Re: Upgrading Lua 5.4.2 to 5.4.3+ in a C++ project leads to PANIC
[
Date Prev][
Date Next][
Thread Prev][
Thread Next]
[
Date Index]
[
Thread Index]
- Subject: Re: Upgrading Lua 5.4.2 to 5.4.3+ in a C++ project leads to PANIC
- From: Aleksandr Zenkov <webmaster@...>
- Date: Fri, 2 Dec 2022 19:40:38 +0100
Ofcourse, how could I possibly forget about compiling my project in
debug mode and getting a backtrace, getting old I guess. Thank you for
the hint!
I've got a first hint from the backtrace. From here I need to explain
how my application works..
As I said earlier, it is a TCP server which accepts clients that use a
specific protocol to exchange data. This server has different plugins
with registered callbacks, one such example callback is simply
"OnUserLogin(name, addr)" which is called in all loaded plugins once a
user logs in. Then there is a Lua plugin among the others, it loads Lua
scripts that allow to receive callbacks inside the script, aswell as
call registered functions that are located in separate table, one such
example is "VH:GetUserIP(name)". This way the server can communicate
with the Lua script and reverse.
Now to the actual issue that I just figured out..
The loaded Lua scripts are freely coded, some scripts use "VH:GetUserIP"
helper, others don't. Some scripts actually use the callback
"OnUserLogin" mentioned above,others don't. Previously in Lua 5.4.2 and
earlier, a Lua script didn't have to actually have this function written
in the code, in order to receive the callback, as I said, not all
scripts require that specific callback, because they are written
according the needs of the script.
My sample script that was crashing the server, didn't have the function
"OnUserLogin", because it doesn't need it, it works with other type of
callbacks instead. Once I added "OnUserLogin" function to my script, the
server is no longer crashing.
So my next question is.. What type of security change was made in Lua
5.4.3 to start panicking once a C++ code tried to call a piece of Lua
code that does not exist? I mean, such a security checks never existed
in Lua as far as I can remember. As of my server, it was always up to
end user to create his own scripts as he wanted them to work. Ofcourse
there are error captures on luaL_dofile and lua_pcall that are returned
to the server to notify the user about possible issues. But this issues
does crash whole server.
I hope I described everything as expected, and I'm really glad that we
got one step closer to the solution. Also I see forward to some useful
information that could get my issue resolved.
Regards.
On 2022年12月02日 14:53, Roberto Ierusalimschy wrote:
1. Can you try bil til's suggestion? "set a breakpoint in the lua panic
function and look at your call stack"
2. You could compile Lua with the option LUA_USE_APICHECK and see if
semething pops up.
-- Roberto