Bug Report 2001/10/10-v1.0b26-br01


[MAIN]
[News]
[Intro]
[Features]
[Download]
[Installation]
[Support]
[Support+]
[Docu]
[Tutorial]
[Bugs]
[forum ]
[wiki]
[Mirror]
[Authors]
[Future]
[License]
[Win98 Setup Bug]
[Subscribe]
Bug Report id=2001/10/10-v1.0b26-br01
Affected versions:v1.0b26 all variations
Severity:Severe

Bug Description

The program
function f
  local fv
  fv = 1
  f = fv
end function

print f()

fails to run and crashes the interpreter process.

Bug Reason, What Causes the Bug

In the file command/function.c the implementation of the command "function return value assignment" is erroneous. When a value belonging to a local variable is assigned as return value to the function name the value is referenced by the function return value directly instead of making a copy of the value. When the function finishes the function return with a result stored on a memory location, which is already released.

In debug compiled version of the interpreter this results an error message and exists with the code 666. In non-debug compilation of the program various crash effect is the result.

Solution

In the function commands/function.c the implementation of the command FLET has to be altered. The following line has to be inserted:
  if( ItemResult && TYPE(ItemResult) == VTYPE_ARRAY )ERROR(COMMAND_ERROR_NOARRAY);

  ItemResult = memory_DupMortalize(pEo->pMo,ItemResult,_pThisCommandMortals,&iErrorCode);

  if( pEo->pFunctionResult )

The middle call to memory_DupMortalize with the given parameters is to be inserted.

scriba v1.0b27 will deliver the corrected interpreter in the binaries as well.

Bug Workaround Until Solution is Available

You may use the build25, which should not face this bug. If you are using features that are specific to build26 and you are not able to recompile the altered source code then you can alter your program so that the right side of any function result assignment is an expression containing something more than just a variable. For example
function f
  local fv
  fv = 1
  f = fv+0
end function

print f()

does not produce the bug.

Acknowledgement

Mitchell Greess [m.greess@solutions-atlantic.com] has reported this problem on the very date when I discovered it.

This page was generated January 28, 2010 9:58:42