bug-prolog
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Integer overflow in functor/3


From: Daniel Diaz
Subject: Re: Integer overflow in functor/3
Date: Thu, 4 Mar 2021 09:01:53 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.7.1

Hi,

thank you for the bug report.
This will be fixed in the next version.

Daniel

Le 11/15/20 à 7:25 AM, Mark Barbone a écrit :
> Hi all,
>
> I've found a minor bug in functor/3.  With an arity argument outside
> the range of an int, the value is truncated into the size of an int.
>
> Here are two examples of potential outcomes, along with a correct
> example that doesn't have overflow:
>
> | ?- X is 1<<32 + 3, functor(F, hi, X).
>
> F = hi(_,_,_)
> X = 4294967299
>
> yes
> | ?- X is 1<<31, functor(F, hi, X).    
> uncaught exception: error(type_error(atom,hi),functor/3)
> | ?- X is 1<<31 - 1, functor(F, hi, X).
> uncaught exception: error(representation_error(max_arity),functor/3)
>
> I would expect all of these to be representation_errors.  The second
> example happens because of  a catch-all error clause in Pl_Blt_Functor
> (term_inl_c.c, line 282):
>
>   // ... checks if arity > 0 and functor_word is valid
>   if (arity != 0)
>     Pl_Err_Type(pl_type_atom, functor_word);
>
> The root cause is that arity is declared as an integer, instead of a
> PlLong (term_inl_c.c, line 225):
>
>   int arity;
>
> Thanks, and I hope the bug report helps.
>
> -Mark





reply via email to

[Prev in Thread] Current Thread [Next in Thread]