Segmentation fault in v11.1.0 when using the `validate` command

Using [v11.1.0](https://github.com/sourcemeta/jsonschema/releases/tag/v11.1.0), `jsonschema validate` segfaults on Ubuntu 22.04.5 LTS (Linux x86_64) when validating [**attr_bad_valid_in_enum_false.ksy**](https://github.com/kaitai-io/kaitai_struct_tests/blob/0914597c9256b19259c194bfa8877af2218152e6/formats_err/attr_bad_valid_in_enum_false.ksy) (note that the **.ksy** extension has to be changed to **.yml** to be interpreted by `jsonschema` as YAML) against [**ksy_schema.json**](https://github.com/kaitai-io/ksy_schema/blob/270affc242a914b6d1723b39cf3b6134d27a2c1a/ksy_schema.json):

```console
$ ll
total 8
drwxr-xr-x  2 pp pp 4096 2025-08-09 20:30 ./
drwxr-xr-x 55 pp pp 4096 2025-08-09 20:30 ../
$ curl -fsSLO https://github.com/sourcemeta/jsonschema/releases/download/v11.1.0/jsonschema-11.1.0-linux-x86_64.zip
$ sha256sum jsonschema-11.1.0-linux-x86_64.zip
7cefe6a05b590a0efb6cb5e2d046d2db2ba2173e48255c190c3c934f440dd596  jsonschema-11.1.0-linux-x86_64.zip
$ file jsonschema-11.1.0-linux-x86_64.zip
jsonschema-11.1.0-linux-x86_64.zip: Zip archive data, at least v2.0 to extract, compression method=store
$ unzip -l jsonschema-11.1.0-linux-x86_64.zip
Archive:  jsonschema-11.1.0-linux-x86_64.zip
  Length      Date    Time    Name
---------  ---------- -----   ----
        0  2025-08-08 17:42   jsonschema-11.1.0-linux-x86_64/bin/
  5225360  2025-08-08 17:40   jsonschema-11.1.0-linux-x86_64/bin/jsonschema
---------                     -------
  5225360                     2 files
$ unzip -j jsonschema-11.1.0-linux-x86_64.zip jsonschema-11.1.0-linux-x86_64/bin/jsonschema
Archive:  jsonschema-11.1.0-linux-x86_64.zip
  inflating: jsonschema
$ sha256sum jsonschema
78caa25c5b872ca8964b4932f2b957a8ea84e4f68446b391d8ae17732d98ae53  jsonschema
$ file jsonschema
jsonschema: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=6bb35faf9f03ea640a6dcdc26e8959b87d179e53, for GNU/Linux 3.2.0, not stripped
$ ./jsonschema version
11.1.0
$ curl -fsSLO https://github.com/kaitai-io/ksy_schema/raw/270affc242a914b6d1723b39cf3b6134d27a2c1a/ksy_schema.json
$ sha256sum ksy_schema.json
5cdce26900b92a86ae628e57a4708736fcc72b85cfa9a257d86767644abfd436  ksy_schema.json
$ curl -fsSLO https://github.com/kaitai-io/kaitai_struct_tests/raw/0914597c9256b19259c194bfa8877af2218152e6/formats_err/attr_bad_valid_in_enum_false.ksy
$ sha256sum attr_bad_valid_in_enum_false.ksy
383747e7e104dcc80dcfd3307ce255da973fab71e19a72411c32e6f8b4b0d58c  attr_bad_valid_in_enum_false.ksy
$ mv -v attr_bad_valid_in_enum_false.{ksy,yml}
renamed 'attr_bad_valid_in_enum_false.ksy' -> 'attr_bad_valid_in_enum_false.yml'
$ ll -t
total 7072
drwxr-xr-x  2 pp pp    4096 2025-08-09 20:36 ./
-rw-r--r--  1 pp pp     333 2025-08-09 20:35 attr_bad_valid_in_enum_false.yml
-rw-r--r--  1 pp pp   39786 2025-08-09 20:34 ksy_schema.json
-rw-r--r--  1 pp pp 1959950 2025-08-09 20:31 jsonschema-11.1.0-linux-x86_64.zip
drwxr-xr-x 55 pp pp    4096 2025-08-09 20:30 ../
-rwxr-xr-x  1 pp pp 5225360 2025-08-08 17:40 jsonschema*
$ ./jsonschema validate -v ksy_schema.json attr_bad_valid_in_enum_false.yml
Segmentation fault (core dumped)
$ echo $?
139
```

When I run it through GDB, I get this stack trace:

```console
$ gdb -ex run --args ./jsonschema validate -v ksy_schema.json attr_bad_valid_in_enum_false.yml
GNU gdb (Ubuntu 12.1-0ubuntu1~22.04.2) 12.1
Copyright (C) 2022 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from ./jsonschema...
(No debugging symbols found in ./jsonschema)
Starting program: /home/pp/sourcemeta-jsonschema-issue432/jsonschema validate -v ksy_schema.json attr_bad_valid_in_enum_false.yml
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".

Program received signal SIGSEGV, Segmentation fault.
0x00005555555eb00c in sourcemeta::core::get(sourcemeta::core::JSON const&, sourcemeta::core::GenericPointer<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, sourcemeta::core::PropertyHashJSON<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&) ()
(gdb) backtrace
#0  0x00005555555eb00c in sourcemeta::core::get(sourcemeta::core::JSON const&, sourcemeta::core::GenericPointer<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, sourcemeta::core::PropertyHashJSON<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&) ()
#1  0x00005555557279e2 in sourcemeta::blaze::complete::LoopPropertiesRegex(sourcemeta::blaze::Instruction const&, sourcemeta::blaze::Template const&, std::function<void (sourcemeta::blaze::EvaluationType, bool, sourcemeta::blaze::Instruction const&, sourcemeta::core::GenericPointer<std::reference_wrapper<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const>, sourcemeta::core::PropertyHashJSON<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&, sourcemeta::core::GenericPointer<std::reference_wrapper<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const>, sourcemeta::core::PropertyHashJSON<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&, sourcemeta::core::JSON const&)> const&, sourcemeta::core::JSON const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const*, unsigned long, sourcemeta::blaze::Evaluator&) [clone .lto_priv.0] ()
#2  0x000055555571e384 in sourcemeta::blaze::complete::LogicalAnd(sourcemeta::blaze::Instruction const&, sourcemeta::blaze::Template const&, std::function<void (sourcemeta::blaze::EvaluationType, bool, sourcemeta::blaze::Instruction const&, sourcemeta::core::GenericPointer<std::reference_wrapper<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const>, sourcemeta::core::PropertyHashJSON<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&, sourcemeta::core::GenericPointer<std::reference_wrapper<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const>, sourcemeta::core::PropertyHashJSON<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&, sourcemeta::core::JSON const&)> const&, sourcemeta::core::JSON const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const*, unsigned long, sourcemeta::blaze::Evaluator&) [clone .lto_priv.0] ()
#3  0x000055555571065b in sourcemeta::blaze::complete::ControlGroup(sourcemeta::blaze::Instruction const&, sourcemeta::blaze::Template const&, std::function<void (sourcemeta::blaze::EvaluationType, bool, sourcemeta::blaze::Instruction const&, sourcemeta::core::GenericPointer<std::reference_wrapper<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const>, sourcemeta::core::PropertyHashJSON<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&, sourcemeta::core::GenericPointer<std::reference_wrapper<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const>, sourcemeta::core::PropertyHashJSON<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&, sourcemeta::core::JSON const&)> const&, sourcemeta::core::JSON const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const*, unsigned long, sourcemeta::blaze::Evaluator&) [clone .lto_priv.0] ()
#4  0x000055555571daf0 in sourcemeta::blaze::complete::LogicalOr(sourcemeta::blaze::Instruction const&, sourcemeta::blaze::Template const&, std::function<void (sourcemeta::blaze::EvaluationType, bool, sourcemeta::blaze::Instruction const&, sourcemeta::core::GenericPointer<std::reference_wrapper<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const>, sourcemeta::core::PropertyHashJSON<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&, sourcemeta::core::GenericPointer<std::reference_wrapper<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const>, sourcemeta::core::PropertyHashJSON<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&, sourcemeta::core::JSON const&)> const&, sourcemeta::core::JSON const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const*, unsigned long, sourcemeta::blaze::Evaluator&) [clone .lto_priv.0] ()
#5  0x0000555555724dcc in sourcemeta::blaze::complete::LoopPropertiesMatch(sourcemeta::blaze::Instruction const&, sourcemeta::blaze::Template const&, std::function<void (sourcemeta::blaze::EvaluationType, bool, sourcemeta::blaze::Instruction const&, sourcemeta::core::GenericPointer<std::reference_wrapper<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const>, sourcemeta::core::PropertyHashJSON<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&, sourcemeta::core::GenericPointer<std::reference_wrapper<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const>, sourcemeta::core::PropertyHashJSON<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&, sourcemeta::core::JSON const&)> const&, sourcemeta::core::JSON const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const*, unsigned long, sourcemeta::blaze::Evaluator&) [clone .lto_priv.0] ()
#6  0x000055555572f97c in sourcemeta::blaze::complete::LoopItems(sourcemeta::blaze::Instruction const&, sourcemeta::blaze::Template const&, std::function<void (sourcemeta::blaze::EvaluationType, bool, sourcemeta::blaze::Instruction const&, sourcemeta::core::GenericPointer<std::reference_wrapper<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const>, sourcemeta::core::PropertyHashJSON<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&, sourcemeta::core::GenericPointer<std::reference_wrapper<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const>, sourcemeta::core::PropertyHashJSON<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&, sourcemeta::core::JSON const&)> const&, sourcemeta::core::JSON const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const*, unsigned long, sourcemeta::blaze::Evaluator&) [clone .lto_priv.0] ()
#7  0x000055555571e2e8 in sourcemeta::blaze::complete::LogicalAnd(sourcemeta::blaze::Instruction const&, sourcemeta::blaze::Template const&, std::function<void (sourcemeta::blaze::EvaluationType, bool, sourcemeta::blaze::Instruction const&, sourcemeta::core::GenericPointer<std::reference_wrapper<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const>, sourcemeta::core::PropertyHashJSON<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&, sourcemeta::core::GenericPointer<std::reference_wrapper<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const>, sourcemeta::core::PropertyHashJSON<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&, sourcemeta::core::JSON const&)> const&, sourcemeta::core::JSON const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const*, unsigned long, sourcemeta::blaze::Evaluator&) [clone .lto_priv.0] ()
#8  0x0000555555724dcc in sourcemeta::blaze::complete::LoopPropertiesMatch(sourcemeta::blaze::Instruction const&, sourcemeta::blaze::Template const&, std::function<void (sourcemeta::blaze::EvaluationType, bool, sourcemeta::blaze::Instruction const&, sourcemeta::core::GenericPointer<std::reference_wrapper<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const>, sourcemeta::core::PropertyHashJSON<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&, sourcemeta::core::GenericPointer<std::reference_wrapper<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const>, sourcemeta::core::PropertyHashJSON<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&, sourcemeta::core::JSON const&)> const&, sourcemeta::core::JSON const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const*, unsigned long, sourcemeta::blaze::Evaluator&) [clone .lto_priv.0] ()
#9  0x000055555578e142 in sourcemeta::blaze::Evaluator::validate(sourcemeta::blaze::Template const&, sourcemeta::core::JSON const&, std::function<void (sourcemeta::blaze::EvaluationType, bool, sourcemeta::blaze::Instruction const&, sourcemeta::core::GenericPointer<std::reference_wrapper<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const>, sourcemeta::core::PropertyHashJSON<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&, sourcemeta::core::GenericPointer<std::reference_wrapper<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const>, sourcemeta::core::PropertyHashJSON<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&, sourcemeta::core::JSON const&)> const&) ()
#10 0x00005555555d0068 in sourcemeta::jsonschema::cli::validate(std::span<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const, 18446744073709551615ul> const&) ()
#11 0x00005555555a2f50 in std::_Function_handler<int (), main::{lambda()#1}>::_M_invoke(std::_Any_data const&) ()
#12 0x00005555555a3f0a in sourcemeta::jsonschema::try_catch(std::function<int ()> const&) ()
#13 0x00005555555a0c4c in main ()
```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Segmentation fault in v11.1.0 when using the `validate` command #432

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Segmentation fault in v11.1.0 when using the validate command #432

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions

Segmentation fault in v11.1.0 when using the `validate` command #432