lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

> I've included newest (unmodified) Lua into my c++ engine which I check
> for memory corruptions from time to time using the tool BoundChecker.
> It found some error inside Lua while creating a new state. I've attached
> two pictures showing the call stack, allocation call stack and code.
> If it is a bug, it doesn't do any bad things to my system
> Of course not all errors found by this tool are real ones, some
> techniques may cause false positives. But maybe some Lua developer wants
> to have a look for it.
> The code to reproduce it is this:
>      lua_State* ls = luaL_newstate();
>      luaL_openlibs(ls);
> Regards
> Joerg
> pictures:

In the first picture, I could not understand about what pointer the
message is talking. The only pointers in the marked line [luaH_resize(L,
t, nasize, nsize)] are 'L' and 't', which do not change.

In the second picture, it may really be a small bug. When the table
has no hash elements, t->node points to 'dummynode' but t->lastfree
also points to dummynode (because size is 0). Then the decrement in the
marked line [while (t->lastfree-- > t->node) {] will make t->lastfree
point to outside the dummynode_ "array".

-- Roberto