From 07e716801399c0843c58d8c3c6b43f183f1fd378 Mon Sep 17 00:00:00 2001
From: dgp <dgp@users.sourceforge.net>
Date: Tue, 16 Aug 2011 19:49:57 +0000
Subject: 3392070 More complete prevention of Tcl_Obj reference cycles when
 producing an intrep of ByteCode.

---
 ChangeLog            |  5 +++++
 generic/tclCompile.c | 10 +++++++++-
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index b8832e6..567bfd2 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2011-08-16  Don Porter  <dgp@users.sourceforge.net>
+
+	* generic/tclCompile.c: [Bug 3392070] More complete prevention of
+	Tcl_Obj reference cycles when producing an intrep of ByteCode.
+
 2011-08-16  Donal K. Fellows  <dkf@users.sf.net>
 
 	* generic/tclListObj.c (TclLindexList, TclLsetFlat): Silence warnings
diff --git a/generic/tclCompile.c b/generic/tclCompile.c
index ae633ea..026503b 100644
--- a/generic/tclCompile.c
+++ b/generic/tclCompile.c
@@ -2449,8 +2449,16 @@ TclInitByteCodeObj(
 	     * a value contains a literal which is that same value.
 	     * If this is allowed to happen, refcount decrements may not
 	     * reach zero, and memory may leak.  Bugs 467523, 3357771
+	     *
+	     * NOTE:  [Bugs 3392070, 3389764] We make a copy based completely
+	     * on the string value, and do not call Tcl_DuplicateObj() so we
+             * can be sure we do not have any lingering cycles hiding in
+	     * the intrep.
 	     */
-	    codePtr->objArrayPtr[i] = Tcl_DuplicateObj(objPtr);
+	    int numBytes;
+	    const char *bytes = Tcl_GetStringFromObj(objPtr, &numBytes);
+
+	    codePtr->objArrayPtr[i] = Tcl_NewStringObj(bytes, numBytes);
 	    Tcl_IncrRefCount(codePtr->objArrayPtr[i]);
 	    Tcl_DecrRefCount(objPtr);
 	} else {
-- 
cgit v0.12