Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Is there any reason to not to use HB_IS_OBJECT instead of HB_IS_ARRAY here ? #164

Open
tfonrouge opened this issue Dec 20, 2017 · 0 comments
Open

Is there any reason to not to use HB_IS_OBJECT instead of HB_IS_ARRAY here ? #164

tfonrouge opened this issue Dec 20, 2017 · 0 comments

Comments

@tfonrouge
Copy link

tfonrouge commented Dec 20, 2017
edited

core/src/vm/classes.c

Line 4893 in 06725f4

if( HB_IS_ARRAY( pObject ) )

I have an case that which in certain conditions I get a segfault error in my destructor class procedure when accessing a data member which is contained inside a member in the current object, below is the debug trace output:

libharbour.3.4.0.dylib was compiled with optimization - stepping may behave oddly; variables may not be available.
Process 28239 stopped
* thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x74)
    frame #0: 0x0000000100fecc54 libharbour.3.4.0.dylib`hb_clsParentInstanceOffset(pClass=0x0000000000000000, uiParentCls=19) at classes.c:743 [opt]
   740 	{
   741 	   HB_USHORT uiCount = pClass->uiSuperClasses;
   742 	
-> 743 	   while( uiCount )
   744 	   {
   745 	      if( pClass->pSuperClasses[ --uiCount ].uiClass == uiParentCls )
   746 	         return pClass->pSuperClasses[ uiCount ].uiOffset;
Target 0: (Arel_Darwin_x86_64) stopped.
(lldb) bt
* thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x74)
  * frame #0: 0x0000000100fecc54 libharbour.3.4.0.dylib`hb_clsParentInstanceOffset(pClass=0x0000000000000000, uiParentCls=19) at classes.c:743 [opt]
    frame #1: 0x0000000101009f6d libharbour.3.4.0.dylib`HB_FUN_msgGetData at classes.c:4908 [opt]
    frame #2: 0x0000000100fd1e0f libharbour.3.4.0.dylib`hb_vmSend(uiParams=<unavailable>) at hvm.c:6119 [opt]
    frame #3: 0x0000000100fd9ecb libharbour.3.4.0.dylib`hb_xvmSend(uiParams=0) at hvm.c:9621 [opt]
    frame #4: 0x00000001000acded Arel_Darwin_x86_64`HB_FUN_TBASETABLE_DESTROY + 301

The following Harbour code halts when reaches "masterSource:linkedObjField", the member linkedObjField is supposed to be a object:

METHOD PROCEDURE Destroy() CLASS TBaseTable

    LOCAL table
    LOCAL masterSource

    masterSource := ::masterSource

    IF HB_ISOBJECT( masterSource )
        IF hb_isObject( masterSource:linkedObjField ) .AND. HB_IsObject( masterSource:linkedObjField:table ) .AND. masterSource:linkedObjField:table == self
            masterSource:linkedObjField := nil

The reason is that inside of the function "HB_FUNC_STATIC( msgGetData )", the value for "pObject->item.asArray.value->uiClass" is 0 ( zero ), because the item passed ( pObject ) is not an object anymore, it's a simple array.

And when the function hb_clsParentInstanceOffset() is called, his 1st parameter is NULL

         nIndex += hb_clsParentInstanceOffset( s_pClasses[ uiObjClass ],
                                               pMethod->uiSprClass );

and then program stops when accessing the uiSuperClasses member in the pClass (nulled) var:

static HB_USHORT hb_clsParentInstanceOffset( PCLASS pClass, HB_USHORT uiParentCls )
{
   HB_USHORT uiCount = pClass->uiSuperClasses;

   while( uiCount )

Can be also needed to check here for a NULL pClass value ?

In my local repo I changed, in this case, HB_IS_ARRAY for HB_IS_OBJECT and the issue was fixed, however there are other places when a similar scenario is found.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@tfonrouge