Re: lua_register and Lua crash

Hello Rena,

Thank you for your quick response, I have had made changes for the memcpy as suggested by you but the crash is still on.

About the use of openlibs / openlib - I had used them initially. Whenever I used openlib / openlibs call - lua crashed similarly. So - as a work-around, I tried to use the lua_register to check the working. I am observing the same crashes.

One observation is that it crashes if the number of functions are more e.g. if lua_register with two functions - it doesn't crash. If there are more e.g. 20-30, then it crashes.

I was reading about some lua table corruption posts in the mail list. Any further patches available to the 5.2.3 code base with some bug fixes ?

Please let me know, as it looks like a dead-lock here.

Regards

Santosh

On Tuesday, 9 December 2014 8:02 PM, Rena <hyperhacker@gmail.com> wrote:

On 2014-12-09 9:02 AM, "Santosh Kadam" <sanmanik@yahoo.com> wrote:
>
> Hi, there
>
> Thank you for your responses...
>
>
> Attaching the code, Please let me know if any issues within the calling...
>
> Rgds
> Santosh
>
>
>
>
> /************************LUA Script****************/
> char lua_test7[]="\
> function add(a, b) \
> return a+b \
> end \
> \
> x = add(5, 6) \
> y = add(9, 1, 6) \
> mydbg(x) \
> mydbg(y) \
> \
> a = add \
> x1 = a(5, 6) \
> mydbg(x1) \
> \
> \
> function split(num) \
> frac = num % 1 \
> dec = num - frac \
> return dec, frac \
> end \
> \
> x, y = split(45.96) \
> mydbg(x) \
> mydbg(y) \
> \
> function greet(person) \
> mydbg('Hello, ' .. person.firstname .. ' ' .. person.lastname)\
> mydbg(person.firstname) \
> mydbg(person.lastname) \
> end \
> \
> greet{firstname=\"John\", lastname=\"Doe\"} \
> ";
> /************************LUA Script****************/
>
> =========================
> static const luaL_Reg base_funcs[] = {
> {"assert", luaB_assert},
> {"collectgarbage", luaB_collectgarbage},
> // {"dofile", luaB_dofile},
> {"error", luaB_error},
> {"getmetatable", luaB_getmetatable},
> {"ipairs", luaB_ipairs},
> // {"loadfile", luaB_loadfile},
> // {"load", luaB_load},
> #if defined(LUA_COMPAT_LOADSTRING)
> {"loadstring", luaB_load},
> #endif
> // {"next", luaB_next},
> // {"pairs", luaB_pairs},
> // {"pcall", luaB_pcall},
> // {"print", luaB_print},
> // {"rawequal", luaB_rawequal},
> // {"rawlen", luaB_rawlen},
> // {"rawget", luaB_rawget},
> // {"rawset", luaB_rawset},
> // {"select", luaB_select},
> // {"setmetatable", luaB_setmetatable},
> // {"tonumber", luaB_tonumber},
> // {"tostring", luaB_tostring},
> // {"type", luaB_type},
> // {"xpcall", luaB_xpcall},
> {NULL, NULL}
> };
>
> void register_base_lib_funcs (lua_State *L) {
> const luaL_Reg *lib;
> /* call open functions from 'loadedlibs' and set results to global table */
> for (lib = base_funcs; lib->func; lib++) {
> XIP_UNIT_TEST_DBG_RELEASE( "LUA", "Registering Base lib Function [%s", lib->name);
> lua_register(L, lib->name,lib->func);
> }
> return ;
> }
>
> ===========================
> void test_lua(void)
> {
> lua_State *L ;
> L = lua_newstate(custom_alloc,NULL);
> //luaL_openlibs(L);
> register_base_lib_funcs (L);
> do_lua(L, lua_test7);
> lua_close(L);
> }
>
> void do_lua(lua_State *L , char *script)
> {
> int s;
>
> lua_register(L, "mydbg", lua_mydbg);
> s = luaL_loadstring(L,script);
> if ( s==0 ) {
> s = lua_pcall(L, 0, LUA_MULTRET, 0);
> }
> report_errors(L, s);
> }
>
>
> static void *custom_alloc (void *ud, void *ptr, size_t osize, size_t nsize) {
> static int totalmem = 0;
> (void)ud; (void)osize; /* not used */
> if (nsize == 0) {
>   totalmem -= osize;
>   gtotalmem = totalmem;
> if(ptr)
>    my_free(ptr,__FILE__, __LINE__);
> return NULL;
> }
> else {
>
> if (ptr == NULL)
> totalmem+=nsize;
> else
> {
>   totalmem += (nsize-osize);
> }
>   gtotalmem = totalmem;
>   return my_realloc(ptr, nsize,__FILE__,__LINE__);
> }
> }
>
> int mydbg(lua_State *L)
> {
> int n=0;
>
> int argc = lua_gettop(L);
>
> for (n=1; n<=argc; ++n ) {
> printf( "String [%s]", lua_tostring(L, n));
> }
>
> //lua_pushnumber(L, 0); // return value
> return 1; // number of return values
> }
>
> void report_errors(lua_State *L, int status)
> {
> if ( status!=0 ) {
> printf( "Error : [%s] \n",lua_tostring(L, -1));
> lua_pop(L, 1); // remove error message
> }
> }
>
> void *my_realloc ( void *oldBlock, size_t size, const char * fileName, const short lineNumber )
> {
> if ( size == 0 )
> {
>   free( oldBlock, fileName, lineNumber );
>   oldBlock = NULL;
>   return NULL;
> }
> else
> {
>   void *newblock = NULL;
>   // allocate a new block
>   newblock = malloc( size, fileName, lineNumber );
>   // overflow
>   if ( newblock == NULL )
>    {
>          printf( "Required [%d] , newblock NULL !!!!",size);//SAN
>    return NULL;
>    }
>   if ( oldBlock )
>   {
>   memcpy( newblock, oldBlock, size );
>   // erase (and check) old copy
>   free( oldBlock, fileName, lineNumber );
>   }
>   return newblock;
> }
> }
>
> ---------------------------
>
>
>
> On Monday, 8 December 2014 5:55 PM, Alexey Melnichuk <alexeymelnichuck@gmail.com> wrote:
>
>
> Hello, Santosh.
>
>
> > Hi There,
> >
> > I am calling lua_register with a series of around 40-50 c functions in a for loop. Post this register call - I execute a small script, which doesn't make a call to any of the registered functions (although - calling registered functions is the final intent.)
> >
> > what I have observed that the LUA Crashes after a few line of statements. Please do let me know if there are any inputs in this regards.
>
>
> May be you forgot NULL terminator in function list?
>
>
> ---
> Это сообщение проверено на вирусы антивирусом Avast.
> http://www.avast.com
>
>
>

Well, I think the cause of your spontaneous crashes is:

memcpy( newblock, oldBlock, size );

If the new block is larger than the old one, then this will read out of bounds past the end of the old block.

Aside from that, I'm not sure what you're doing with lua_register. You might want to look at luaL_openlibs and luaL_newlib which can do the job for you.

-- Sent from my Game Boy.