Mantis - Squeak
Viewing Issue Advanced Details
7605 VM crash always 02-03-11 18:21 01-02-13 21:29
leves  
lewis  
normal  
resolved trunk  
fixed  
none    
none  
0007605: VMs assume that Float have two slots and don't check it which may lead to problems
Currently Floats are variableWordSubclasses usually with two slots. But users can create them with any size. A possible typo is to use Float new instead of Float new: 2. If the VM assumes that the size of these objects is 2 without checking it, it leads to various issues. The following code crashes CogVM (r2349) immediately:

f := Float new.
Array new.
f at: 1 put: 0.

Cog overwrites the header of the Array created after the Float, then realizes the problem (last object overwritten) and crashes. SqueakVM is safe for this example, but some primitives are not. The following returns a random number (based on the contents of the memory) using SqueakVM:

Float new ln

It may also crash the VM, though the chance is small.
I'm pretty sure that performance is the reason to assume that Float's have two slots. To avoid sacrificing it, the best may be to update the image side code to always create Floats with two slots.

Notes
(0014045)
lewis   
02-04-11 00:53   
Agreed, better to handle in the image. Instances of Float are not normally created with #new or #new: so adding checks for this would make sense. Adding checks in #primitiveNew and #primitiveNewWithArg for the special case of class Float sounds not so good. Note a Float has two slots for both 32-bit and 64-bit image, so the check would be simple.
(0014046)
leves   
02-04-11 01:06   
Another option is overriding #basicNew and #basicNew:. Both of them could be implemented as ^super basicNew: 2. This way Float new wouldn't raise an error, but would return a valid Float object.
(0014278)
nicolas cellier   
01-02-13 21:29   
OK, I fixed it at image side in trunk 4.5 Kernel-nice.728 according to leves suggestion