Bug#953437: libflint-arb2: acb_hypgeom_2f1 segfaults on mips64el for certain inputs

Thibaut Paumard thibaut at debian.org
Mon Mar 9 18:53:41 GMT 2020 

Package: libflint-arb2
Version: 1:2.17.0-1
Severity: normal

Dear Maintainer,

acb_hypgeom_2f1 segfaults on mips64el for certain inputs.

This triggered a FTBFS through the test-suite of Gyoto:
https://buildd.debian.org/status/fetch.php?pkg=gyoto&arch=mips64el&ver=1.4.3-2&stamp=1582934308&raw=0
which was passing previously:
https://buildd.debian.org/status/fetch.php?pkg=gyoto&arch=mips64el&ver=1.4.3-1%2Bb1&stamp=1574106308&raw=0
and still passes on all other architectures.

libflint-arb seems to be the same version but libflint changed from
version 2.5.2-20 to 2.5.2-21. The bug may thus actually be in libflint.

I wrote a small case:

8<----8<----8<----8<---- hypergeom.c 8<----8-----8<----
#include <stdio.h>
#include <stdlib.h>
#include <acb_hypgeom.h>

double hypergeom (double kappaIndex, double thetae) {
  // See documentation: http://arblib.org/acb_hypgeom.html#c.acb_hypgeom_2f1
  acb_t FF, aa, bb, cc, zed;
  acb_init(FF);
  acb_init(aa);
  acb_init(bb);
  acb_init(cc);
  acb_init(zed);
  acb_set_d_d(aa,   kappaIndex-1./3.,  0.);
  acb_set_d_d(bb,   kappaIndex+1.,     0.);
  acb_set_d_d(cc,   kappaIndex+2./3.,  0.);
  acb_set_d_d(zed, -kappaIndex*thetae, 0.);
  slong prec=53; // 53 for double precision
  acb_hypgeom_2f1(FF, aa, bb, cc, zed, ACB_HYPGEOM_2F1_AC, prec);
  double hypergeom = arf_get_d(&acb_realref(FF)->mid, ARF_RND_NEAR);
  // uncertainty
  // double rad = mag_get_d(&acb_realref(FF)->rad);
  acb_clear(FF);
  acb_clear(aa);
  acb_clear(bb);
  acb_clear(cc);
  acb_clear(zed);
  return hypergeom;
}

int main(int argc, char **argv) {
  double k=5.5, t=2.279935427802561, h=0;
  if (argc >= 2) k=atof(argv[1]);
  if (argc >= 3) t=atof(argv[2]);
  h=hypergeom(k, t);
  printf ("hypergeom(%e, %e)=%e\n",k, t, h);
  return 0;
}
8<----8<----8<----8<----8<----8<----8<----8<----8<----8<----


Compile with
gcc -o hypergeom main.c -lflint-arb -lflint

The program segfaults for the built-in data as well as for "large"
values of the two arguments:
(sid_mips64el-dchroot)thibaut at eller:~$ ./hypergeom 0.6 0.5
Segmentation fault
(sid_mips64el-dchroot)thibaut at eller:~$ ./hypergeom 0.5 0.6
Segmentation fault

but runs fine for smaller values of each argument:
(sid_mips64el-dchroot)thibaut at eller:~$ ./hypergeom 0.5 0.5
hypergeom(5.000000e-01, 5.000000e-01)=9.539590e-01

Here comes a backtrace:
(gdb) run
Starting program: /home/thibaut/hypergeom
[Thread debugging using libthread_db enabled]
Using host libthread_db library
"/lib/mips64el-linux-gnuabi64/libthread_db.so.1".

Program received signal SIGSEGV, Segmentation fault.
flint_mpz_set_si (r=0xaaaaacfb60, r=0xaaaaacfb60, s=1025435369) at
./gmpcompat.h:66
warning: Source file is more recent than executable.
66            r->_mp_d[0] = s;
(gdb) bt
#0  flint_mpz_set_si (r=0xaaaaacfb60, r=0xaaaaacfb60, s=1025435369) at
./gmpcompat.h:66
#1  fmpz_mul_2exp (f=0xffffffb348, g=<optimized out>, exp=33) at
mul_2exp.c:51
#2  0x000000fff7df2738 in arb_get_interval_fmpz_2exp (a=0xffffffb340,
b=0xffffffb348, exp=0xffffffb350,
    x=<optimized out>) at get_interval_fmpz_2exp.c:61
#3  0x000000fff7de8138 in arb_get_unique_fmpz (z=0xaaaaacedf0,
x=0xffffffb3e8) at get_unique_fmpz.c:67
#4  0x000000fff7f5de24 in bernoulli_rev_next (numer=0xaaaaacedf0,
denom=0xaaaaacedf8, iter=0xffffffb4e8)
    at rev_next.c:80
#5  0x000000fff7f5d8b8 in bernoulli_cache_compute (n=<optimized out>) at
cache_compute.c:55
#6  0x000000fff7e16f08 in arb_gamma_stirling_coeff (b=0xffffffb678, k=8,
digamma=<optimized out>,
    prec=10) at gamma.c:339
#7  0x000000fff7e17348 in arb_gamma_stirling_eval (s=0xffffffb828,
z=0xffffffb7f8, nterms=9,
    digamma=<optimized out>, prec=59) at gamma.c:396
#8  0x000000fff7e18ac4 in _arb_gamma (y=y at entry=0xffffffbcf8,
x=0xffffffc370, prec=53,
    inverse=inverse at entry=0) at gamma.c:871
#9  0x000000fff7e18de8 in arb_gamma (y=0xaaaaacfb60,
y at entry=0xffffffbcf8, x=0xaaaaacfb60, prec=33)
    at gamma.c:898
#10 0x000000fff7e6d558 in acb_gamma (y=0xffffffbcf8, x=<optimized out>,
prec=<optimized out>)
    at gamma.c:220
#11 0x000000fff7ee33b8 in acb_hypgeom_2f1_transform_nolimit
(res=0xffffffc250, a=0xffffffc2b0,
    b=0xffffffc310, c=0xffffffc370, z=0xffffffc3d0,
regularized=<optimized out>, which=<optimized out>,
    prec=53) at 2f1_transform.c:248
#12 0x000000fff7ee3a44 in acb_hypgeom_2f1_transform (res=0xffffffc250,
a=0xffffffc2b0, b=0xffffffc310,
    c=0xffffffc370, z=<optimized out>, flags=<optimized out>,
which=<optimized out>, prec=53)
    at 2f1_transform.c:458
#13 0x000000fff7ed9f10 in acb_hypgeom_2f1 (res=0xffffffc250,
a=0xffffffc2b0, b=0xffffffc310,
    c=0xffffffc370, z=0xffffffc3d0, flags=<optimized out>, prec=53) at
2f1.c:185
#14 0x000000aaaaaab180 in hypergeom ()
#15 0x000000aaaaaab304 in main ()

_mp_d above is initialized through _fmpz_promote which I don't
understand.

Regards, Thibaut.

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable')
Architecture: mips64el (mips64)

Kernel: Linux 4.19.0-8-octeon (SMP w/4 CPU cores)
Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: unable to detect

Versions of packages libflint-arb2 depends on:
ii  libc6           2.29-10
ii  libflint-2.5.2  2.5.2-21
ii  libgmp10        2:6.2.0+dfsg-4
ii  libmpfr6        4.0.2-1

libflint-arb2 recommends no packages.

libflint-arb2 suggests no packages.

-- no debconf information

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/debian-science-maintainers/attachments/20200309/b47023bd/attachment-0001.sig>

More information about the debian-science-maintainers mailing list