From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Mark H Weaver <mhw@netris.org>
Newsgroups: gmane.lisp.guile.bugs
Subject: bug#13827: faulty range check in bytevector accessor
Date: Tue, 26 Feb 2013 21:30:15 -0500
Message-ID: <87y5eaxzd4.fsf@tines.lan>
References: <87liaay0o1.fsf@Kagami.home>
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain
X-Trace: ger.gmane.org 1361932277 27521 80.91.229.3 (27 Feb 2013 02:31:17 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Wed, 27 Feb 2013 02:31:17 +0000 (UTC)
Cc: 13827@debbugs.gnu.org
To: Ian Price <ianprice90@googlemail.com>
Original-X-From: bug-guile-bounces+guile-bugs=m.gmane.org@gnu.org Wed Feb 27 03:31:40 2013
Return-path: <bug-guile-bounces+guile-bugs=m.gmane.org@gnu.org>
Envelope-to: guile-bugs@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by plane.gmane.org with esmtp (Exim 4.69)
	(envelope-from <bug-guile-bounces+guile-bugs=m.gmane.org@gnu.org>)
	id 1UAWnz-0003fL-Ob
	for guile-bugs@m.gmane.org; Wed, 27 Feb 2013 03:31:39 +0100
Original-Received: from localhost ([::1]:49479 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <bug-guile-bounces+guile-bugs=m.gmane.org@gnu.org>)
	id 1UAWne-0006M7-Ps
	for guile-bugs@m.gmane.org; Tue, 26 Feb 2013 21:31:18 -0500
Original-Received: from eggs.gnu.org ([208.118.235.92]:32952)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1UAWnc-0006Lj-3g
	for bug-guile@gnu.org; Tue, 26 Feb 2013 21:31:17 -0500
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1UAWna-0001eH-DA
	for bug-guile@gnu.org; Tue, 26 Feb 2013 21:31:16 -0500
Original-Received: from debbugs.gnu.org ([140.186.70.43]:46610)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1UAWna-0001eC-9n
	for bug-guile@gnu.org; Tue, 26 Feb 2013 21:31:14 -0500
Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.72)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1UAWpJ-0005LZ-Pm
	for bug-guile@gnu.org; Tue, 26 Feb 2013 21:33:01 -0500
X-Loop: help-debbugs@gnu.org
Resent-From: Mark H Weaver <mhw@netris.org>
Original-Sender: debbugs-submit-bounces@debbugs.gnu.org
Resent-CC: bug-guile@gnu.org
Resent-Date: Wed, 27 Feb 2013 02:33:01 +0000
Resent-Message-ID: <handler.13827.B13827.136193234020499@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 13827
X-GNU-PR-Package: guile
X-GNU-PR-Keywords: 
Original-Received: via spool by 13827-submit@debbugs.gnu.org id=B13827.136193234020499
	(code B ref 13827); Wed, 27 Feb 2013 02:33:01 +0000
Original-Received: (at 13827) by debbugs.gnu.org; 27 Feb 2013 02:32:20 +0000
Original-Received: from localhost ([127.0.0.1]:52074 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.72)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1UAWoe-0005KZ-6T
	for submit@debbugs.gnu.org; Tue, 26 Feb 2013 21:32:20 -0500
Original-Received: from world.peace.net ([96.39.62.75]:60346)
	by debbugs.gnu.org with esmtp (Exim 4.72)
	(envelope-from <mhw@netris.org>) id 1UAWob-0005KQ-Ub
	for 13827@debbugs.gnu.org; Tue, 26 Feb 2013 21:32:19 -0500
Original-Received: from 209-6-91-212.c3-0.smr-ubr1.sbo-smr.ma.cable.rcn.com
	([209.6.91.212] helo=tines.lan)
	by world.peace.net with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16)
	(Exim 4.72) (envelope-from <mhw@netris.org>)
	id 1UAWml-0004oZ-D0; Tue, 26 Feb 2013 21:30:23 -0500
In-Reply-To: <87liaay0o1.fsf@Kagami.home> (Ian Price's message of "Wed, 27 Feb
	2013 02:02:06 +0000")
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.2 (gnu/linux)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.13
Precedence: list
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x
X-Received-From: 140.186.70.43
X-BeenThere: bug-guile@gnu.org
List-Id: "Bug reports for GUILE,
	GNU's Ubiquitous Extension Language" <bug-guile.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-guile>,
	<mailto:bug-guile-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/bug-guile>
List-Post: <mailto:bug-guile@gnu.org>
List-Help: <mailto:bug-guile-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-guile>,
	<mailto:bug-guile-request@gnu.org?subject=subscribe>
Errors-To: bug-guile-bounces+guile-bugs=m.gmane.org@gnu.org
Original-Sender: bug-guile-bounces+guile-bugs=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.lisp.guile.bugs:6797
Archived-At: <http://permalink.gmane.org/gmane.lisp.guile.bugs/6797>

Ian Price <ianprice90@googlemail.com> writes:
> After some talk on #guile, Mark and I believe it comes down to the range
> check in INTEGER_ACCESSOR_PROLOGUE in bytevectors.c

Going a bit further: INTEGER_ACCESSOR_PROLOGUE uses 'scm_to_uint', which
I believe should fail for 2^32 on a 32-bit machine.  According to
numbers.h:430, 'scm_to_uint' should be an alias for 'scm_to_uint32',
which is defined in numbers.c:9277 and conv-uinteger.i.c:27.

It seems to me that it ought to be getting to conv-uinteger.i.c:50,
which calls 'mpz_fits_ulong_p'.  So maybe it's a bug in the version of
libgmp on Ian's machine, or perhaps I'm missing something.

I don't know whether it's possible to step through the code in
'conv-uinteger.i.c' using gdb.  If so, I'd like to see what happens.  If
not, I suspect the next step is to write some test programs in C and try
them on Ian's machine: first test 'scm_to_uint32', which should raise an
exception for 2^32.  If it doesn't then try testing 'mpz_fits_ulong_p'
directly and see if it's broken.

    Thanks,
      Mark