From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!.POSTED!not-for-mail
From: Philipp Stephani <p.stephani2@gmail.com>
Newsgroups: gmane.emacs.devel
Subject: Re: How much do we care about undefined behavior triggered by invalid
	bytecode?
Date: Tue, 22 May 2018 17:37:27 +0200
Message-ID: <CAArVCkR0DuvE2f9qXqR7r5i8PA9478VDwW6-YuqhzDKqpo4EBg@mail.gmail.com>
References: <CAArVCkT2=V9P5UW1+CEDLEiQY_7ND5V3EoAD=3VZ8OM2TgSn1Q@mail.gmail.com>
	<CAM-tV-885iDAPxgXbKgrn77Md6RvCJEq2poYW1k3QiT1=T_wVw@mail.gmail.com>
	<CAArVCkS1rOdLM0UBEhdK+O39pxKa1zwP9D3cZwoVwYt5Qw11qg@mail.gmail.com>
	<CAM-tV-9z4zuS90jaYw5TCmzSMOzcpm7wBGczjrVd0_r8u36wsw@mail.gmail.com>
	<2f400c58-1214-d442-f3a9-30b5c7d73863@cs.ucla.edu>
NNTP-Posting-Host: blaine.gmane.org
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="000000000000cd892a056ccd32fd"
X-Trace: blaine.gmane.org 1527003342 11668 195.159.176.226 (22 May 2018 15:35:42 GMT)
X-Complaints-To: usenet@blaine.gmane.org
NNTP-Posting-Date: Tue, 22 May 2018 15:35:42 +0000 (UTC)
Cc: Noam Postavsky <npostavs@gmail.com>, Emacs developers <emacs-devel@gnu.org>
To: Paul Eggert <eggert@cs.ucla.edu>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Tue May 22 17:35:38 2018
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by blaine.gmane.org with esmtp (Exim 4.84_2)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1fL9K5-0002un-4h
	for ged-emacs-devel@m.gmane.org; Tue, 22 May 2018 17:35:37 +0200
Original-Received: from localhost ([::1]:56430 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1fL9MC-0004tZ-AI
	for ged-emacs-devel@m.gmane.org; Tue, 22 May 2018 11:37:48 -0400
Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:34464)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <p.stephani2@gmail.com>) id 1fL9M6-0004tJ-7A
	for emacs-devel@gnu.org; Tue, 22 May 2018 11:37:43 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <p.stephani2@gmail.com>) id 1fL9M5-0000yt-2l
	for emacs-devel@gnu.org; Tue, 22 May 2018 11:37:42 -0400
Original-Received: from mail-ot0-x230.google.com ([2607:f8b0:4003:c0f::230]:41618)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <p.stephani2@gmail.com>)
	id 1fL9M4-0000yp-Sw
	for emacs-devel@gnu.org; Tue, 22 May 2018 11:37:41 -0400
Original-Received: by mail-ot0-x230.google.com with SMTP id t1-v6so21475414oth.8
	for <emacs-devel@gnu.org>; Tue, 22 May 2018 08:37:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
	h=mime-version:references:in-reply-to:from:date:message-id:subject:to
	:cc; bh=i9AkERO2sHF0PKmctXqgycG3L8XW5dFiW1Z4sq2Cwew=;
	b=k3mtT9D2rWP+PIx5mls1bMvTCc2xgdsnDEQVhJkcY4iyg0XVhG0wnq5hN5LZSaLJDx
	QNnX8GIc3XlJPUFZOb6TX7iC4pKsHoatp6TT7V01wslt0lk3EwLRLW16Lef/ix7w0ud4
	nb3GT9e9DLTh6+uFRduXZvjKsvZ5lNGAK+IdEkNo3Cf2kZwjgtOCSjE/8Xd6lVcZDVbI
	/c6ngDF0MmJRktauc12lUdCCQSscznrkN+G8FeQVjK4KBqZlJr6MLse+M3EEMGDn51EF
	nf1JTUwwWEu06JPEDRS4PfLpbg/4vtQYXgapvmBsEOtkqfrfA/PfNFMavYBKh0zbjy4x
	Ohog==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:mime-version:references:in-reply-to:from:date
	:message-id:subject:to:cc;
	bh=i9AkERO2sHF0PKmctXqgycG3L8XW5dFiW1Z4sq2Cwew=;
	b=pjiu2GcIkbPofhTJ0jBAG8p9P0p0uhzRIeXV6VqddXhoW8ySan0Dp1GH+gW74uTcRk
	EvcGBa8EUygAeG8oIszZYcOVAMlUTW5UKFgyZ7eaWx2Rw9uIkcw/3aJgctzjmze1Jdmr
	D0e64fKNenZ9Va28QOFTVhslYbCFz8uBzVrlh0Ljo2mLL5IUeKaIxW0QnZ7wkioLjJem
	14ydC6Ca+7tnbxdNs7QwhXL49DnUQekEf93vhSa17F5pN0dIUF39ILlwyuyDnCrKLKHZ
	Ne5qVwdJRRI7N1yKu0XzH9SMs9oMFeOZzpIFZ8yPXAINIrfkv7pbewCRJlEnG6nPM/FQ
	n4Gg==
X-Gm-Message-State: ALKqPwcSIygn/6HCdzVYaZcqjRC6UCdelf2+NoCmjbiwh7FzP6PWqYD5
	gsWRQPXm5dr1zI7+vIiWH3zzm22DYSYWIujKX58=
X-Google-Smtp-Source: AB8JxZpyjAtSOq5hbIysdLoiR5ERr04nYWlsoom0usOQ4DqNQVAtJpsVvrjrG9JZl+r19aqAhP4hdIfH6u28HsS3e/g=
X-Received: by 2002:a9d:328:: with SMTP id
	37-v6mr15222811otv.229.1527003459972; 
	Tue, 22 May 2018 08:37:39 -0700 (PDT)
In-Reply-To: <2f400c58-1214-d442-f3a9-30b5c7d73863@cs.ucla.edu>
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
	recognized.
X-Received-From: 2607:f8b0:4003:c0f::230
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel/>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: "Emacs-devel" <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Xref: news.gmane.org gmane.emacs.devel:225557
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/225557>

--000000000000cd892a056ccd32fd
Content-Type: text/plain; charset="UTF-8"

Paul Eggert <eggert@cs.ucla.edu> schrieb am Di., 22. Mai 2018 um 16:51 Uhr:

> Noam Postavsky wrote:
> > Oh, you meant just reading the object causes a crash?
>
> I doubt he meant that. Surely he meant that if you read and then execute a
> bytecode object, you can easily crash Emacs.
>
>
No, I did mean "read." For example, the following triggers an assertion:


emacs -Q -batch -eval '(let ((load-force-doc-strings t)) (read "#[0
\"\"]"))'


./lisp.h:1723: Emacs fatal error: assertion failed: 0 <= idx && idx < ASIZE
(array)
Fatal error 6: Abort trapAbort trap: 6

--000000000000cd892a056ccd32fd
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><br><br><div class=3D"gmail_quote"><div dir=3D"ltr">Paul E=
ggert &lt;<a href=3D"mailto:eggert@cs.ucla.edu">eggert@cs.ucla.edu</a>&gt; =
schrieb am Di., 22. Mai 2018 um 16:51=C2=A0Uhr:<br></div><blockquote class=
=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padd=
ing-left:1ex">Noam Postavsky wrote:<br>
&gt; Oh, you meant just reading the object causes a crash?<br>
<br>
I doubt he meant that. Surely he meant that if you read and then execute a =
<br>
bytecode object, you can easily crash Emacs.<br>
<br></blockquote><div><br></div><div>No, I did mean &quot;read.&quot; For e=
xample, the following triggers an assertion:</div><div><br></div><div><br><=
/div>





<p class=3D"inbox-inbox-p1"><span class=3D"inbox-inbox-s1">emacs -Q -batch =
-eval &#39;(let ((load-force-doc-strings t)) (read &quot;#[0 \&quot;\&quot;=
]&quot;))&#39;</span></p>
<p class=3D"inbox-inbox-p2"><span class=3D"inbox-inbox-s1"></span><br></p>
<p class=3D"inbox-inbox-p1"><span class=3D"inbox-inbox-s1">./lisp.h:1723: E=
macs fatal error: assertion failed: 0 &lt;=3D idx &amp;&amp; idx &lt; ASIZE=
 (array)</span></p>
<div>Fatal error 6: Abort trapAbort trap: 6=C2=A0</div></div></div>

--000000000000cd892a056ccd32fd--