lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

>> I think that I have found a bug in lua_insert(), in Lua 5.2.1.
>> lua_insert() does the following loop:
>>   for (q = L->top; q>p; q--) setobjs2s(L, q, q-1);
>> (first iteration writes value into L->top)
>> But according to index2addr():
>>   if (o >= L->top) return NONVALIDVALUE;
>> (= means that L->top should not be accessed).
>> The problem is actually that my application crashes sometimes inside
>> lua_insert(). I think it happens when lua_insert() is called on a "full"
>> stack (i.e. when it tries to access L->top which points outside of the
>> memory block). If I add lua_checkstack() before lua_insert(), the problem
>> disappears.

> I am afraid your stack is more than full: it is already overflowed by
a few entries before you call lua_insert. If you grep for EXTRA_STACK in
the Lua source code, you will see that Lua always keeps some extra space
after the "end" of the stack, for some internal uses. For instance,
lua_insert uses L->top as a temporary, and it is shure that there is
such a slot (because of EXTRA_STACK).

Thank you for your answer.

I am using only standart API of Lua (only lua_pushXXX, lua_insert, lua_remove, lua_next, lua_createtable, lua_getfield, lua_setfield -- i.e. no "strange" stack manipulation is done).
Lua library is not modified (i.e. vanilla lua 5.2.1 distribution).
Number of entries on the Lua stack is small (something about 100-200, memory block as reported by valgrind is also very small)
Memory allocator is the default one.

How can I overflow lua stack in this case?