Writing to readonly data gives SIGBUS error; should be CT error instead #8463
Comments
|
Tagging @yglukhov, in C we can reproduce it with: int main(int argc, char **argv)
{
char* s = "0123456789";
s[0] = 'c';
return 0;
}which points to constant memory in the executable and it can be fixed by using int main(int argc, char **argv)
{
char s[10] = "0123456789";
s[0] = 'c';
return 0;
} |
|
It may be related to #8370 - Nim doesn't distinguish |
|
I think we can just distinguish between |
|
I don't have an idea whether and to which extent it's possible. I explained here that while we have let/const on higher level, we can't include such fields into structures, so the protection may be leaky. But it's just a wild assumption from general theoretical viewpoint :) At least, compiler writers will need to check how their final solution plays with deeper object hierarchies. |
|
I don't think there is anything to fix here, |
|
@Araq Give a better error message than SIGBUS? |
|
SIBGUS vs SIGSEGV is just a OSX thing and custom signal handlers for nicer error messages cause more problems than they solve. |
there should be a CT error, it should be illegal to write to rodata I was going to file an issue but I searched and found this. Here's another example, same root cause: const a = "abc"
var x = a.cstring
x[0]='t' # SIGBUS: Illegal storage access.This is related also to nim-lang/RFCs#126 (comment):
and solving this issue properly would enable There should be a storage class to represent rodata, and prevent write access at CT. How exactly to do that needs to be determined but this problem is solvable (and other languages, eg D, handle this aspect well). I have a concrete proposal in mind but no RFC yet, that would work not only for this problem but also for escape analysis (for first class openarrays) notea simpler fix might be possible by using C arrays (char[]) instead of c string litterals in cgen, but this might have performance implications; EDIT: this would prevent returning a cstring from a proc, as it'd allocate on stack, so it's not a viable alternative in most cases related |
timotheecour
changed the title
There is no bug here. Let's keep this closed please. If some RFC gets accepted that improves the situation, that's fine, but with the current spec it is not a bug the compiler needs to detect. |
… allowed (#15878) * follow #8463 #14157 and document cstring literals * Update doc/manual.rst Co-authored-by: Juan Carlos <[email protected]> Co-authored-by: Andreas Rumpf <[email protected]>
…ification is not allowed (nim-lang#15878) * follow nim-lang#8463 nim-lang#14157 and document cstring literals * Update doc/manual.rst Co-authored-by: Juan Carlos <[email protected]> Co-authored-by: Andreas Rumpf <[email protected]>
…ification is not allowed (nim-lang#15878) * follow nim-lang#8463 nim-lang#14157 and document cstring literals * Update doc/manual.rst Co-authored-by: Juan Carlos <[email protected]> Co-authored-by: Andreas Rumpf <[email protected]>
|
this could be fixed by timotheecour#524 |
…ification is not allowed (nim-lang#15878) * follow nim-lang#8463 nim-lang#14157 and document cstring literals * Update doc/manual.rst Co-authored-by: Juan Carlos <[email protected]> Co-authored-by: Andreas Rumpf <[email protected]>
…ification is not allowed (nim-lang#15878) * follow nim-lang#8463 nim-lang#14157 and document cstring literals * Update doc/manual.rst Co-authored-by: Juan Carlos <[email protected]> Co-authored-by: Andreas Rumpf <[email protected]>
While wrapping a C library and trying to understand why it could write to
ptr charbut segfaulted when I asked it to write to(var) cstring, I came upon the following issue:Note that this is a SIGBUS (accessing unaddressable memory) not a SIGSEGV (accessing unauthorized memory).
The text was updated successfully, but these errors were encountered: