Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Segfault in grammar #4066

Closed
3 tasks
jmikedupont2 opened this issue Nov 13, 2023 · 11 comments
Closed
3 tasks

Segfault in grammar #4066

jmikedupont2 opened this issue Nov 13, 2023 · 11 comments

Comments

@jmikedupont2
Copy link

jmikedupont2 commented Nov 13, 2023

Prerequisites

  • [ x] I am running the latest code. Development is very rapid so there are no tagged versions as of now.
  • I carefully followed the README.md.
  • I searched using keywords relevant to my issue to make sure that I am creating a new issue that is not already open (or closed).
  • I reviewed the Discussions, and have a new bug or useful enhancement to share.

Expected Behavior

see ebnf.ebnf in pr master...meta-introspector:llama.cpp:bugreport/ebnf#diff-8fbce6bdd71d2aae9d1f7fc3012fd793035a6d35b970544d46aa161844ef97e2

Current Behavior

0x00005555555e0993 in llama_grammar_init (rules=0x555555991d30, n_rules=29, start_rule_index=26) a\t /home/mdupont/experiments/llama.cpp/llama.cpp:6385
6385            for (pos = rules[i]; pos->type != LLAMA_GRETYPE_END; pos++) {
(gdb)```

@jmikedupont2
Copy link
Author

wow so rule 9 is jusT null

(const llama_grammar_element *) 0x555555a11c60
(gdb) p rules[8]                                                                                   $9 = (const llama_grammar_element *) 0x555555a11da0
(gdb) p rules[9]
$10 = (const llama_grammar_element *) 0x0                                                          (gdb) p rules[10]
$11 = (const llama_grammar_element *) 0x555555a0fcb0

i am going to add a check

@jmikedupont2
Copy link
Author

Now looking at it,
The grammar rules have a hole in them, I think it is from the growth function
$1 = std::vector of length 29, capacity 29 = {0x555555a11c20, 0x555555d646c0, 0x555555a11f70,
0x555555a11130, 0x555555a0fcc0, 0x555555a14210, 0x555555a0fca0, 0x555555a10ef0,
0x555555a0e9c0, 0x0, 0x555555a0fde0, 0x555555a0fc80, 0x555555a120d0, 0x555555a0e340,
0x555555d87020, 0x555555d86d30, 0x555555a0fc40, 0x555555a0fdb0, 0x555555a0fce0,
0x555555a0fd20, 0x555555a0fc60, 0x555555d86f70, 0x555555a12b80, 0x555555d86fa0,
0x555555a14480, 0x555555d871a0, 0x555555d870e0, 0x555555d87290, 0x555555d872e0}
(gdb) bt
#0 0x00005555555e0993 in llama_grammar_init (rules=0x555555991d30, n_rules=29,
start_rule_index=26) at /home/mdupont/experiments/llama.cpp/llama.cpp:6385
#1 0x00005555555b4cb1 in llama_sampling_init (params=...)
at /home/mdupont/experiments/llama.cpp/common/sampling.cpp:21
#2 0x000055555556685a in main (argc=7, argv=0x7fffffffe1b8)
at /home/mdupont/experiments/llama.cpp/examples/main/main.cpp:460

@jmikedupont2
Copy link
Author

ran the debugger, rule 9 was never added.

adding rule id 7
adding rule id 6
resize id 10
adding rule id 10
adding rule id 8
resize id 12
adding rule id 12
adding rule id 11
resize id 13
adding rule id 13
resize id 15```

@jmikedupont2
Copy link
Author

so it is a whole created by resize that is used and crashes, i am going to try and find what causes the id 9 to be dropped

@jmikedupont2
Copy link
Author

I added my debug code to the branch

@jmikedupont2
Copy link
Author

Looking at the new debug dump:

added id:9 wit string:|character|
added id:9 wit string:|-|
added id:11 wit string:|character|
added id:11 wit string:|-|
resize id 10
adding rule id 10
adding rule id 8
added id:11 wit string:|terminator|
resize id 12
adding rule id 12
adding rule id 11                                                                                  added id:13 wit string:|term|

@jmikedupont2
Copy link
Author

I was able to resolve the bug, it seems to be the - in the rule. a05aa8a

so this caused the crash terminal ::= "'" character - "'" ( character - "'" ) "'" #| '"' character - '"' ( character - '"' ) '"'

@tadad
Copy link

tadad commented Nov 16, 2023

ran into the same issue. Does a05aa8a fix the segfault?

@jmikedupont2
Copy link
Author

jmikedupont2 commented Nov 16, 2023 via email

@spencekim
Copy link

seems related to #3878

Copy link
Contributor

github-actions bot commented Apr 2, 2024

This issue was closed because it has been inactive for 14 days since being marked as stale.

@github-actions github-actions bot closed this as completed Apr 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

3 participants