diff options
author | kyren <kerriganw@gmail.com> | 2018-03-08 10:59:50 -0500 |
---|---|---|
committer | kyren <kerriganw@gmail.com> | 2018-03-08 10:59:50 -0500 |
commit | adfeaeab49431d53e5fdcb7e549cfa9aab330095 (patch) | |
tree | 8606ece2720b8934bb60ff5950ef4c4bfced0104 /src/lua.rs | |
parent | 6a0264169a87c3d9634b4aa4d087c31c0fd4fcd3 (diff) | |
download | mlua-adfeaeab49431d53e5fdcb7e549cfa9aab330095.zip |
Change strategies for handling the Lua stack during panics
Previously, on an internal panic, the Lua stack would be reset before panicking
in an attempt to make sure that such panics would not cause stack leaks or leave
the stack in an unknown state. Now, such panic handling is done in stack_guard
and stack_err_guard instead, and this is for a few reasons:
1) The previous approach did NOT handle user triggered panics that were outside
of `rlua`, such as a panic in a ToLua / FromLua implementation. This is
especially bad since most other panics would be indicative of an internal bug
anyway, so the utility of keeping `rlua` types usable after such panics was
questionable. It is much more sensible to ensure that `rlua` types are
usable after *user generated* panics.
2) Every entry point into `rlua` should be guarded by a stack_guard or
stack_err_guard anyway, so this should restore the Lua stack on exiting back
to user code in all cases.
3) The method of stack restoration no longer *clears* the stack, only resets it
to what it previously was. This allows us, potentially, to keep values at
the beginning of the Lua stack long term and know that panics will not
clobber them. There may be a way of dramatically speeding up ref types by
using a small static area at the beginning of the stack instead of only the
registry, so this may be important.
Diffstat (limited to 'src/lua.rs')
-rw-r--r-- | src/lua.rs | 7 |
1 files changed, 3 insertions, 4 deletions
@@ -55,7 +55,7 @@ impl Drop for Lua { if cfg!(test) { let top = ffi::lua_gettop(self.state); if top != 0 { - lua_internal_abort!("Lua stack leak detected, stack top is {}", top); + rlua_abort!("Lua stack leak detected, stack top is {}", top); } } @@ -727,8 +727,7 @@ impl Lua { // Used 1 stack space, does not call checkstack pub(crate) unsafe fn push_ref(&self, state: *mut ffi::lua_State, lref: &LuaRef) { - lua_assert!( - state, + rlua_assert!( lref.lua.main_state == self.main_state, "Lua instance passed Value created from a different Lua" ); @@ -912,7 +911,7 @@ impl Lua { // not really a huge loss. Importantly, this allows us to turn off the gc, and // then know that calling Lua API functions marked as 'm' will not result in a // 'longjmp' error while the gc is off. - lua_abort!("out of memory in Lua allocation, aborting!"); + abort!("out of memory in Lua allocation, aborting!"); } else { p as *mut c_void } |