some glitch in my distribution's build or something else unreproducable and weird, idk. but i thought i would say something. just in case.
>
> this is with guile 3.0.8 on arch linux. i didn't do anything special with respect to building guile myself or anything like that, it was (i'm pretty sure) just installed from the repositories.
Hi,
this is Debian GNU/Linux, x86_64, but a self-compiled Guile:
| tomas <at> trotzki:~$ guile
| GNU Guile 3.0.8.57-bc3b1
| Copyright (C) 1995-2022 Free Software Foundation, Inc.
|
| Guile comes with ABSOLUTELY NO WARRANTY; for details type `,show w'.
| This program is free software, and you are welcome to redistribute it
| under certain conditions; type `,show c' for details.
|
| Enter `,help' for help.
| scheme@(guile-user)> (string-ref "a string" -1)
| ice-9/boot-9.scm:1685:16: In procedure raise-exception:
| Value out of range 0 to< 18446744073709551615: -1
|
| Entering a new prompt. Type `,bt' for a backtrace or `,q' to continue.
| scheme@(guile-user) [1]>
... so it's either fixed in the meantime, or there are differences
between our respective builds. Here, the bad index is caught, it
seems.
> i'm definitely curious what's up if anyone ever bothers to take the time figuring it out.
>
> thanks :)
That's as much as I can do for now, $DAYJOB calling :)
Cheers
--
t
[signature.asc (application/pgp-signature, inline)]
Information forwarded
to
bug-guile <at> gnu.org:
bug#59874; Package
guile.
(Wed, 07 Dec 2022 10:31:02 GMT)
Full text and
rfc822 format available.
Message #11 received at 59874 <at> debbugs.gnu.org (full text, mbox):
Thank you for reporting this bug.
> i noticed that if i, on my system, run "guile" from a shell and then type into the command prompt that appears,
>
> (string-ref "a string" -1)
>
> guile appears to hang for a few seconds or so, and then prints the message "Segmentation fault (core dumped)".
I can reproduce this on Guix System with guile 3.0.8:
--8<---------------cut here---------------start------------->8---
guile --no-auto-compile --debug
GNU Guile 3.0.8
Copyright (C) 1995-2021 Free Software Foundation, Inc.
Guile comes with ABSOLUTELY NO WARRANTY; for details type `,show w'.
This program is free software, and you are welcome to redistribute it
under certain conditions; type `,show c' for details.
Enter `,help' for help.
scheme@(guile-user)> (string-ref "a string" -1)
Segmentation fault
--8<---------------cut here---------------end--------------->8---
But:
--8<---------------cut here---------------start------------->8---
$ guile -c '(string-ref "a string" -1)'
Backtrace:
In ice-9/boot-9.scm:
1752:10 6 (with-exception-handler _ _ #:unwind? _ #:unwind-for-type _)
In unknown file:
5 (apply-smob/0 #<thunk 7f3912dd02e0>)
In ice-9/boot-9.scm:
724:2 4 (call-with-prompt ("prompt") #<procedure 7f3912de2c60 at ice-9/eval.scm:330:13 ()> #<procedure default-prompt-handler (k proc)>)
In ice-9/eval.scm:
619:8 3 (_ #(#(#<directory (guile-user) 7f3912dd5c80>)))
In ice-9/command-line.scm:
185:19 2 (_ #<input: string 7f3912dcf850>)
In unknown file:
1 (eval (string-ref "a string" -1) #<directory (guile-user) 7f3912dd5c80>)
0 (string-ref "a string" -1)
ERROR: In procedure string-ref:
Value out of range 0 to< 7: -1
--8<---------------cut here---------------end--------------->8---
--
Ricardo
Information forwarded
to
bug-guile <at> gnu.org:
bug#59874; Package
guile.
(Wed, 07 Dec 2022 17:55:02 GMT)
Full text and
rfc822 format available.
Message #14 received at 59874 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Hello,
This is the same bug as https://debbugs.gnu.org/cgi/bugreport.cgi?bug=58154 <https://debbugs.gnu.org/cgi/bugreport.cgi?bug=58154> which is fixed in git (http://git.savannah.gnu.org/gitweb/?p=guile.git;a=commitdiff;h=c0004442b7691f59a0e37869ef288eb26382ad9e <http://git.savannah.gnu.org/gitweb/?p=guile.git;a=commitdiff;h=c0004442b7691f59a0e37869ef288eb26382ad9e>).
This bug is quite terrible so hopefully we'll get a new release out soon.
Thank you
Daniel
[Message part 2 (text/html, inline)]
Information forwarded
to
bug-guile <at> gnu.org:
bug#59874; Package
guile.
(Sat, 10 Dec 2022 15:52:01 GMT)
Full text and
rfc822 format available.
Message #17 received at 59874 <at> debbugs.gnu.org (full text, mbox):
HI,
On +2022-12-07 11:29:28 +0100, Ricardo Wurmus wrote:
> Thank you for reporting this bug.
>
> > i noticed that if i, on my system, run "guile" from a shell and then type into the command prompt that appears,
> >
> > (string-ref "a string" -1)
> >
> > guile appears to hang for a few seconds or so, and then prints the message "Segmentation fault (core dumped)".
>
> I can reproduce this on Guix System with guile 3.0.8:
>
> --8<---------------cut here---------------start------------->8---
> guile --no-auto-compile --debug
> GNU Guile 3.0.8
> Copyright (C) 1995-2021 Free Software Foundation, Inc.
>
> Guile comes with ABSOLUTELY NO WARRANTY; for details type `,show w'.
> This program is free software, and you are welcome to redistribute it
> under certain conditions; type `,show c' for details.
>
> Enter `,help' for help.
> scheme@(guile-user)> (string-ref "a string" -1)
> Segmentation fault
> --8<---------------cut here---------------end--------------->8---
>
> But:
>
> --8<---------------cut here---------------start------------->8---
> $ guile -c '(string-ref "a string" -1)'
> Backtrace:
> In ice-9/boot-9.scm:
> 1752:10 6 (with-exception-handler _ _ #:unwind? _ #:unwind-for-type _)
> In unknown file:
> 5 (apply-smob/0 #<thunk 7f3912dd02e0>)
> In ice-9/boot-9.scm:
> 724:2 4 (call-with-prompt ("prompt") #<procedure 7f3912de2c60 at ice-9/eval.scm:330:13 ()> #<procedure default-prompt-handler (k proc)>)
> In ice-9/eval.scm:
> 619:8 3 (_ #(#(#<directory (guile-user) 7f3912dd5c80>)))
> In ice-9/command-line.scm:
> 185:19 2 (_ #<input: string 7f3912dcf850>)
> In unknown file:
> 1 (eval (string-ref "a string" -1) #<directory (guile-user) 7f3912dd5c80>)
> 0 (string-ref "a string" -1)
>
> ERROR: In procedure string-ref:
> Value out of range 0 to< 7: -1
> --8<---------------cut here---------------end--------------->8---
>
> --
> Ricardo
>
>
>
M-x guiler from emacs editing this reply, produced this:
--8<---------------cut here---------------start------------->8---
Current directory is ~/.mutt/ezTemp/
GNU Guile 2.2.4
Copyright (C) 1995-2017 Free Software Foundation, Inc.
Guile comes with ABSOLUTELY NO WARRANTY; for details type `,show w'.
This program is free software, and you are welcome to redistribute it
under certain conditions; type `,show c' for details.
Enter `,help' for help.
scheme@(guile-user)> (string-ref "a string" -1)
<unnamed port>:1:0: Value out of range 0 to 18446744073709551615: -1
Entering a new prompt. Type `,bt' for a backtrace or `,q' to continue.
scheme@(guile-user) [1]>
--8<---------------cut here---------------end--------------->8---
The range number is not as nice as measuring the input string :)
(64-bit unsigned maxint in case not immediately recognized )
--8<---------------cut here---------------start------------->8---
scheme@(guile-user) [1]> (- (expt 2 64) 1)
$3 = 18446744073709551615
--8<---------------cut here---------------end--------------->8---
I am on puri.sm pureOS amber (old ;/)
--8<---------------cut here---------------start------------->8---
scheme@(guile-user) [1]> (system "uname -rv")
4.19.0-22-amd64 #1 SMP Debian 4.19.260-1 (2022-09-29)
--8<---------------cut here---------------end--------------->8---
M! guile --version (direct from here, not via geiser):
--8<---------------cut here---------------start------------->8---
guile (GNU Guile) 2.2.4
Packaged by Debian (2.2.4-deb+1-2+deb10u1)
Copyright (C) 2018 Free Software Foundation, Inc.
License LGPLv3+: GNU LGPL 3 or later <http://gnu.org/licenses/lgpl.html>.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
--8<---------------cut here---------------end--------------->8---
Interestingly, M! and paste the following
direct from here does measure the input string:
guile --no-auto-compile -c '(display (string-ref "a string" -1))'|& cat -n
--8<---------------cut here---------------start------------->8---
1 Backtrace:
2 6 (apply-smob/1 #<catch-closure 56095aa9f7a0>)
3 In ice-9/boot-9.scm:
4 705:2 5 (call-with-prompt ("prompt") #<procedure 56095aab49c0 …> …)
5 In ice-9/eval.scm:
6 619:8 4 (_ #(#(#<directory (guile-user) 56095ab27140>)))
7 In ice-9/command-line.scm:
8 181:18 3 (_ #<input: string 56095ab45a80>)
9 In unknown file:
10 2 (eval (display (string-ref "a string" -1)) #<directory …>)
11 In ice-9/eval.scm:
12 191:35 1 (_ #f)
13 In unknown file:
14 0 (string-ref "a string" -1)
15
16 ERROR: In procedure string-ref:
17 Value out of range 0 to 7: -1
--8<---------------cut here---------------end--------------->8---
HTH, no more time for pleasant procrastinations :)
--
Regards,
Bengt Richter
Reply sent
to
Jean Abou Samra <jean <at> abou-samra.fr>:
You have taken responsibility.
(Mon, 12 Dec 2022 06:27:01 GMT)
Full text and
rfc822 format available.
Notification sent
to
rose gibson <birdswinter <at> tutanota.com>:
bug acknowledged by developer.
(Mon, 12 Dec 2022 06:27:02 GMT)
Full text and
rfc822 format available.
Message #22 received at 59874-close <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
(Closing since this has been fixed.)
[OpenPGP_signature (application/pgp-signature, attachment)]
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org.
(Mon, 09 Jan 2023 12:24:09 GMT)
Full text and
rfc822 format available.
This bug report was last modified 2 years and 162 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.