Opened 7 years ago

Closed 7 years ago

Last modified 6 years ago

#1046 closed feature request (fixed)

Make array indexing immune to seg-faults

Reported by: simonpj Owned by: igloo
Priority: high Milestone: 6.8.1
Component: Compiler Version: 6.6
Keywords: Cc: p.tanski@…, id@…
Operating System: Unknown/Multiple Architecture: Unknown/Multiple
Type of failure: Difficulty: Unknown
Test Case: Blocked By:
Blocking: Related Tickets:

Description

As Spencer Janssen points out (http://www.haskell.org/pipermail/libraries/2006-December/006539.html), it's possible for a bogus instance of Ix to cause a Haskell implementation to seg-fault, simply by returning an out-of-range index. This is definitely a Bad Thing.

The only way to avoid this possibility is to make (!) perform a bounds check after calling the index method of class Ix. GHC's current implementation (in GHC.Arr) is

(!) :: Ix i => Array i e -> i -> e
arr@(Array l u _) ! i = unsafeAt arr (index (l,u) i)

Instead we could have

(!) :: Ix i => Array i e -> i -> e
arr@(Array l u _) ! i = safeAt arr (index (l,u) i)

where safeAt performs a bounds check. But that would two bounds checks, one in index and one in safeAt. We could eliminate one by using unsafeIndex, which is a (usually hidden) method of GHC's Ix class definition. However, that might give rise to less-informative messages when the bounds check fails.

To implement safeAt, we'd need a new primop:

arraySize :: Array# a -> Int

There would need to be corresponding stuff for Data.Array.IArray and Data.Array.MArray.

Change History (9)

comment:1 Changed 7 years ago by igloo

  • Milestone set to 6.8

comment:2 Changed 7 years ago by igloo

  • Priority changed from normal to high

comment:3 Changed 7 years ago by p_tanski

  • Cc p.tanski@… added

comment:4 Changed 7 years ago by Isaac Dupree

  • Cc id@… added

comment:5 Changed 7 years ago by igloo

  • Owner set to igloo

See proposal #1610.

comment:6 Changed 7 years ago by igloo

  • Resolution set to fixed
  • Status changed from new to closed

Fixed (proposal #1610)

comment:7 Changed 6 years ago by igloo

  • Milestone changed from 6.8 branch to 6.8.1

comment:8 Changed 6 years ago by simonmar

  • Architecture changed from Unknown to Unknown/Multiple

comment:9 Changed 6 years ago by simonmar

  • Operating System changed from Unknown to Unknown/Multiple
Note: See TracTickets for help on using tickets.