#4828 value refCount overflow

obsolete: 8.6b1.1
open
Don Porter
5
2011-05-05
2011-05-05
Don Porter
No

There may be nothing feasible that can be done
about this, but...

% set v val
val
% set l1 [lrepeat 0x10000000 $v]; llength $l1
268435456
% set l2 [lrepeat 0x10000000 $v]; llength $l2
268435456
% set l3 [lrepeat 0x10000000 $v]; llength $l3
268435456
% set l4 [lrepeat 0x10000000 $v]; llength $l4
268435456
% set l5 [lrepeat 0x10000000 $v]; llength $l5
268435456
% set l6 [lrepeat 0x10000000 $v]; llength $l6
268435456
% set l7 [lrepeat 0x10000000 $v]; llength $l7
268435456
% set l8 [lrepeat 268435451 $v]; llength $l8
268435451
% tcl::unsupported::representation $v
value is a pure string with a refcount of 2147483647, object pointer at 0x816850, string representation "val".
% set w $v
alloc: invalid block: 0x84e010: f0 0

Program received signal SIGABRT, Aborted.
0x0000003a3b630265 in raise () from /lib64/libc.so.6
(gdb) bt
#0 0x0000003a3b630265 in raise () from /lib64/libc.so.6
#1 0x0000003a3b631d10 in abort () from /lib64/libc.so.6
#2 0x000000000043b443 in Tcl_PanicVA (
format=0x570d50 "alloc: invalid block: %p: %x %x", argList=0x7fffffffd220)
at /home/dgp/64bit/tcl/generic/tclPanic.c:115
#3 0x000000000043b522 in Tcl_Panic (
format=0x570d50 "alloc: invalid block: %p: %x %x")
at /home/dgp/64bit/tcl/generic/tclPanic.c:144
#4 0x0000000000458fb9 in Ptr2Block (ptr=0x84e020 "val")
at /home/dgp/64bit/tcl/generic/tclThreadAlloc.c:780
#5 0x00000000004585cb in TclpFree (ptr=0x84e020 "val")
at /home/dgp/64bit/tcl/generic/tclThreadAlloc.c:406
#6 0x0000000000437a71 in TclFreeObj (objPtr=0x816850)
at /home/dgp/64bit/tcl/generic/tclObj.c:1410
#7 0x000000000053bdbd in TEBCresume (data=0x81be38, interp=0x7c9d70, result=0)
at /home/dgp/64bit/tcl/generic/tclExecute.c:6383
#8 0x00000000004a6b8c in TclNRRunCallbacks (interp=0x7c9d70, result=0,
rootPtr=0x0) at /home/dgp/64bit/tcl/generic/tclBasic.c:4315
#9 0x00000000004a9425 in TclEvalObjEx (interp=0x7c9d70, objPtr=0x3f5f,
flags=131072, invoker=0x0, word=0)
at /home/dgp/64bit/tcl/generic/tclBasic.c:5882
#10 0x00000000004a93c9 in Tcl_EvalObjEx (interp=0x7c9d70, objPtr=0x3f5f,
flags=131072) at /home/dgp/64bit/tcl/generic/tclBasic.c:5863
#11 0x0000000000548528 in Tcl_RecordAndEvalObj (interp=0x7c9d70,
cmdPtr=0x81bc20, flags=131072)
at /home/dgp/64bit/tcl/generic/tclHistory.c:190
#12 0x000000000042f857 in Tcl_MainEx (argc=-1, argv=0x7fffffffdff0,
appInitProc=0x40f691 <Tcl_AppInit>, interp=0x7c9d70)
at /home/dgp/64bit/tcl/generic/tclMain.c:515
#13 0x000000000042fbb2 in Tcl_Main (argc=1, argv=0x7fffffffdfe8,
appInitProc=0x40f691 <Tcl_AppInit>)
at /home/dgp/64bit/tcl/generic/tclMain.c:639
#14 0x000000000040f68a in main (argc=1, argv=0x7fffffffdfe8)
at /home/dgp/64bit/tcl/unix/tclAppInit.c:84

Discussion