GNU bug report logs -
#60487
string-ref segfaults with n < 0 on Guile 3.0.8
Previous Next
Reported by: festerdam <at> posteo.net
Date: Mon, 2 Jan 2023 08:54:01 UTC
Severity: normal
Done: Ludovic Courtès <ludo <at> gnu.org>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 60487 in the body.
You can then email your comments to 60487 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
bug-guile <at> gnu.org
:
bug#60487
; Package
guile
.
(Mon, 02 Jan 2023 08:54:01 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
festerdam <at> posteo.net
:
New bug report received and forwarded. Copy sent to
bug-guile <at> gnu.org
.
(Mon, 02 Jan 2023 08:54:01 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
The following code results in a segmentation fault on Guile
3.0.8-deb+3.0.8-2 (obtained from the Debian repositories):
(string-ref "my string" -3)
gdb's backtrace is the following:
#0 0x00007ffff7f1bcc5 in ?? () from
/lib/x86_64-linux-gnu/libguile-3.0.so.1
#1 0x00007ffff7f26c49 in scm_call_n ()
from /lib/x86_64-linux-gnu/libguile-3.0.so.1
#2 0x00007ffff7e97b29 in scm_apply_0 ()
from /lib/x86_64-linux-gnu/libguile-3.0.so.1
#3 0x00007ffff7f15966 in scm_throw ()
from /lib/x86_64-linux-gnu/libguile-3.0.so.1
#4 0x00007ffff7f174e9 in scm_ithrow ()
from /lib/x86_64-linux-gnu/libguile-3.0.so.1
#5 0x00007ffff7e94735 in scm_error_scm ()
from /lib/x86_64-linux-gnu/libguile-3.0.so.1
#6 0x00007ffff7e94790 in scm_error ()
from /lib/x86_64-linux-gnu/libguile-3.0.so.1
#7 0x00007ffff7ee19e7 in ?? () from
/lib/x86_64-linux-gnu/libguile-3.0.so.1
#8 0x00007ffff7ee208b in scm_to_uint64 ()
from /lib/x86_64-linux-gnu/libguile-3.0.so.1
#9 0x00007ffff7f1c5e4 in ?? () from
/lib/x86_64-linux-gnu/libguile-3.0.so.1
#10 0x00007ffff7f26c49 in scm_call_n ()
from /lib/x86_64-linux-gnu/libguile-3.0.so.1
#11 0x00007ffff7e93a97 in scm_primitive_eval ()
from /lib/x86_64-linux-gnu/libguile-3.0.so.1
#12 0x00007ffff7e99a86 in scm_eval ()
from /lib/x86_64-linux-gnu/libguile-3.0.so.1
#13 0x00007ffff7ef91c6 in scm_shell () from
/lib/x86_64-linux-gnu/libguile-3.0.so.1
#14 0x00007ffff7ea865c in ?? () from
/lib/x86_64-linux-gnu/libguile-3.0.so.1
#15 0x00007ffff7e91f6a in ?? () from
/lib/x86_64-linux-gnu/libguile-3.0.so.1
#16 0x00007ffff7f194e8 in ?? () from
/lib/x86_64-linux-gnu/libguile-3.0.so.1
#17 0x00007ffff7f26c49 in scm_call_n () from
/lib/x86_64-linux-gnu/libguile-3.0.so.1
#18 0x00007ffff7e936ea in scm_call_2 () from
/lib/x86_64-linux-gnu/libguile-3.0.so.1
#19 0x00007ffff7f42292 in ?? () from
/lib/x86_64-linux-gnu/libguile-3.0.so.1
#20 0x00007ffff7f0ff4f in scm_c_catch () from
/lib/x86_64-linux-gnu/libguile-3.0.so.1
#21 0x00007ffff7e942e6 in scm_c_with_continuation_barrier () from
/lib/x86_64-linux-gnu/libguile-3.0.so.1
#22 0x00007ffff7f14b89 in ?? () from
/lib/x86_64-linux-gnu/libguile-3.0.so.1
#23 0x00007ffff7c190e7 in GC_call_with_stack_base () from
/lib/x86_64-linux-gnu/libgc.so.1
#24 0x00007ffff7f0fe68 in scm_with_guile () from
/lib/x86_64-linux-gnu/libguile-3.0.so.1
#25 0x00007ffff7eb1185 in scm_boot_guile () from
/lib/x86_64-linux-gnu/libguile-3.0.so.1
#26 0x000055555555510f in ?? ()
#27 0x00007ffff7c9918a in __libc_start_call_main
(main=main <at> entry=0x5555555550b0, argc=argc <at> entry=1,
argv=argv <at> entry=0x7fffffffe0b8) at
../sysdeps/nptl/libc_start_call_main.h:58
#28 0x00007ffff7c99245 in __libc_start_main_impl (main=0x5555555550b0,
argc=1, argv=0x7fffffffe0b8, init=<optimized out>, fini=<optimized out>,
rtld_fini=<optimized out>, stack_end=0x7fffffffe0a8) at
../csu/libc-start.c:381
#29 0x00005555555551aa in ?? ()
Reply sent
to
Ludovic Courtès <ludo <at> gnu.org>
:
You have taken responsibility.
(Mon, 16 Jan 2023 22:16:02 GMT)
Full text and
rfc822 format available.
Notification sent
to
festerdam <at> posteo.net
:
bug acknowledged by developer.
(Mon, 16 Jan 2023 22:16:02 GMT)
Full text and
rfc822 format available.
Message #10 received at 60487-done <at> debbugs.gnu.org (full text, mbox):
Hi,
festerdam <at> posteo.net skribis:
> The following code results in a segmentation fault on Guile
> 3.0.8-deb+3.0.8-2 (obtained from the Debian repositories):
> (string-ref "my string" -3)
I can reproduce it with 3.0.8, where I get this backtrace:
--8<---------------cut here---------------start------------->8---
scheme@(guile-user)> (string-ref "my string" -3)
Thread 1 "guile" received signal SIGSEGV, Segmentation fault.
0x00007ffff7f419d9 in scm_is_values (x=<optimized out>) at values.h:30
30 values.h: No such file or directory.
(gdb) bt
#0 0x00007ffff7f419d9 in scm_is_values (x=<optimized out>) at values.h:30
#1 vm_debug_engine (thread=0x7ffff75c1d80) at vm-engine.c:974
#2 0x00007ffff7f4c5d9 in scm_call_n (proc=<optimized out>, argv=<optimized out>, nargs=5)
at vm.c:1610
#3 0x00007ffff7eb8571 in scm_apply_0 (proc=#<program 7ffff5c4e960>, args=()) at eval.c:603
#4 0x00007ffff7f3dc8d in scm_throw (key=out-of-range,
args=<error reading variable: ERROR: Cannot access memory at address 0x0>0x7ffff2bb2c30)
at throw.c:262
#5 0x00007ffff7f3dca9 in scm_ithrow (key=<optimized out>, args=<optimized out>,
no_return=<optimized out>) at throw.c:457
#6 0x00007ffff7eb5245 in scm_error_scm (key=key <at> entry=out-of-range, subr=<optimized out>,
message=message <at> entry="Value out of range ~S to< ~S: ~S",
args=args <at> entry=<error reading variable: ERROR: Cannot access memory at address 0x0>0x7ffff2bb2c70, data=data <at> entry=(4611686018427387901)) at error.c:90
#7 0x00007ffff7eb52a0 in scm_error (key=out-of-range, subr=0x0, message=<optimized out>,
args=<error reading variable: ERROR: Cannot access memory at address 0x0>0x7ffff2bb2c70,
rest=(4611686018427387901)) at error.c:62
#8 0x00007ffff7f02dd7 in range_error (bad_val=bad_val <at> entry=4611686018427387901,
min=min <at> entry=<error reading variable: ERROR: Cannot access memory at address 0x0>0x0,
max=#<bignum 7ffff2baeda0>) at numbers.c:6611
#9 0x00007ffff7f04dfb in scm_to_uint64 (arg=4611686018427387901) at integers.c:259
#10 0x00007ffff7f42215 in vm_debug_engine (thread=0x7ffff75c1d80) at vm-engine.c:1533
#11 0x00007ffff7f4c5d9 in scm_call_n (proc=<optimized out>, argv=<optimized out>, nargs=1)
at vm.c:1610
#12 0x00007ffff7eb4457 in scm_primitive_eval (exp=<optimized out>,
exp <at> entry=((@ (ice-9 control) %) (begin (load-user-init) ((@ (ice-9 top-repl) top-repl)))))
at eval.c:671
#13 0x00007ffff7eba4b6 in scm_eval (
exp=((@ (ice-9 control) %) (begin (load-user-init) ((@ (ice-9 top-repl) top-repl)))),
module_or_state="#<struct module>" = {...}) at eval.c:705
#14 0x00007ffff7f1e3b6 in scm_shell (argc=1, argv=0x7fffffffd058) at script.c:357
--8<---------------cut here---------------end--------------->8---
Fortunately, this was fixed recently in
c0004442b7691f59a0e37869ef288eb26382ad9e.
Thanks!
Ludo’.
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org
.
(Tue, 14 Feb 2023 12:24:14 GMT)
Full text and
rfc822 format available.
This bug report was last modified 1 year and 43 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.