Tcl Source Code

In core-8-branch, commit [a3599d9b2596c181], a build with --enable-symbols CFLAGS=-DPURIFY,

make TESTFLAGS='-verbose t -file append.test -match "append-3.3 append-3.4"' valgrind

produces the following errors:

==1870667== Invalid read of size 4
==1870667==    at 0x4A01D9D: Tcl_AppendObjToObj (tclStringObj.c:1439)
==1870667==    by 0x4A21BB1: StringAppendInVar (tclVar.c:1959)
==1870667==    by 0x4A21E78: TclPtrSetVarIdx (tclVar.c:2086)
==1870667==    by 0x497E59A: TEBCresume (tclExecute.c:3412)
==1870667==    by 0x489921A: TclNRRunCallbacks (tclBasic.c:4857)
==1870667==    by 0x4898ADC: Tcl_EvalObjv (tclBasic.c:4576)
==1870667==    by 0x489B1AF: TclEvalEx (tclBasic.c:5728)
==1870667==    by 0x49C5F82: Tcl_FSEvalFileEx (tclIOUtil.c:1782)
==1870667==    by 0x49D4A97: Tcl_MainEx (tclMain.c:399)
==1870667==    by 0x10A3B4: main (tclAppInit.c:91)
==1870667==  Address 0x62c856c is 12 bytes inside a block of size 18 free'd
==1870667==    at 0x4840D7B: realloc (vg_replace_malloc.c:834)
==1870667==    by 0x488C4A2: TclpRealloc (tclAlloc.c:747)
==1870667==    by 0x48A8AE2: Tcl_Realloc (tclCkalloc.c:1130)
==1870667==    by 0x4A00714: GrowUnicodeBuffer (tclStringObj.c:224)
==1870667==    by 0x4A07BEA: ExtendUnicodeRepWithString (tclStringObj.c:4156)
==1870667==    by 0x4A07AE6: FillUnicodeRep (tclStringObj.c:4131)
==1870667==    by 0x4A00DB0: Tcl_GetUnicodeFromObj (tclStringObj.c:657)
==1870667==    by 0x4A00D6A: Tcl_GetUnicode (tclStringObj.c:620)
==1870667==    by 0x4A01D98: Tcl_AppendObjToObj (tclStringObj.c:1432)
==1870667==    by 0x4A21BB1: StringAppendInVar (tclVar.c:1959)
==1870667==    by 0x4A21E78: TclPtrSetVarIdx (tclVar.c:2086)
==1870667==    by 0x497E59A: TEBCresume (tclExecute.c:3412)
==1870667==    by 0x489921A: TclNRRunCallbacks (tclBasic.c:4857)
==1870667==    by 0x4898ADC: Tcl_EvalObjv (tclBasic.c:4576)
==1870667==    by 0x489B1AF: TclEvalEx (tclBasic.c:5728)
==1870667==    by 0x49C5F82: Tcl_FSEvalFileEx (tclIOUtil.c:1782)
==1870667==    by 0x49D4A97: Tcl_MainEx (tclMain.c:399)
==1870667==    by 0x10A3B4: main (tclAppInit.c:91)
==1870667==  Block was alloc'd at
==1870667==    at 0x483E77F: malloc (vg_replace_malloc.c:307)
==1870667==    by 0x488C464: TclpAlloc (tclAlloc.c:699)
==1870667==    by 0x48A89FE: Tcl_Alloc (tclCkalloc.c:1054)
==1870667==    by 0x4A07EC5: SetStringFromAny (tclStringObj.c:4284)
==1870667==    by 0x4A01C8B: Tcl_AppendObjToObj (tclStringObj.c:1425)
==1870667==    by 0x4A21BB1: StringAppendInVar (tclVar.c:1959)
==1870667==    by 0x4A21E78: TclPtrSetVarIdx (tclVar.c:2086)
==1870667==    by 0x497E59A: TEBCresume (tclExecute.c:3412)
==1870667==    by 0x489921A: TclNRRunCallbacks (tclBasic.c:4857)
==1870667==    by 0x4898ADC: Tcl_EvalObjv (tclBasic.c:4576)
==1870667==    by 0x489B1AF: TclEvalEx (tclBasic.c:5728)
==1870667==    by 0x49C5F82: Tcl_FSEvalFileEx (tclIOUtil.c:1782)
==1870667==    by 0x49D4A97: Tcl_MainEx (tclMain.c:399)
==1870667==    by 0x10A3B4: main (tclAppInit.c:91)

More fixes in [ec5b3d21f9b29ee9] for related issues reported by Valgrind.

Fixed in [c7100a073ba1e0b8].

So, the cause was a regression in the fix for [7f1162a867].

Congratulations! You found it and fixed it. Well done!