Menu
▾
▴
#254 Crash with itcl 4.0.1 included in Tcl 8.6.2
The following 2-line script causes a crash in Tcl 8.6.2:
package require Itcl
oo::class destroy
Error message:
alloc: invalid block: 0x117e330: 30 1
Problem found on linux x86_64 (OpenSUSE 13.1)
Stack trace:
Program terminated with signal SIGABRT, Aborted.
#0 0x00007ff0ec24d849 in raise () from /lib64/libc.so.6
(gdb) bt
#0 0x00007ff0ec24d849 in raise () from /lib64/libc.so.6
#1 0x00007ff0ec24ecd8 in abort () from /lib64/libc.so.6
#2 0x00007ff0ed0756bb in Tcl_PanicVA (
format=0x7ff0ed0f6710 "alloc: invalid block: %p: %x %x",
argList=0x7fffbe709da8) at /home/sbron/src/tcl8.6.2/generic/tclPanic.c:123
#3 0x00007ff0ed07575c in Tcl_Panic (
format=0x7ff0ed0f6710 "alloc: invalid block: %p: %x %x")
at /home/sbron/src/tcl8.6.2/generic/tclPanic.c:153
#4 0x00007ff0ed099624 in Ptr2Block (ptr=0x117e340 "\200+\021\001")
at /home/sbron/src/tcl8.6.2/generic/tclThreadAlloc.c:780
#5 0x00007ff0ed098cc0 in TclpFree (ptr=0x117e340 "\200+\021\001")
at /home/sbron/src/tcl8.6.2/generic/tclThreadAlloc.c:406
#6 0x00007ff0ed0c5987 in ReleaseClassContents (interp=0x10e1de0,
oPtr=0x112c530) at /home/sbron/src/tcl8.6.2/generic/tclOO.c:992
#7 0x00007ff0ed0c54db in ObjectRenamedTrace (clientData=0x112c530,
interp=0x10e1de0, oldName=0x1140760 "::oo::class", newName=0x0,
flags=16512) at /home/sbron/src/tcl8.6.2/generic/tclOO.c:875
#8 0x00007ff0ecf493ec in CallCommandTraces (iPtr=0x10e1de0, cmdPtr=0x112c630,
oldName=0x1140760 "::oo::class", newName=0x0, flags=16512)
at /home/sbron/src/tcl8.6.2/generic/tclBasic.c:3268
#9 0x00007ff0ecf49061 in Tcl_DeleteCommandFromToken (interp=0x10e1de0,
cmd=0x112c630) at /home/sbron/src/tcl8.6.2/generic/tclBasic.c:3075
#10 0x00007ff0ed0ca96a in TclOO_Object_Destroy (clientData=0x0,
interp=0x10e1de0, context=0x10ef850, objc=2, objv=0x10ef6e0)
at /home/sbron/src/tcl8.6.2/generic/tclOOBasic.c:361
#11 0x00007ff0ed0cd08a in TclOOInvokeContext (clientData=0x10ef850,
interp=0x10e1de0, objc=2, objv=0x10ef6e0)
at /home/sbron/src/tcl8.6.2/generic/tclOOCall.c:303
#12 0x00007ff0ed0c944b in TclOOObjectCmdCore (oPtr=0x112c530,
interp=0x10e1de0, objc=2, objv=0x10ef6e0, flags=1, startCls=0x0)
at /home/sbron/src/tcl8.6.2/generic/tclOO.c:2592
#13 0x00007ff0ed0c8d98 in PublicNRObjectCmd (clientData=0x112c530,
interp=0x10e1de0, objc=2, objv=0x10ef6e0)
at /home/sbron/src/tcl8.6.2/generic/tclOO.c:2408
#14 0x00007ff0ecf4acb7 in Dispatch (data=0x111d938, interp=0x10e1de0, result=0)
at /home/sbron/src/tcl8.6.2/generic/tclBasic.c:4357
#15 0x00007ff0ecf4ad45 in TclNRRunCallbacks (interp=0x10e1de0, result=0,
rootPtr=0x0) at /home/sbron/src/tcl8.6.2/generic/tclBasic.c:4390
#16 0x00007ff0ecf4a4a5 in Tcl_EvalObjv (interp=0x10e1de0, objc=2,
objv=0x10ef6e0, flags=2097168)
at /home/sbron/src/tcl8.6.2/generic/tclBasic.c:4121
#17 0x00007ff0ecf4cc44 in TclEvalEx (interp=0x10e1de0,
script=0x1143230 "package require Itcl\noo::class destroy\n\n",
numBytes=40, flags=0, line=2, clNextOuter=0x0,
outerScript=0x1143230 "package require Itcl\noo::class destroy\n\n")
at /home/sbron/src/tcl8.6.2/generic/tclBasic.c:5259
#18 0x00007ff0ed05f0cb in Tcl_FSEvalFileEx (interp=0x10e1de0,
pathPtr=0x111d2a0, encodingName=0x0)
at /home/sbron/src/tcl8.6.2/generic/tclIOUtil.c:1815
#19 0x00007ff0ed0690f1 in Tcl_MainEx (argc=-1, argv=0x7fffbe70a898,
appInitProc=0x400a16 <Tcl_AppInit>, interp=0x10e1de0)
at /home/sbron/src/tcl8.6.2/generic/tclMain.c:417
#20 0x0000000000400a0f in main (argc=2, argv=0x7fffbe70a888)
at /home/sbron/src/tcl8.6.2/unix/tclAppInit.c:84
While the sequence of commands may seem like a strange thing to do, this is what may happen behind the scenes when a interpreter is deleted. Which is exactly how I stumbled upon this issue. So there is a pretty good chance to encounter this problem in real code.
Work around is in fossil respository. Final fix should be done in TclOO.
As far as I have found out TclOO is missing an increment of Object->refCount. I have sent mail to Donald (dkf) about my guess.