Tcl Source Code

View Ticket
Login
Core Home Timeline Branches Tags Tickets Download Wiki
Attach Edit New Ticket Plaintext
Ticket UUID: 1eb488b699d74e0f9d22ea5fc78aa41aa5a77a14
Title: double free when deleting namespace containing the origin routine for some imported routine
Type: Bug Version: 8.7
Submitter: pooryorick Created on: 2020-08-16 14:45:03
Subsystem: - New Builtin Commands Assigned To: pooryorick
Priority: 5 Medium Severity: Minor
Status: Closed Last Modified: 2020-08-31 19:06:07
Resolution: Fixed Closed By: pooryorick
    Closed on: 2020-08-31 19:06:07
Description:

In Tcl -DPURIFY --enable-symbols the following script results in a memory error: 

namespace eval test_ns_export {
    namespace export cmd1
    proc cmd1 args {}
}
namespace eval test_ns_import {
    namespace import [namespace parent]::test_ns_export::cmd1
}
proc test_ns_export::cmd1 args {}
catch {namespace delete {*}[namespace children :: test_ns_export]}
return success

The issue is that TclCreateObjCommandInNs() stores in the table of routines for the namespace a pointer to the structure for the new routine, but does not increment the reference count. Eventually this results in the routine structure being freed a second second time.

User Comments: jan.nijtmans added on 2020-08-28 15:22:39:

Apparently, this report is for Tcl 8.7.

Fix now merged to core-8-branch.

pooryorick added on 2020-08-16 14:51:59:

Fixed in [08e3b17c955f062d].

This page was generated in about 0.009s by Fossil 2.26 [54cfac8c84] 2025-03-21 15:26:53