From: SourceForge.net <no...@so...> - 2009-06-08 12:14:24
|
Bugs item #2802881, was opened at 2009-06-08 09:05 Message generated for change (Comment added) made by msofer You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=110894&aid=2802881&group_id=10894 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: 47. Bytecode Compiler Group: current: 8.5.7 Status: Open Resolution: None Priority: 9 Private: No Submitted By: miguel sofer (msofer) Assigned to: miguel sofer (msofer) Summary: segfault with trace on ::errorInfo Initial Comment: (see http://groups.google.com/group/comp.lang.tcl/browse_thread/thread/eb5ee89cc9450b52#) The following script causes a segfault: set ::errorLevel -1 set ::errorStack {} trace add variable ::errorInfo write { set __n [info level] if {($__n > 0) && ($__n != $::errorLevel)} { set ::errorLevel $__n set __l [info level 0] lappend ::errorStack $__l } } proc A {} {if {foo} foo} A 0 A stack trace shows that the fault is in INST_LOAD_SCALAR1 (TEBC line 2552) while running the trace script. The problem is that the trace script doesn't have any local variables, this instruction shouldn't have been compiled in. The compilation is faulty: at the time of the crash we see that the bytecode has a non-NULL codePtr, which is wrong: (gdb) p *codePtr $1 = {interpHandle = 0x7548d0, compileEpoch = 3, nsPtr = 0x754ad0, nsEpoch = 0, refCount = 2, flags = 0, source = 0x780e80 "($__n > 0) && ($__n != $::errorLevel)", procPtr = 0x7ac900, structureSize = 47393536776768, numCommands = 0, numSrcBytes = 37, numCodeBytes = 22, numLitObjects = 4, numExceptRanges = 0, numAuxDataItems = 0, numCmdLocBytes = 0, maxExceptDepth = 0, maxStackDepth = 2, codeStart = 0x7741f0 "\n", objArrayPtr = 0x774208, exceptArrayPtr = 0x0, auxDataArrayPtr = 0x0, codeDeltaStart = 0x774228 "\ufffd\ufffdz", codeLengthStart = 0x774228 "\ufffd\ufffdz", srcDeltaStart = 0x774228 "\ufffd\ufffdz", srcLengthStart = 0x774228 "\ufffd\ufffdz", localCachePtr = 0x0} (gdb) p *codePtr->procPtr->bodyPtr $2 = {refCount = 1, bytes = 0x780c00 "if {foo} foo", length = 12, typePtr = 0x0, internalRep = {longValue = 8043008, doubleValue = 3.9737739420263127e-317, otherValuePtr = 0x7aba00, wideValue = 8043008, twoPtrValue = {ptr1 = 0x7aba00, ptr2 = 0x0}, ptrAndLongRep = {ptr = 0x7aba00, value = 0}}} The CallFrame does look ok: (gdb) p *((Interp *)interp)->varFramePtr $3 = {nsPtr = 0x754ad0, isProcCallFrame = 0, objc = 0, objv = 0x0, callerPtr = 0x754ed0, callerVarPtr = 0x754ed0, level = 1, procPtr = 0x0, varTablePtr = 0x0, numCompiledLocals = 0, compiledLocals = 0x0, clientData = 0x0, localCachePtr = 0x0} ---------------------------------------------------------------------- >Comment By: miguel sofer (msofer) Date: 2009-06-08 09:14 Message: Interesting: the BODY of A seems to make a difference, even though it is never run due to the error in the number of args! % proc A {} {} % A 0 wrong # args: should be "A" % proc A {} {foo} % A 0 wrong # args: should be "A" % A invalid command name "foo" % proc A {} {if {foo} foo} % A 0 Segmentation fault (core dumped) ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=110894&aid=2802881&group_id=10894 |