#21 call asan on setjmp#22
Conversation
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Pull request overview
This PR updates Lua’s longjmp-based error handling to better cooperate with AddressSanitizer by invoking an ASan “no return” hook before performing longjmp.
Changes:
- Adds a declaration for
__asan_handle_no_return. - Wraps
LUAI_THROW(for_longjmp/_setjmpandlongjmp/setjmpconfigurations) to call__asan_handle_no_return()beforelua_do_longjmp.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
DON'T DELETE |
| */ | ||
| #if defined(__SANITIZE_ADDRESS__) | ||
| # define lua_do_setjmp setjmp | ||
| # define lua_do_longjmp longjmp |
There was a problem hiding this comment.
ASAN detection misses Clang before version 21
Low Severity
The ASAN check uses only __SANITIZE_ADDRESS__, which GCC has supported since 4.8 but Clang only added in version 21 (2026). Clang versions before 21 use __has_feature(address_sanitizer) instead. Builds with older Clang and -fsanitize=address will silently skip this block and continue using the custom asm setjmp/longjmp, defeating the purpose of the ASAN fix. The common portable pattern checks both: defined(__SANITIZE_ADDRESS__) || (defined(__has_feature) && __has_feature(address_sanitizer)).
Reviewed by Cursor Bugbot for commit 27c45ad. Configure here.
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
There are 2 total unresolved issues (including 1 from previous review).
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 18b1507. Configure here.
| */ | ||
| #if defined(__SANITIZE_ADDRESS__) | ||
| # define lua_do_setjmp setjmp | ||
| # define lua_do_longjmp longjmp |
There was a problem hiding this comment.
ASAN path incorrectly triggers extern declarations for setjmp
Medium Severity
When __SANITIZE_ADDRESS__ is defined, lua_do_setjmp is #define'd to setjmp before the #ifdef lua_do_setjmp guard on line 239, causing the extern declaration block (designed for custom asm symbols) to be entered. The declarations expand through the platform's setjmp macro — on glibc this happens to produce a valid _setjmp re-declaration, but on platforms where setjmp(env) expands to e.g. sigsetjmp(env, 1), the result is invalid syntax. The ASAN path duplicates the intent of the #else fallback on lines 243–245 but inadvertently goes through the wrong code path.
Additional Locations (1)
Reviewed by Cursor Bugbot for commit 18b1507. Configure here.
Note
Low Risk
Low risk: behavior changes only under
__SANITIZE_ADDRESS__, but it touches the core longjmp-based error/exception path during ASAN-instrumented builds.Overview
When compiling with AddressSanitizer (
__SANITIZE_ADDRESS__),thrlua.hnow mapslua_do_setjmp/lua_do_longjmpto the systemsetjmp/longjmpinstead of the custom assembly implementations.This lets ASAN intercept the jump functions and correctly unpoison skipped stack frames, reducing ASAN false positives during Lua error handling.
Reviewed by Cursor Bugbot for commit 18b1507. Bugbot is set up for automated code reviews on this repo. Configure here.