The #isBytes: method has the proper check, but the slang code generator for
SmartSyntaxInterpreterPlugin is not properly making use of the check. The
SocketPlugin method contains this declaration:

	self primitive: 'primitiveSocketConnectToPort' parameters: #(#Oop #ByteArray #SmallInteger ).

which is translated to this:

	socket = interpreterProxy->stackValue(2);
	interpreterProxy->success(interpreterProxy->isBytes(interpreterProxy->stackValue(1)));
	address = ((char *) (interpreterProxy->firstIndexableField(interpreterProxy->stackValue(1))));
	port = interpreterProxy->stackIntegerValue(0);
	if (interpreterProxy->failed()) {
		return null;
	}

so the check for interpreterProxy->failed() is not happening until after stackValue(1)
has been used as a ByteArray, despite the prior test for #isBytes.

Dave

On Wed, Oct 03, 2007 at 07:48:38PM -0700, Andreas Raab wrote:
> It has that protection:
> 
> ObjectMemory>>isBytes: oop
> 	"Answer true if the argument contains indexable bytes. See comment 
> 	in formatOf:"
> 	"Note: Includes CompiledMethods."
> 	^(self isNonIntegerObject: oop) and:[self isBytesNonInt: oop]
> 
> Cheers,
>   - Andreas
> 
> Robert Withers wrote:
> >Why does interpreterProxy->isBytes(interpreterProxy->stackValue(1)) 
> >return true for an integer?  It would be better to have protection over 
> >the arguments, such that an integer arg would cause a primitiveFailure 
> >rather than a seg fault.
> >
> >The reason an integer is passed in is from this code:
> >>    | addr s |
> >>    Socket initializeNetwork.
> >>    MessageTally tallySends: [
> >>        addr := NetNameResolver addressForName: 'www.google.org'.
> >>        (s := SafeSocket new) connectTo: addr port: 80.
> >>        s waitForConnectionFor: Socket standardTimeout ifTimedOut: [].
> >>    ].
> >where the call to NetNameResolver addressForName: 'www.google.org'. 
> >returns an integer when it is simulated with tallySends:.  I don't know 
> >why simulation of this causes it to do this.
> >
> >Rob
> >
> >On Oct 3, 2007, at 1:43 PM, John M McIntosh wrote:
> >
> >>
> >>On Oct 3, 2007, at 11:15 AM, Robert Withers wrote:
> >>
> >>>This is reproducible and not limited to the vm I specified.
> >>
> >>Well
> >>EXPORT(sqInt) primitiveSocketConnectToPort(void) {
> >>    sqInt addr;
> >>    sqInt okToConnect;
> >>    SocketPtr s;
> >>    sqInt socket;
> >>    char *address;
> >>    sqInt port;
> >>
> >>    socket = interpreterProxy->stackValue(2);
> >>    interpreterProxy->success(interpreterProxy->isBytes(interpreterProxy->stackValue(1))); 
> >>
> >>    address = ((char *) 
> >>(interpreterProxy->firstIndexableField(interpreterProxy->stackValue(1)))); 
> >>
> >>
> >>
> >>dies with memory read exception in 
> >>interpreterProxy->firstIndexableField()
> >>
> >>void * firstIndexableField(sqInt oop) {
> >>register struct foo * foo = &fum;
> >>    sqInt fmt;
> >>    sqInt totalLength;
> >>    sqInt hdr;
> >>    sqInt fixedFields;
> >>    sqInt sz;
> >>    sqInt class;
> >>    sqInt classFormat;
> >>    sqInt ccIndex;
> >>
> >>    hdr = longAt(oop);
> >>
> >>because oops, via interpreterProxy->stackValue(1)  has the value of 
> >>(3)   so it's a number 3, not an oops location (aka 32bit address)
> >>
> >>longat:(3)  is of course invalid
> >>
> >>
> >>I'd suggest someone look at
> >>tryNamedPrimitiveIn: aCompiledMethod for: aReceiver withArgs: arguments
> >>
> >>to see why it's passing bad data.
> >>
> >>(gdb) call printAllStacks(0)
> >>Process
> >>389589848 ContextPart>tryNamedPrimitiveIn:for:withArgs:
> >>389589756 ContextPart>doPrimitive:method:receiver:args:
> >>389589664 ContextPart>tryPrimitiveFor:receiver:args:
> >>389589204 ContextPart>send:to:with:super:
> >>389589096 ContextPart>send:super:numArgs:
> >>389589004 InstructionStream>interpretExtension:in:for:
> >>389588912 InstructionStream>interpretNextInstructionFor:
> >>389588820 ContextPart>step
> >>389538388 ContextPart>runSimulated:contextAtEachStep:
> >>389538296 MessageTally class>tallySendsTo:inBlock:showTree:
> >>389538112 MessageTally class>tallySends:
> >>389537908 UndefinedObject>DoIt
> >>389532772 Compiler>evaluate:in:to:notifying:ifFail:logged:
> >>389532864 [] in ParagraphEditor>evaluateSelection
> >>389532588 BlockContext>on:do:
> >>389532496 ParagraphEditor>evaluateSelection
> >>389532404 ParagraphEditor>doIt
> >>389532680 [] in ParagraphEditor>doIt:
> >>389532312 Controller>terminateAndInitializeAround:
> >>389532220 ParagraphEditor>doIt:
> >>389531972 ParagraphEditor>dispatchOnCharacter:with:
> >>389531880 TextMorphEditor>dispatchOnCharacter:with:
> >>389531788 ParagraphEditor>readKeyboard
> >>389531696 TextMorphEditor>readKeyboard
> >>389531208 [] in TextMorph>keyStroke:
> >>389531116 TextMorph>handleInteraction:fromEvent:
> >>389531024 TextMorphForEditView>handleInteraction:fromEvent:
> >>389530880 TextMorph>keyStroke:
> >>389530788 TextMorphForEditView>keyStroke:
> >>389530696 TextMorph>handleKeystroke:
> >>389530328 KeyboardEvent>sentTo:
> >>389530236 Morph>handleEvent:
> >>389530144 Morph>handleFocusEvent:
> >>389530420 [] in HandMorph>sendFocusEvent:to:clear:
> >>389530512 [] in PasteUpMorph>becomeActiveDuring:
> >>389530052 BlockContext>on:do:
> >>389529960 PasteUpMorph>becomeActiveDuring:
> >>389529736 HandMorph>sendFocusEvent:to:clear:
> >>389529644 HandMorph>sendEvent:focus:clear:
> >>389529552 HandMorph>sendKeyboardEvent:
> >>389529460 HandMorph>handleEvent:
> >>389529240 HandMorph>processEvents
> >>389529332 [] in WorldState>doOneCycleNowFor:
> >>389529148 SequenceableCollection>do:
> >>389529056 WorldState>handsDo:
> >>389528964 WorldState>doOneCycleNowFor:
> >>389528872 WorldState>doOneCycleFor:
> >>389528780 PasteUpMorph>doOneCycle
> >>386845716 [] in Project class>spawnNewProcess
> >>386845900 [] in BlockContext>newProcess
> >>
> >>
> >>-- 
> >>=========================================================================== 
> >>
> >>John M. McIntosh <johnmci at smalltalkconsulting.com>
> >>Corporate Smalltalk Consulting Ltd.  http://www.smalltalkconsulting.com
> >>=========================================================================== 
> >>
> >>
> >>
> >>
> >
> >
> >
>