Macro processor segfaults when using undefined symbol

[SuperFola]

What happened?

When running macros with undefined symbols, which are used by the macros (required to be defined), the macro processor will segfault.

This has been found thanks to https://github.com/AFLplusplus/AFLplusplus

What ArkScript version are you seeing the problem on?

3.4.0

Relevant code & log output

Here are a few code samples to replicate:

!{defun (dy) (let name (fun args body))}
(defun a_func (a b) (+ a b))

!{-> (arg){
    !{if (> (len fn) 0)
        (-> (fn1 arg) ...fn)
        (fn1 arg)}}}
(let filename "00")
(let f1 (fun (data) (+ data)))
(let f2 (fun (data) (+ data)))
(print (-> filename f1 f2))

!{defun (name dy)
    (let name (fun args body))}
(defun a_func (a b) (+ a b))

!{suffix-dup () {
    !{if (> x 1) (suffix-dup sym (- x 1))}
    (symcat sym x)}}
!{partial (func...defargs){
    !{bloc (suffix-dup a (- (argcount func) (len defargs)))}
    (fun (bloc)(func...defargs bloc))
    !{undef c}}}
(let test_func (fun (a b c) (* a b c)))
(let test_func1 (partial test_func 1))

Documentation

• I have read existing related documentation before submitting this report
• I have searched for an existing issue before posting

[SuperFola]

The first two samples do not produce a segfault on f90d4be. However the last one does, here is the stacktrace from ASAN

/Library/Developer/CommandLineTools/SDKs/MacOSX13.1.sdk/usr/include/c++/v1/vector:709:31: runtime error: applying non-zero offset 18446744073709551512 to null pointer
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /Library/Developer/CommandLineTools/SDKs/MacOSX13.1.sdk/usr/include/c++/v1/vector:709:31 in 
AddressSanitizer:DEADLYSIGNAL
=================================================================
==50672==ERROR: AddressSanitizer: SEGV on unknown address 0xffffffffffffff98 (pc 0x0001017e0b60 bp 0x00016fb31990 sp 0x00016fb31970 T0)
==50672==The signal is caused by a UNKNOWN memory access.
    #0 0x1017e0b60 in Ark::internal::Node::nodeType() const+0x88 (libArkReactor.dylib:arm64+0x114b60)
    #1 0x1018e9850 in Ark::internal::ListExecutor::applyMacro(Ark::internal::Node&)+0xb40 (libArkReactor.dylib:arm64+0x21d850)
    #2 0x101904ea0 in Ark::internal::MacroExecutorPipeline::applyMacro(Ark::internal::Node&)+0x530 (libArkReactor.dylib:arm64+0x238ea0)
    #3 0x10190f1c8 in Ark::internal::MacroProcessor::applyMacro(Ark::internal::Node&)+0xb0 (libArkReactor.dylib:arm64+0x2431c8)
    #4 0x10190c584 in Ark::internal::MacroProcessor::process(Ark::internal::Node&, unsigned int)+0xd18 (libArkReactor.dylib:arm64+0x240584)
    #5 0x10190cad8 in Ark::internal::MacroProcessor::process(Ark::internal::Node&, unsigned int)+0x126c (libArkReactor.dylib:arm64+0x240ad8)
    #6 0x10190cad8 in Ark::internal::MacroProcessor::process(Ark::internal::Node&, unsigned int)+0x126c (libArkReactor.dylib:arm64+0x240ad8)
    #7 0x10190cad8 in Ark::internal::MacroProcessor::process(Ark::internal::Node&, unsigned int)+0x126c (libArkReactor.dylib:arm64+0x240ad8)
    #8 0x10190cad8 in Ark::internal::MacroProcessor::process(Ark::internal::Node&, unsigned int)+0x126c (libArkReactor.dylib:arm64+0x240ad8)
    #9 0x10190b6d8 in Ark::internal::MacroProcessor::feed(Ark::internal::Node const&)+0x220 (libArkReactor.dylib:arm64+0x23f6d8)
    #10 0x10188b710 in Ark::Compiler::feed(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&)+0x2c4 (libArkReactor.dylib:arm64+0x1bf710)
    #11 0x1019d78ec in Ark::State::compile(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&)+0x304 (libArkReactor.dylib:arm64+0x30b8ec)
    #12 0x1019d9614 in Ark::State::doFile(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&)+0xac8 (libArkReactor.dylib:arm64+0x30d614)
    #13 0x10040f35c in main+0x63c0 (arkscript:arm64+0x10014b35c)
    #14 0x19264fe4c  (<unknown module>)

==50672==Register values:
 x[0] = 0xffffffffffffff98   x[1] = 0x0000000000000000   x[2] = 0x0000000000000000   x[3] = 0x00000001053016e0  
 x[4] = 0x0000000063000000   x[5] = 0x0000000000000000   x[6] = 0x0000000000000000   x[7] = 0x0000000000000000  
 x[8] = 0x0000000000000000   x[9] = 0x0000000000000000  x[10] = 0x00000000000a8270  x[11] = 0x0000000000000053  
x[12] = 0x0000000100fcc000  x[13] = 0xffffff0000000000  x[14] = 0x0000000000000000  x[15] = 0x0000000000000000  
x[16] = 0x00000003066ef400  x[17] = 0x00000001022980a8  x[18] = 0x0000000000000000  x[19] = 0xffffffffffffff98  
x[20] = 0x0000007000020000  x[21] = 0x000000016fb31b70  x[22] = 0xffffffffffffff98  x[23] = 0x0000000104e08d48  
x[24] = 0x000000702df86334  x[25] = 0x0000000103c0c5e8  x[26] = 0x0000007000020000  x[27] = 0x0000000000000000  
x[28] = 0x000000016fb31c00     fp = 0x000000016fb31990     lr = 0x00000001018e9854     sp = 0x000000016fb31970  
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (libArkReactor.dylib:arm64+0x114b60) in Ark::internal::Node::nodeType() const+0x88
==50672==ABORTING
[1]    50672 abort      build/arkscript t.ark