ESOUI » Developer Discussions » General Authoring Discussion » Crashes with table.sort
Reply
View First Unread  
Thread Tools Display Modes
04/24/16, 12:43 PM   #1
sirinsidiator
 
sirinsidiator's Avatar
AddOn Author - Click to view addons
Join Date: Apr 2014
Posts: 1,578
Crashes with table.sort
I always thought it was normal that eso crashes if I mess up my sort function in some bad way, but now that haggen had a similar problem I went to the trouble of actually reading the Lua source code and saw that it should not happen that way.

Lua Code:
  1. local myTable = {1,2,3,4}
  2. table.sort(myTable, function(a, b)
  3.    return true
  4. end)

This should throw a Lua error according to the source code of auxsort, but instead it becomes an infinite loop and hangs the process until it is killed.

I suspect it has to do with this piece here:
Code:
   /* repeat ++i until a[i] >= P */
      while (lua_rawgeti(L, 1, ++i), sort_comp(L, -1, -2)) {
        if (i>u) luaL_error(L, "invalid order function for sorting");
        lua_pop(L, 1);  /* remove a[i] */
      }
For some reason luaL_error does not get fired or simply does not stop code execution.
  Reply With Quote
04/25/16, 04:26 AM   #2
merlight
AddOn Author - Click to view addons
Join Date: Jul 2014
Posts: 671
To me it looks quite suspicious that they check indices one-behind:

C Code:
  1. // auxsort 5.1
  2.  
  3.       while (lua_rawgeti(L, 1, ++i), sort_comp(L, -1, -2)) {
  4.         if (i>u) luaL_error(L, "invalid order function for sorting");
  5.         lua_pop(L, 1);  /* remove a[i] */
  6.       }
  7.       /* repeat --j until a[j] <= P */
  8.       while (lua_rawgeti(L, 1, --j), sort_comp(L, -3, -1)) {
  9.         if (j<l) luaL_error(L, "invalid order function for sorting");
  10.         lua_pop(L, 1);  /* remove a[j] */
  11.       }

(i>u) or (j<l) is checked after t[i] or t[j] has been accessed and compared, and it may happen that (i>#t) or (j<1). Although luaH_getnum does check the index, and goes into the hashtable if it's out of range. Perhaps ESO Lua removed these checks in auxsort completely.

You can see in Lua 5.2 they actually fixed these checks auxsort 5.2
  Reply With Quote
04/25/16, 05:36 AM   #3
sirinsidiator
 
sirinsidiator's Avatar
AddOn Author - Click to view addons
Join Date: Apr 2014
Posts: 1,578
Haggen did mention that sometimes the sort function got passed a nil even when the table only contained numbers, so that might be the case.
  Reply With Quote
06/28/16, 03:22 PM   #4
Solinur
AddOn Author - Click to view addons
Join Date: Aug 2014
Posts: 78
It looks like this is behind the recent crashes caused by Combat Metrics. It's really hard to find a bug like this
  Reply With Quote
06/28/16, 03:25 PM   #5
sirinsidiator
 
sirinsidiator's Avatar
AddOn Author - Click to view addons
Join Date: Apr 2014
Posts: 1,578
Yes. And it would be literally solved by adding 2 characters.
  Reply With Quote
06/29/16, 09:12 AM   #6
ZOS_ChipHilseberg
ZOS Staff!
Premium Member
Yes this person is from ZeniMax!
Join Date: Oct 2014
Posts: 551
I have a fix in for this.
  Reply With Quote
06/29/16, 12:16 PM   #7
sirinsidiator
 
sirinsidiator's Avatar
AddOn Author - Click to view addons
Join Date: Apr 2014
Posts: 1,578
  Reply With Quote
Reply

ESOUI » Developer Discussions » General Authoring Discussion » Crashes with table.sort
« Previous Thread | Next Thread »


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off