From 06f88cd479ae7affbc158814c577922e9aa121be Mon Sep 17 00:00:00 2001
From: black-sliver <59490463+black-sliver@users.noreply.github.com>
Date: Sun, 19 Nov 2023 14:01:59 +0100
Subject: [PATCH 1/2] MemoryWatch: don't use possibly-stale reference

we use [] on vector because the callback list can change during execution,
the .dirty=false would then use a stale reference, writing to random memory
---
 src/core/scripthost.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/core/scripthost.cpp b/src/core/scripthost.cpp
index 95b9cc3d..3bc5a923 100644
--- a/src/core/scripthost.cpp
+++ b/src/core/scripthost.cpp
@@ -410,6 +410,6 @@ void ScriptHost::runMemoryWatchCallbacks()
         if (_memoryWatches[i].name != name)
             i--; // watch at i changed (was removed)
         else if (res != false)
-            w.dirty = false; // watch returned non-false
+            _memoryWatches[i].dirty = false; // watch returned non-false
     }
 }

From daa51b65a8af8435ad4dc82f836a5c1768ecae32 Mon Sep 17 00:00:00 2001
From: black-sliver <59490463+black-sliver@users.noreply.github.com>
Date: Sun, 19 Nov 2023 14:02:27 +0100
Subject: [PATCH 2/2] MemoryWatch: clean up remains of old code

---
 src/core/scripthost.cpp | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/src/core/scripthost.cpp b/src/core/scripthost.cpp
index 3bc5a923..bc2ddcf5 100644
--- a/src/core/scripthost.cpp
+++ b/src/core/scripthost.cpp
@@ -66,7 +66,6 @@ ScriptHost::ScriptHost(Pack* pack, lua_State *L, Tracker *tracker)
         for (size_t i=0; i<_memoryWatches.size(); i++) {
             // NOTE: since watches can change in a callback, we use vector
             auto& w = _memoryWatches[i];
-            auto name = w.name;
             auto newData = _autoTracker->read((unsigned)w.addr, (unsigned)w.len);
             if (w.data != newData) {
                 DEBUG_printf("  %s changed\n", w.name.c_str());
@@ -80,9 +79,7 @@ ScriptHost::ScriptHost(Pack* pack, lua_State *L, Tracker *tracker)
                 w.data = newData;
                 w.dirty = true;
             }
-            if (_memoryWatches.size() <= i) break;
-            if (_memoryWatches[i].name != name) // current item not unchanged
-                i--;
+            // NOTE: we run the user callbacks in runMemoryWatchCallbacks
         }
     }};
     _autoTracker->onVariablesChanged += {this, [this](void*, const std::list<std::string>& vars) {