SIGSEGV

[maciejhirsz]

Need to find a way to reproduce, as it apparently happens on stable Rust: rust-lang/rust#38687

edit: running cargo test --test value reproduces the issue

[meh]

@maciejhirsz you should try and use american fuzzy lop, it works wonders, would you accept a pull request that sets that up?

(Although it probably wouldn't have found this :P)

[maciejhirsz]

Would definitely accept a PR. Even if it can't find this particular issue, there had been others issues in the past.

[dtolnay]

I wonder what is changing on the compiler side to affect this. On my computer:

while cargo +1.12.0 test --test value; do :; done # does not fail
while cargo +1.13.0 test --test value; do :; done # does not fail
while cargo +1.14.0 test --test value; do :; done # fails almost immediately
while cargo +beta test --test value; do :; done # fails almost immediately
while cargo +nightly test --test value; do :; done # does not fail

[maciejhirsz]

Interesting thing is that I'm unable to reproduce it on OSX, but I can reproduce it on a Linux machine.

[maciejhirsz]

Identified the problem. I was playing with fire and got humbled by the compiler once I tried rewriting object.rs to safe rust at cost of performance to see if that eliminates the segfault.

I wrongly attributed the borrow lifetimes to be call scope instead of bound to the Node here:

json-rust/src/object.rs

Lines 100 to 112 in 9eabb90

	#[inline(always)]
	fn key<'a>(&self) -> &'a [u8] {
	unsafe {
	slice::from_raw_parts(self.key_ptr, self.key_len)
	}
	}
	#[inline(always)]
	fn key_str<'a>(&self) -> &'a str {
	unsafe {
	str::from_utf8_unchecked(self.key())
	}
	}

Fix and new release should follow shortly.