Ticket UUID: | 589863 | |||
Title: | corruption in execution traces? | |||
Type: | Bug | Version: | None | |
Submitter: | msofer | Created on: | 2002-08-01 23:05:41 | |
Subsystem: | 41. Memory Allocation | Assigned To: | msofer | |
Priority: | 9 Immediate | Severity: | ||
Status: | Closed | Last Modified: | 2002-08-28 00:40:05 | |
Resolution: | Fixed | Closed By: | msofer | |
Closed on: | 2002-08-22 15:59:29 | |||
Description: |
(make test, -DTCL_MEM_DEBUG): ==== trace-24.5 delete trace during all exec traces except enter FAILED ==== Contents of test case: set info {} trace add execution foo {leave enterstep leavestep} [list traceDelete foo] foo 1 list $info [trace info execution foo] ---- Result was: {{set b 1} entersdep} {} ---- Result should have been (exact matching): {{set b 1} enterstep} {} ==== trace-24.5 FAILED Note the corrupted "entersdep" ... | |||
User Comments: |
hemanglavana added on 2002-08-28 00:40:05:
Logged In: YES user_id=81875 The upload button doesn't show up on my browser, so I am attaching the patch here. Please verify whether it resolves the memory problem or not. Index: tclBasic.c =================================================================== RCS file: /cvsroot/tcl/tcl/generic/tclBasic.c,v retrieving revision 1.68 diff -r1.68 tclBasic.c 5026c5026 < ckfree( (char*) tracePtr ); --- > Tcl_EventuallyFree( (char*) tracePtr, TCL_DYNAMIC); Index: tclCmdMZ.c =================================================================== RCS file: /cvsroot/tcl/tcl/generic/tclCmdMZ.c,v retrieving revision 1.75 diff -r1.75 tclCmdMZ.c 4137a4138,4145 > /* > * The proc invoked might delete the traced command which > * which might try to free tracePtr. We want to use tracePtr > * until the end of this if section, so we use > * Tcl_Preserve() and Tcl_Release() to be sure it is not > * freed while we still need it. > */ > Tcl_Preserve((ClientData) tracePtr); 4159a4168 > Tcl_Release((ClientData) tracePtr); msofer added on 2002-08-22 22:59:29: Logged In: YES user_id=148712 Yes, the patch fixes the issue. Already committed, thanks Hemang! hemanglavana added on 2002-08-22 21:53:17: Logged In: YES user_id=81875 The upload button doesn't show up on my browser, so I am attaching the patch here. Please verify whether it resolves the memory problem or not. Index: tclBasic.c =================================================================== RCS file: /cvsroot/tcl/tcl/generic/tclBasic.c,v retrieving revision 1.68 diff -r1.68 tclBasic.c 5026c5026 < ckfree( (char*) tracePtr ); --- > Tcl_EventuallyFree( (char*) tracePtr, TCL_DYNAMIC); Index: tclCmdMZ.c =================================================================== RCS file: /cvsroot/tcl/tcl/generic/tclCmdMZ.c,v retrieving revision 1.75 diff -r1.75 tclCmdMZ.c 4137a4138,4145 > /* > * The proc invoked might delete the traced command which > * which might try to free tracePtr. We want to use tracePtr > * until the end of this if section, so we use > * Tcl_Preserve() and Tcl_Release() to be sure it is not > * freed while we still need it. > */ > Tcl_Preserve((ClientData) tracePtr); 4159a4168 > Tcl_Release((ClientData) tracePtr); msofer added on 2002-08-12 19:25:30: Logged In: YES user_id=148712 Committed the UMR fix to HEAD: "better intitialize to possibly wrong values than using unitialised memory". The read/write of freed memory is still there. msofer added on 2002-08-08 03:45:50: Logged In: YES user_id=148712 Bug 547534 probably refers to this same problem. dkf's original report is: Yuck. With a recent build of Tcl (not quite the HEAD) I found this: % proc bar {ctx from to op} { puts [incr ::i]:[info level 0] rename $from {} } % proc foo args {} % trace add command foo delete "bar 1" % trace add command foo delete "bar 2" % trace add command foo delete "bar 3" % rename foo {} 1:bar 3 foo {} delete 2:bar 2 foo {} delete 3:bar 1 elete {} delete Looks like there's some memory corruption in there! msofer added on 2002-08-07 22:39:26: Logged In: YES user_id=148712 Vince, can you please take a look at this? Maybe you and/orHemang can help sort it out. dkf added on 2002-08-07 19:40:18: Logged In: YES user_id=79902 Looks good to me (or at least definitely not bad!) msofer added on 2002-08-06 23:45:28: File Added - 28537: DIFF.UMR Logged In: YES user_id=148712 Attached a patch that seems to solve the UMR issue - Jeff, could you confirm this is OK? Wrt the invalid read/write in TclCheckInterpTraces (tclCmdMZ.c:4157): this seems to be the cause of the above corruption, the error is triggered by 24.5 and also by 25.10: after calling the trace procedure, we update the trace flags and set a pointer to the struct. Trouble is, the trace procedure freed the struct's memory. Maybe we should Tcl_Preserve the Trace structure? msofer added on 2002-08-06 03:56:25: File Added - 28470: traceErrors Logged In: YES user_id=148712 There is definitely a memory problem with delete traces; I enclose a summary of the relevant errors detected by valgrind running with -DPURIFY. In particular, it reports a read/write of freed memory in test 24.5 |