From: nobody <no...@so...> - 2001-02-28 14:25:19
|
Bugs #404865, was updated on 2001-02-28 05:22 You can respond by visiting: http://sourceforge.net/tracker/?func=detail&atid=110894&aid=404865&group_id=10894 Category: Commands I-L Group: 8.4a2 Status: Open Priority: 7 Submitted By: miguel sofer Assigned to: Donal K. Fellows Summary: rare bug in InfoLevelCmd Initial Comment: (I could *not* trigger this rare event, but I'm sure from the code that the bug is there) InfoLevelCmd uses "iPtr->varFramePtr->objv" - as far as I can tell, it is the only user. Now "iPtr->varFramePtr->objv" is a pointer into the evaluation stack: it is set in TclObjInterpProc (tclProc.c), which gets it from TclExecuteByteCode (tclExecute.c) [see INST_INVOKE] The trouble is that the evaluation stack may grow (and move), so that some combination of events will leave iPtr->varFramePtr->objv pointing to ckfreed memory. The combination of events could be: - proc A invokes proc B; proc B grows the stack - after returning from B, proc a requests "info level" I do not see yet any nice & simple solution. Among the clumsy and/or complicated solutions: - store instead a stack offset into the CallFrame; let InfoLevelCmd know about the execution stack (to my eyes, a very bad thing) - do not free the old stack memory until execution is back at level 0, thereby keeping the pointers valid Remark also that fixing matters in the first manner will work for bytecodes, but may break "info level" for non-compiled scripts! The second one may be very costly in memory. ---------------------------------------------------------------------- Comment By: Donal K. Fellows Date: 2001-02-28 06:26 Message: Logged In: YES user_id=79902 The following exercises the bug: set s {list } for {set i 0} {$i<2000} {incr i} {append s "$i "} proc B {} [append s {; puts [string length [info body B][info body B]]} proc A {} { puts A=[info level]=[info level 0]; B; puts A=[info level]=[info level 0] } A ---------------------------------------------------------------------- Comment By: Donal K. Fellows Date: 2001-02-28 06:19 Message: Logged In: YES user_id=79902 The following exercises the bug: set s {list } for {set i 0} {$i<2000} {incr i} {append s "$i "} proc B {} [append s {; puts [string length [info body B][info body B]]} proc A {} { puts A=[info level]=[info level 0]; B; puts A=[info level]=[info level 0] } A ---------------------------------------------------------------------- You can respond by visiting: http://sourceforge.net/tracker/?func=detail&atid=110894&aid=404865&group_id=10894 |