SBCL

Runtime crash on simple funcall/apply code

Bug #1754128 reported by Zach Beane on 2018-03-07

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	SBCL	Fix Released	Undecided	Unassigned

Bug Description

Using latest from git on x86-64.

Given this code:

(defun fixed-point (fun args &key (test 'equal))
  (loop
    (let ((result (apply fun args)))
      (when (funcall test args result)
        (return result))
      (setf args result))))

(fixed-point 'list (list 1))

I get an immediate crash on calling FIXED-POINT starting from commit d9037941d42b65a1068c6c6464b60d2dd245dbee from stassats.

For example, with the latest from git:

$ ./run-sbcl.sh --no-userinit --no-sysinit --non-interactive --load ~/crasher.lisp
(running SBCL from: .)
This is SBCL 1.4.5.69-950a05b, an implementation of ANSI Common Lisp.
More information about SBCL is available at <http://www.sbcl.org/>.

SBCL is free software, provided as is, with absolutely no warranty.
It is mostly in the public domain; some portions are provided under
BSD-style licenses. See the CREDITS and COPYING files in the
distribution for more information.
CORRUPTION WARNING in SBCL pid 10869(tid 0x7ffff7fcd740):
Memory fault at (nil) (pc=0x1001c481c4, sp=0x7ffff6ea6f68)
The integrity of this image is possibly compromised.
Continuing with fingers crossed.
While evaluating the form starting at line 9, column 0
  of #P"/home/xach/crasher.lisp":
Unhandled SB-SYS:MEMORY-FAULT-ERROR in thread #<SB-THREAD:THREAD "main thread" RUNNING
          {10005E85B3}>:
  Unhandled memory fault at #x0.

Backtrace for: #<SB-THREAD:THREAD "main thread" RUNNING {10005E85B3}>
0: (FIXED-POINT 0 (1) :TEST 34374566114)
1: ("foreign function: #x2")
2: (SB-INT:SIMPLE-EVAL-IN-LEXENV (FIXED-POINT (QUOTE LIST) (LIST 1)) #<NULL-LEXENV>)
3: (EVAL-TLF (FIXED-POINT (QUOTE LIST) (LIST 1)) 1 NIL)
4: ((LABELS SB-FASL::EVAL-FORM :IN SB-INT:LOAD-AS-SOURCE) (FIXED-POINT (QUOTE LIST) (LIST 1)) 1)
5: ((LAMBDA (SB-KERNEL:FORM &KEY :CURRENT-INDEX &ALLOW-OTHER-KEYS) :IN SB-INT:LOAD-AS-SOURCE) (FIXED-POINT (QUOTE LIST) (LIST 1)) :CURRENT-INDEX 1)
6: (SB-C::%DO-FORMS-FROM-INFO #<CLOSURE (LAMBDA (SB-KERNEL:FORM &KEY :CURRENT-INDEX &ALLOW-OTHER-KEYS) :IN SB-INT:LOAD-AS-SOURCE) {1001B71B5B}> #<SB-C::SOURCE-INFO {1001B71B13}> SB-C::INPUT-ERROR-IN-LOAD)
7: (SB-INT:LOAD-AS-SOURCE #<SB-INT:FORM-TRACKING-STREAM for "file /home/xach/crasher.lisp" {1001B67E13}> :VERBOSE NIL :PRINT NIL :CONTEXT "loading")
8: ((FLET SB-FASL::THUNK :IN LOAD))
9: (SB-FASL::CALL-WITH-LOAD-BINDINGS #<CLOSURE (FLET SB-FASL::THUNK :IN LOAD) {7FFFF6EA77DB}> #<SB-INT:FORM-TRACKING-STREAM for "file /home/xach/crasher.lisp" {1001B67E13}>)
10: ((FLET SB-FASL::LOAD-STREAM :IN LOAD) #<SB-INT:FORM-TRACKING-STREAM for "file /home/xach/crasher.lisp" {1001B67E13}> NIL)
11: (LOAD #P"/home/xach/crasher.lisp" :VERBOSE NIL :PRINT NIL :IF-DOES-NOT-EXIST T :EXTERNAL-FORMAT :DEFAULT)
12: (SB-IMPL::PROCESS-EVAL/LOAD-OPTIONS ((:LOAD . "/home/xach/crasher.lisp") (:QUIT)))
13: (SB-IMPL::TOPLEVEL-INIT)
14: ((FLET SB-UNIX::BODY :IN SAVE-LISP-AND-DIE))
15: ((FLET "WITHOUT-INTERRUPTS-BODY-36" :IN SAVE-LISP-AND-DIE))
16: ((LABELS SB-IMPL::RESTART-LISP :IN SAVE-LISP-AND-DIE))

unhandled condition in --disable-debugger mode, quitting

Revision history for this message

Stas Boukarev (stassats) wrote on 2018-03-07:

8c7050c6b974087756fefe58cfea8465fa656292

Changed in sbcl:
status:	New → Fix Committed

Stas Boukarev (stassats) on 2018-03-31

Changed in sbcl:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.