Segfault after quitting from a break loop

[olexandr-konovalov]

The following code leads to an error, as documented:

EvalString( "DeclareGlobalFunction( "a" );" );

However, exiting the break loop and executing it again leads to a different error, and exiting the 2nd break loop lead to a segmentation fault:

gap> EvalString( "DeclareGlobalFunction( \"a\" );" );
Error, Function call: <func> must return a value
not in any function at line 1 of stream
Error, Could not evaluate string.
 called from
<function "EvalString">( <arguments> )
 called from read-eval loop at line 8 of *stdin*
you can 'quit;' to quit to outer loop, or
you can 'return;' to continue
brk> quit;
gap> EvalString( "DeclareGlobalFunction( \"a\" );" );
Error, BIND_GLOBAL: variable `a' must be unbound called from
BIND_GLOBAL( name, NEW_OPERATION_ARGS( name ) 
 ); at /Users/alexk/GITREPS/gap/lib/oper.g:1746 called from
<function "DeclareGlobalFunction">( <arguments> )
 called from read-eval loop at line 1 of stream
you can 'quit;' to quit to outer loop, or
you can 'return;' to continue
brk> quit;
Segmentation fault: 11

[ChrisJefferson]

Simpler example. Also existed since at least 4.7.2 (earliest copy of GAP I have). Annoyingly nothing useful comes up from the debugger (which suggests misplaced longjump).

gap> f := function() return 1/0; end;
gap> EvalString("f();");
Error, Rational operations: <divisor> must not be zero in
  return 1 / 0; at *stdin*:2 called from
<function "f">( <arguments> )
 called from read-eval loop at line 1 of stream
you can replace <divisor> via 'return <divisor>;'
brk> quit;
Process 1353 stopped
* thread #1: tid = 0x5f7c, 0x0000000000000138, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x138)
    frame #0: 0x0000000000000138
error: memory read failed for 0x0

[ChrisJefferson]

Turns out this is coming from a strange source:

f := function() return 1/0; end;

a := "_q:=f();;";
stream := InputTextString(a);
Read(stream);

This also crashes. If you put any extra character at the end of the string a, it doesn't crash, so I think it's something to do with the parser, and double-semi-colon.

[ChrisJefferson]

Yup, some how a read eval error long jump is causing us to segfault (not sure exactly why, or how), when we fall off the end of the string.

[wagh]

It seems this is still not fixed. I am using latest release version (GAP 4.8.6, 12-Nov-2016, build of 2016-11-16 16:01:19).
Even the code given above crashes the GAP session:
Code:
f := function() return 1/0; end; a := "_q:=f();;"; stream := InputTextString(a); Read(stream);
and
brk> quit;
The trace starts with:
*** longjmp causes uninitialized stack frame ***:

[olexandr-konovalov]

@wagh thanks for checking. The fix, committed in cf6272a by @ChrisJefferson, went to the master branch, so this will appear in GAP 4.9 release. I've just tried your example, and I can't reproduce the crash with the current master branch.

[wagh]

@alex-konovalov thanks for the reply. I will check it after 4.9 release. As the commit was in April, and in the master branch, I thought it was already incorporated in the latest release.