lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

I think I figured out the problem.. I was using an object with tolua's object-oriented framework (tolua.class, tolua.instance). When I removed that object, I stopped getting this error.. I'll see if I can isolate exactly the code that was causing problem.. 

bye..

Ariel.

At 04:24 20/06/2003 -0300, you wrote:

Hi.. I looked some more into this, and I discovered a couple of things:
- the key of the value that is being 'marked' (by markobject, from markall) is a string, and the content is '.base', wich suggests that it's something from tolua (I think that's how it implements inheritance). I don't know what a 'closure' is, but I think the 'base' field is a reference to an object on tolua tables.
- no other value object with ttype == 6 (LUA_TMARK) was being 'marked' from 'markall' (I'm not completely sure about this tho.. I just put a 'printf' on markall and grepped through a couple of hundred lines on the output), so I just wrapped the markobject calls with an if, like this (lgc.c:136): 

--
                        if (ttype(val(n)) != LUA_TMARK) {
                          markobject(&st, &n->key);
                          markobject(&st, &n->val);
                        };
--
This allows me to continue working without having the program crash unexpectedly, but I can't help but thinking that I'm ignoring some kind of memory leak or corruption of the luastate.. Is there anything I should be checking, or that I could be doing wrong, that could cause this? 

_Any_ help would be appreciated.. thanks..

Ariel.

At 19:45 19/06/2003 -0300, you wrote:

Hi..
I'm using lua4.0.1 on a c++ program, and it's crashing when I do a 'lua_call". I'm opening the libraries 'base', 'str', 'math', 'db', 'io', and a tolua module. Here's the stack from the debugger (don't be fooled by the directory names, I'm using cl 13.00.9466 from VC7, on WinDbg): 

--
 # ChildEBP RetAddr  Args to Child
00 0011ece8 0092a06c 0011eee4 cccccccc 0011eef0 lua!markclosure(GCState* st = 0011eee4 , Closure* cl = cccccccc )+0x21 (CONV: cdecl) [c:\cygwin\home\punto\lua-4.0.1\src\lgc.c @ 67] 01 0011edc8 00929b64 0011eee4 011b27c0 0011efc8 lua!markobject(GCState* st = 0011eee4 , lua_TObject* o = 011b27c0 )+0x6c (CONV: cdecl) [c:\cygwin\home\punto\lua-4.0.1\src\lgc.c @ 94] 02 0011eef0 00929997 0102b5a8 0011f0a0 0011f688 lua!markall(lua_State* L = 0102b5a8 )+0x144 (CONV: cdecl) [c:\cygwin\home\punto\lua-4.0.1\src\lgc.c @ 137] 03 0011efc8 0092a385 0102b5a8 0011f1c8 0011f688 lua!luaC_collectgarbage(lua_State* L = 0102b5a8 )+0x27 (CONV: cdecl) [c:\cygwin\home\punto\lua-4.0.1\src\lgc.c @ 340] 04 0011f0a0 00927cf6 0102b5a8 0011f45c 0011f688 lua!luaC_checkGC(lua_State* L = 0102b5a8 )+0x35 (CONV: cdecl) [c:\cygwin\home\punto\lua-4.0.1\src\lgc.c @ 351] 05 0011f1c8 0093700b 0102b5a8 0102b990 00000000 lua!luaD_call(lua_State* L = 0102b5a8 , lua_TObject* func = 0102b990 , int nResults = 0)+0x226 (CONV: cdecl) [c:\cygwin\home\punto\lua-4.0.1\src\ldo.c @ 197] 06 0011f45c 00927bd6 0102b5a8 011b1e30 0102b980 lua!luaV_execute(lua_State* L = 0102b5a8 , Closure* cl = 011b1e30 , lua_TObject* base = 0102b980 )+0x16b (CONV: cdecl) [c:\cygwin\home\punto\lua-4.0.1\src\lvm.c @ 382] 07 0011f58c 009280ba 0102b5a8 0102b970 00000000 lua!luaD_call(lua_State* L = 0102b5a8 , lua_TObject* func = 0102b970 , int nResults = 0)+0x106 (CONV: cdecl) [c:\cygwin\home\punto\lua-4.0.1\src\ldo.c @ 178] 08 0011f678 00928ac0 0102b5a8 0011f8bc 0011f8d4 lua!f_call(lua_State* L = 0102b5a8 , void* ud = 0011f8bc )+0x3a (CONV: cdecl) [c:\cygwin\home\punto\lua-4.0.1\src\ldo.c @ 211] 09 0011f7cc 00927fff 0102b5a8 00928080 0011f8bc lua!luaD_runprotected(lua_State* L = 0102b5a8 , <function>* f = 00928080 , void* ud = 0011f8bc )+0x70 (CONV: cdecl) [c:\cygwin\home\punto\lua-4.0.1\src\ldo.c @ 377] 0a 0011f8d4 0059a990 0102b5a8 00000001 00000000 lua!lua_call(lua_State* L = 0102b5a8 , int nargs = 1, int nresults = 0)+0x4f (CONV: cdecl) [c:\cygwin\home\punto\lua-4.0.1\src\ldo.c @ 220] 
[...]
--
I assume the address 0xcccccccc is invalid for an object, so I went to the previows frame I evaluated 'o->value' from markobject: 

--
0:000> ?? *o
struct lua_TObject
   +0x000 ttype            : 6
   +0x008 value            : Value
0:000> ?? o->value
union Value
   +0x000 ts               : 0x0011f028
   +0x000 cl               : 0x0011f028
   +0x000 a                : 0x0011f028
   +0x000 i                : 0x0011f028
   +0x000 n                : 10.000000002088271
0:000> ?? *o->value.ts
struct TString
   +0x000 u                : __unnamed
   +0x008 len              : 0xcccccccc
   +0x00c nexthash         : 0xcccccccc
   +0x010 marked           : -858993460
   +0x014 str              : [4]  "???"
0:000> ?? *o->value.cl
struct Closure
   +0x000 f                : __unnamed
   +0x004 next             : 0xcccccccc
   +0x008 mark             : 0xcccccccc
   +0x00c isC              : -13108
   +0x00e nupvalues        : -13108
   +0x010 upvalue          : [1] lua_TObject
0:000> ?? *o->value.a
struct Hash
   +0x000 node             : 0xcccccccc
   +0x004 htag             : -858993460
   +0x008 size             : -858993460
   +0x00c firstfree        : 0xcccccccc
   +0x010 next             : 0xcccccccc
   +0x014 mark             : 0xcccccccc
0:000> ?? *o->value.i
struct CallInfo
   +0x000 func             : 0xcccccccc
   +0x004 pc               : 0xcccccccc  -> ????
   +0x008 lastpc           : -858993460
   +0x00c line             : -858993460
   +0x010 refi             : -858993460
0:000> ?? *o->value.n
double 10.000000002088271
--
Is this a known bug? or is there anything I could be doing to cause this? I can't isolate the problem because I have no idea wich part of the lua code is causing it, and it varies greatly on the conditions. (for example, it usually crashes inmedialely, but if I don't open iolib on the luastate, it takes about 18 seconds to crash; the lua_call is made on every 'frame' of the program (it's a game)). 

Thanks for any help.. bye.

Ariel.


Ariel.
http://Anime.com.ar
snm


Ariel.
http://Anime.com.ar
snm