GNU bug report logs -
#16060
Attempt to mutate a literal pair results in segfault (master)
Previous Next
To reply to this bug, email your comments to 16060 AT debbugs.gnu.org.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
bug-guile <at> gnu.org:
bug#16060; Package
guile.
(Thu, 05 Dec 2013 19:41:02 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Pieter Slabbert <blob626 <at> gmail.com>:
New bug report received and forwarded. Copy sent to
bug-guile <at> gnu.org.
(Thu, 05 Dec 2013 19:41:03 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
HI
When I try to load a file which contains
(set-car! '(0 . ()) 1)
Guile segfaults .
if I enter the same thing into the interpreter it works fine.
I tried the same thing in chibi and it complained about try to mutate
an immutable pair. Fixed it in my code but the segfault made it a lot
harder to find
I installed guile from git. Version gives me 2.1.0.526-7f710
Running Ubuntu 13.10
Processor: Intel Atom N450
Steps to reproduce:
$ echo "(set-car! '(0 . ()) 1)" > test.scm
$ guile
> (load "test.scm")
segfault
Thanks
Pieter
Changed bug title to 'Attempt to mutate a literal pair results in segfault (master)' from 'segfault when loading file'
Request was from
Mark H Weaver <mhw <at> netris.org>
to
control <at> debbugs.gnu.org.
(Thu, 05 Dec 2013 22:15:02 GMT)
Full text and
rfc822 format available.
Information forwarded
to
bug-guile <at> gnu.org:
bug#16060; Package
guile.
(Thu, 05 Dec 2013 23:06:02 GMT)
Full text and
rfc822 format available.
Message #10 received at 16060 <at> debbugs.gnu.org (full text, mbox):
Hi,
Pieter Slabbert <blob626 <at> gmail.com> writes:
> When I try to load a file which contains
> (set-car! '(0 . ()) 1)
>
> Guile segfaults .
> if I enter the same thing into the interpreter it works fine.
According to the R5RS, it is "an error" to mutate literals, and
implementations are not required to detect this error. In other words,
the behavior is unspecified, like signed integer overflow in C.
Currently, what happens is this: on the stable-2.0 branch, and in the
interpreter on master, you are effectively modifying the code itself.
In compiled code on master, literals are in read-only memory, which is
why attempting to mutate it leads to a segfault. It is similar to what
happens in C if you attempt to mutate a character in a string literal.
Perhaps in 2.2.x we can support a debugging mode where compiled code
adds extra checks, but this is a wishlist item.
> I tried the same thing in chibi and it complained about try to mutate
> an immutable pair. Fixed it in my code but the segfault made it a lot
> harder to find
>
> I installed guile from git. Version gives me 2.1.0.526-7f710
The master branch of guile is very much a work-in-progress, with a major
new implementation of the VM, compiler, and loader recently pushed. The
ABI is not yet stabilized, which means that occasionally you may need to
"make clean" and rebuild everything, including any external libraries
that use libguile.
For now, you might be happier with the 'stable-2.0' branch in git.
Regards,
Mark
Severity set to 'wishlist' from 'normal'
Request was from
Mark H Weaver <mhw <at> netris.org>
to
control <at> debbugs.gnu.org.
(Thu, 05 Dec 2013 23:07:01 GMT)
Full text and
rfc822 format available.
Information forwarded
to
bug-guile <at> gnu.org:
bug#16060; Package
guile.
(Wed, 19 Jul 2023 22:15:01 GMT)
Full text and
rfc822 format available.
Message #15 received at 16060 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
This is still happening with Guile 3.0, but only at -O2, not at -O1.
$ cat x.scm
(set-car! '(1 . 2) 3)
$ guild3.0 compile -O1 x.scm
wrote `/home/jean/.cache/guile/ccache/3.0-LE-8-4.5/home/jean/tmp/x.scm.go'
$ guile3.0 x.scm
Backtrace:
In ice-9/boot-9.scm:
1752:10 6 (with-exception-handler _ _ #:unwind? _ # _)
In unknown file:
5 (apply-smob/0 #<thunk 7f72df6e0f60>)
In ice-9/boot-9.scm:
724:2 4 (call-with-prompt ("prompt") #<procedure 7f72df6e7ee0 …> …)
In ice-9/eval.scm:
619:8 3 (_ #(#(#<directory (guile-user) 7f72df6d9c80>)))
In ice-9/boot-9.scm:
2835:4 2 (save-module-excursion #<procedure 7f72df6c7150 at ice-…>)
4380:12 1 (_)
In x.scm:
1:0 0 (_)
x.scm:1:0: In procedure set-car!: Wrong type argument in position 1 (expecting
mutable pair): (1 . 2)
$ guild3.0 compile -O2 x.scm
wrote `/home/jean/.cache/guile/ccache/3.0-LE-8-4.5/home/jean/tmp/x.scm.go'
$ guile3.0 x.scm
Segmentation fault (core dumped)
I found that module/language/cps/lower-primcalls.scm contains:
;; precondition: pair is mutable pair
(define-primcall-lowerer (set-car! cps k src #f (pair val))
(with-cps cps
(build-term
($continue k src
($primcall 'scm-set!/immediate '(pair . 0) (pair val))))))
which bypasses the check that the scm_set_car_x and scm_set_cdr_x
functions do.
I wonder if instead of checking the pair beforehand, Guile could just
do the set-c(a|d)r! anyway. Could the problem with mmapped bytecode
just be solved by adding PROT_WRITE to the mmap flags? (Or are there
maybe thread-safety problems?)
[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 302 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.