Re: Crash with local variables and EXIT

[Anton Ertl]

On Sun, Aug 01, 2021 at 04:06:53PM +0000, David Kuehling wrote:
> Hi,
> 
> I just stumbled over a peculiar Gforth crash bug involving use of local
> variables and ?EXIT:
> 
> A condensed demonstration of the crash is this code:
> 
> --8<--
>   : test ( flag -- )
>      0 { var }
>      ?EXIT
>      1 { var } ;
> 
>   false test
> --8<--
> 
> I believe my Gforth was built from Git rev be3d6a82e9da5f8d9a1 (May 16
> 2021).  This happens for me:
> 
> --8<--
> $ gforth ./crash.fs  -e bye
> 
> crash.fs:4:8: warning: redefined var
> /usr/local/share/gforth/0.7.9_20210513/kernel/main.fs:0:1: warning: original 
> location
> in file included from *the terminal*:0:-94824890370799: 
> in file included from *the terminal*:-1:1: 
> crash.fs:6:7: error: Invalid memory address
> false >>>test<<<
> Backtrace:
> crash.fs:3:4:                            0 $7FF8B56AA130 ?br
> --8<--

"simple-see test" produces:

$7F41CB095F40 lit
$7F41CB095F48 #0 
$7F41CB095F50 >l
$7F41CB095F58 ?branch
$7F41CB095F60 <test+$38> 
$7F41CB095F68 lp+
$7F41CB095F70 ;s
$7F41CB095F78 #16 
$7F41CB095F80 lit
$7F41CB095F88 #1 
$7F41CB095F90 >l
$7F41CB095F98 lp+2
$7F41CB095FA0 ;s ok

The branch branches to the #16, which is not a primitive, and
therefore trying to execut it crashes.  Not sure where it is coming
from.

When using a different name, the #16 is not generated.

Why is it generated before the LIT #1? Because constant folding delays
the generation of the LIT #1.

It also happens for

: test4 0 { var } if then 1 { var } ;
: test5 0 { var } if then { var } ;
: test6 0 { var } begin 1 until { var } ;

Looks like a bug in locals handling to me.  I'll look into it.

- anton