Noah Watkins

github
twitter
linkedin

Custom Lua VM panic handler

Extending applications with Lua is amazingly powerful. The task can be a little mind-bending, but with a bit of practice it all begins to make sense. One challenge with embedding the Lua VM is avoiding the possibility of crashing the host application. This is especially important for high-availability systems such as file system servers.

It is good practice to execute everything in a Lua protected environment in which case errors are reported through the normal lua_error path. However, Lua may also find itself in an unrecoverable state in which it calls its installed panic handler. The default handler will call exit() in the host process, thus it is crucial for stability that we provide a customized version that recovers gracefully.

Since a Lua panic is a dead-end road, meaning Lua can’t recover, we must help it recover by returning execution to a safe context. We do this using setjmp.h, which happens to be used extensively in the implementation of Lua.

Example Setup

In order to use setjmp/longjmp we record a jump position that we can return to. This position in the code is held in the variable custom_lua_panic_jmp, and set before we begin interacting with the Lua VM (shown in the code snippet below).

/* jump point */
static jmp_buf custom_lua_panic_jump;

/* custom panic handler */
static int custom_lua_atpanic(lua_State *lua)
{
    longjmp(custom_lua_panic_jump, 1);
    /* will never return */
    return 0;
}

Next we setup the Lua VM normally, and then immediately setup the panic handler.

#include <setjmp.h>

/* build Lua VM state */
lua_State *L = luaL_newstate();
if (!L) {
  /* log error and return */
}

/* immediately install panic handler */
lua_atpanic(L, &custom_lua_atpanic);

Finally we set the jump point which will be used to return to this execution context from the panic handler, and then begin to interact with the Lua VM. Note that in the panic handler we return the value 1, which corresponds to the recovery case below.

if (setjmp(custom_lua_panic_jump) == 0) {
  /* interact with Lua VM */
} else {
  /* recovered from panic. log and return */
}

And that’s it. There isn’t much you can do once the VM panics, but setting a safe exit point let’s you deal with the issues safely in the host environment. This technique is used in the RADOS object storage system that embeds the Lua VM.

30bd762cd913e5b33d66499bed483624ef44ed89