Bug in Lua code generator

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

• Subject: Bug in Lua code generator
• From: "Rici Lake" <lua@...>
• Date: 2007年4月29日 00:37:19 +0100 (BST)

---

(This bug was discovered by David Manura.)
The unary operators, OP_UNM, OP_LEN and OP_NOT do not allow constants for
the B operand. It's not clear to me why not, but in any case, the test at
line 702 of lcode.c is incorrect:
 if (e->k == VK)
The expression at that point could be nil or a boolean, in which case it
will not be placed into a register and <OP_UNM r, k> will be produced.
This can be demonstrated:
-bash-2.05b$ src/luac -l -l -
return -nil
^D
main <stdin:0,0> (3 instructions, 12 bytes at 0x8065000)
0+ params, 2 slots, 0 upvalues, 0 locals, 1 constant, 0 functions
 1 [1] UNM 0 -1
 2 [1] RETURN 0 2
 3 [1] RETURN 0 1
constants (1) for 0x8065000:
 1 nil
locals (0) for 0x8065000:
upvalues (0) for 0x8065000:
-bash-2.05b$ src/lua luac.out
src/lua: luac.out: bad code in precompiled chunk
On Windows, this causes a segfault if the vm code is not checked. It
presumably could cause arbitrary behaviour on other OS's as well.
The solution would be either to make OP_UNM accept RK(B) instead of just
R(B), or to change the test in line 702 of lcode.c to include VNIL, VFALSE
and VTRUE

---

• Follow-Ups:
  • Re: Bug in Lua code generator, Roberto Ierusalimschy

• Prev by Date: Re: Precompile my Lua Library Code
• Next by Date: Re: Lua string
• Previous by thread: Re: abort a lua_newthread from C and re-use its lua_State?
• Next by thread: Re: Bug in Lua code generator
• Index(es):
  • Date
  • Thread