Potential memory leak on some platforms
108 views
Skip to first unread message
dlroweht
Sep 9, 2024, 7:43:37 AM9/9/24
to lua-l
Hi,
There is a potential memory leak in latest version of Lua (5.4.7) and probably the other versions also. It is regarding the `va_start` that might never be ended by calling `va_end`. This can happen when calling `luaO_pushfstring` and passing it invalid format specifier, this way error gets invoked in default case of `luaO_pushvfstring` and `va_end` is never called. This "leak" might be totally irrelevant as `va_start` is a no-op on many platforms. Would calling `va_end` just before calling `luaG_runerror` be okay in this case?
There is a potential memory leak in latest version of Lua (5.4.7) and probably the other versions also. It is regarding the `va_start` that might never be ended by calling `va_end`. This can happen when calling `luaO_pushfstring` and passing it invalid format specifier, this way error gets invoked in default case of `luaO_pushvfstring` and `va_end` is never called. This "leak" might be totally irrelevant as `va_start` is a no-op on many platforms. Would calling `va_end` just before calling `luaG_runerror` be okay in this case?
Sainan
Sep 9, 2024, 7:56:14 AM9/9/24
to lu...@googlegroups.com
This is assuming there's a platform where va_* uses heap memory, because typically this would be handled via registers and the stack alone, and a Lua error being raised would either longjump or throw out of there, discarding those registers and that stack space.
-- Sainan
-- Sainan
Roberto Ierusalimschy
Sep 9, 2024, 9:03:36 AM9/9/24
to 'dlroweht' via lua-l
invocation of the va_start and va_copy macros shall be matched by a
corresponding invocation of the va_end macro in the same function."
Note the "in the same function". Currently, the call to luaG_runerror
is in another function. Moreover, it may occurr memory-allocation
errors too. So, the fix needs some care.
-- Roberto
google.c...@passinbox.com
Sep 10, 2024, 12:05:16 AM9/10/24
to 'dlroweht' via lua-l
Ah I see it is more complicated than what it seems especially as `luaO_pushvfstring` is used in `lua_pushvfstring` core API function. There is a cursed solution, and that is making the `luaO_pushvfstring` inline (defining it as a macro) haha, although this wouldn't prevent possible memory allocation errors to occur in case implementation uses heap to manage variable argument list, but I don't see any way to catch those kinds of errors as `va_*` functions/macros are defined to not have a return value.
> --
> You received this message because you are subscribed to a topic in the Google Groups "lua-l" group.
> To unsubscribe from this topic, visit https://groups.google.com/d/topic/lua-l/cPCqJkPWUSc/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to lua-l+un...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/lua-l/20240909130326.GA1861733%40arraial.inf.puc-rio.br.
> You received this message because you are subscribed to a topic in the Google Groups "lua-l" group.
> To unsubscribe from this topic, visit https://groups.google.com/d/topic/lua-l/cPCqJkPWUSc/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to lua-l+un...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/lua-l/20240909130326.GA1861733%40arraial.inf.puc-rio.br.
Reply all
Reply to author
Forward
0 new messages