Crash when shared pointers are enabled

Issue #18 invalid
Aleksey Fedotov
created an issue

I use OOLua 2.0.1 and Lua 5.3.1 in MSVS 2015. When I

#define OOLUA_USE_SHARED_PTR 1
#include <oolua.h>

and then bind any simple class and try to run Lua code that creates an instance of that class and invokes its method, the program crashes. For instance:

class Test
{
public:
    void print()
    {
        std::cout << "Message" << std::endl;
    }

    int getInt()
    {
        return 10;
    }
};

OOLUA_PROXY(Test)
    OOLUA_MFUNC(print)
    OOLUA_MFUNC(getInt)
OOLUA_PROXY_END

OOLUA_EXPORT_FUNCTIONS(Test, print, getInt)
OOLUA_EXPORT_FUNCTIONS_CONST(Test)

int main()
{
    OOLUA::Script script;
    script.register_class<Test>();
    script.run_chunk(R"s(
        local t = Test.new()
        t:print()
        print(t:getInt())
    )s");
    std::cin.get();
    return 0;
}

This program crashes with message Access violation reading location in luaS_new function inside Lua.

Please point me at something that I'm probably missing here, or confirm if it's a bug.

Thanks!

Comments (8)

  1. Liam Devine repo owner

    Aleksey, Can you post the full error message including the hex address? You say that you define OOLUA_USE_SHARED_PTR in the source file, are you using OOLua as a static library and have you specified this value for the static library? (see oolua_config.h or add it to the compiler settings) Does the snippet require the run_chunk call to access violate or is register_class all that is required?

    OOLua is tested using MSCV 14 and with shared pointer configurations. I am confident this is not a bug in the library without running the example posted, as the tests cover this creating of types and function calling.

  2. Aleksey Fedotov reporter

    Hi Liam,

    The full message is

    Exception thrown at 0x0FF612E2 (ucrtbased.dll) in oolua-test.exe: 0xC0000005: Access violation reading location 0xCCCCCCDC.
    

    Stack trace:

        ucrtbased.dll!661812e2()    Unknown
        [Frames below may be incorrect and/or missing, no symbols loaded for ucrtbased.dll] 
        oolua-test.exe!luaS_new(lua_State * L, const char * str) Line 204   C
        oolua-test.exe!lua_getfield(lua_State * L, int idx, const char * k) Line 609    C
        oolua-test.exe!OOLUA::INTERNAL::class_name_is_already_registered(lua_State * vm, const char * name) Line 98 C++
        oolua-test.exe!OOLUA::INTERNAL::register_class_imp<Test>(lua_State * vm) Line 581   C++
        oolua-test.exe!OOLUA::INTERNAL::valid_base_ptr_or_null<Test>(const OOLUA::INTERNAL::Lua_ud * stack_ud) Line 146 C++
        oolua-test.exe!OOLUA::INTERNAL::check_index_no_const<Test>(lua_State * vm, int index) Line 285  C++
        oolua-test.exe!OOLUA::INTERNAL::member_caller<OOLUA::Proxy_class<Test>,Test>(lua_State * vm) Line 119   C++
        oolua-test.exe!luaD_precall(lua_State * L, lua_TValue * func, int nresults) Line 337    C
        oolua-test.exe!luaV_execute(lua_State * L) Line 1084    C
        oolua-test.exe!luaD_call(lua_State * L, lua_TValue * func, int nResults, int allowyield) Line 422   C
        oolua-test.exe!f_call(lua_State * L, void * ud) Line 919    C
        oolua-test.exe!luaD_rawrunprotected(lua_State * L, void (lua_State *, void *) * f, void * ud) Line 142  C
        oolua-test.exe!luaD_pcall(lua_State * L, void (lua_State *, void *) * func, void * u, int old_top, int ef) Line 644 C
        oolua-test.exe!lua_pcallk(lua_State * L, int nargs, int nresults, int errfunc, int ctx, int (lua_State *, int, int) * k) Line 945   C
        oolua-test.exe!OOLUA::run_chunk(lua_State * vm, const std::basic_string<char,std::char_traits<char>,std::allocator<char> > & chunk) Line 48 C++
        oolua-test.exe!OOLUA::Script::run_chunk(const std::basic_string<char,std::char_traits<char>,std::allocator<char> > & chunk) Line 69 C++
        oolua-test.exe!main() Line 37   C++
        [External Code] 
    

    Right now I've also noticed that sometimes the program runs fine (but apparently does nothing because I don't see anything printed), but crashes right before shutdown with message

    Exception thrown at 0x00F74ABC in oolua-test.exe: 0xC0000005: Access violation writing location 0x00F2CD29.
    

    inside shared_ptr implementation (at least it looks as such). Call stack:

        oolua-test.exe!std::_Ref_count_base::_Decref() Line 110 C++
        oolua-test.exe!std::_Ptr_base<Test>::_Decref() Line 339 C++
        oolua-test.exe!std::shared_ptr<Test>::~shared_ptr<Test>() Line 574  C++
        oolua-test.exe!std::shared_ptr<Test>::`scalar deleting destructor'(unsigned int)    C++
        oolua-test.exe!OOLUA::INTERNAL::shared_delete<std::shared_ptr<Test> >(std::shared_ptr<Test> * p) Line 152   C++
        oolua-test.exe!OOLUA::INTERNAL::garbage_collect<Test>::gc(lua_State * vm) Line 223  C++
        oolua-test.exe!luaD_precall(lua_State * L, lua_TValue * func, int nresults) Line 337    C
        oolua-test.exe!luaD_call(lua_State * L, lua_TValue * func, int nResults, int allowyield) Line 421   C
        oolua-test.exe!dothecall(lua_State * L, void * ud) Line 800 C
        oolua-test.exe!luaD_rawrunprotected(lua_State * L, void (lua_State *, void *) * f, void * ud) Line 142  C
        oolua-test.exe!luaD_pcall(lua_State * L, void (lua_State *, void *) * func, void * u, int old_top, int ef) Line 644 C
        oolua-test.exe!GCTM(lua_State * L, int propagateerrors) Line 819    C
        oolua-test.exe!runafewfinalizers(lua_State * L) Line 844    C
        oolua-test.exe!singlestep(lua_State * L) Line 1086  C
        oolua-test.exe!luaC_runtilstate(lua_State * L, int statesmask) Line 1106    C
        oolua-test.exe!luaC_fullgc(lua_State * L, int isemergency) Line 1168    C
        oolua-test.exe!lua_gc(lua_State * L, int what, int data) Line 1032  C
        oolua-test.exe!OOLUA::Script::close_down() Line 56  C++
        oolua-test.exe!OOLUA::Script::~Script() Line 45 C++
        oolua-test.exe!main() Line 43   C++
        [External Code] 
        [Frames below may be incorrect and/or missing, no symbols loaded for kernel32.dll]  
    

    I've included library sources into my program, so the flags definitely has effect :) run_chunk is required for the crash.

  3. Liam Devine repo owner

    Aleksey,

    You have found a beauty here. My current thinking is that it is not a bug in the library yet with the Visual Studio debugger. It is setting the flags member of the userdata as dead memory 0xdd and ignoring a setting to zero even thought the assembly does just that. This causes a side effect that the userdata is treated as a shared pointer, so when releasing it calls the shared pointer destructor and all hell breaks loose.

    I will have to try and find a work around for the VS debugger. Maybe something as simple as xor ing with itself may work.

    https://twitter.com/OOLua/status/646676735958888448 https://twitter.com/OOLua/status/646668818627039232

  4. Liam Devine repo owner

    To cut a long story short, I could not see the forest for the trees. This is neither a bug in the library or in the debugger and is not specific to a version of Visual Studio. When you place the define at the top of your source file, only some compilation units are being compiled with the define and therefore the size of Lua_ud is different for different compliation units. To correct this and to ensure that all compliation units are compiled with the macro, you have a number of options. Two of which are to add the define to the project settings or adjust the oolua_config.h file.

  5. Log in to comment