[Lldb-commits] [lldb] r233935 - Fix a crasher that could happen when you run LLDB and evaluate an expression where the objective C runtime registers a helper function, and also have an Objective C or C++ exception breakpoint. When shutting down the process in Process::Finalize() we clear a STL collection class and that causes objects to be destroyed that could re-enter Process and cause it to try to iterate over that same collection class that is being destroyed.

Greg Clayton gclayton at apple.com
Thu Apr 2 11:44:59 PDT 2015 

Author: gclayton
Date: Thu Apr  2 13:44:58 2015
New Revision: 233935

URL: http://llvm.org/viewvc/llvm-project?rev=233935&view=rev
Log:
Fix a crasher that could happen when you run LLDB and evaluate an expression where the objective C runtime registers a helper function, and also have an Objective C or C++ exception breakpoint. When shutting down the process in Process::Finalize() we clear a STL collection class and that causes objects to be destroyed that could re-enter Process and cause it to try to iterate over that same collection class that is being destroyed.

Guard against this by setting a new "m_finalizing" flag that lets us know we are in the process of finalizing.

<rdar://problem/20369152>


Modified:
    lldb/trunk/include/lldb/Target/Process.h
    lldb/trunk/source/Target/Process.cpp

Modified: lldb/trunk/include/lldb/Target/Process.h
URL: http://llvm.org/viewvc/llvm-project/lldb/trunk/include/lldb/Target/Process.h?rev=233935&r1=233934&r2=233935&view=diff
==============================================================================
--- lldb/trunk/include/lldb/Target/Process.h (original)
+++ lldb/trunk/include/lldb/Target/Process.h Thu Apr  2 13:44:58 2015
@@ -3171,7 +3171,8 @@ protected:
     ArchSpec::StopInfoOverrideCallbackType m_stop_info_override_callback;
     bool                        m_currently_handling_do_on_removals;
     bool                        m_resume_requested;         // If m_currently_handling_event or m_currently_handling_do_on_removals are true, Resume will only request a resume, using this flag to check.
-    bool                        m_finalize_called;
+    bool                        m_finalizing; // This is set at the beginning of Process::Finalize() to stop functions from looking up or creating things during a finalize call
+    bool                        m_finalize_called; // This is set at the end of Process::Finalize()
     bool                        m_clear_thread_plans_on_stop;
     bool                        m_force_next_event_delivery;
     lldb::StateType             m_last_broadcast_state;   /// This helps with the Public event coalescing in ShouldBroadcastEvent.

Modified: lldb/trunk/source/Target/Process.cpp
URL: http://llvm.org/viewvc/llvm-project/lldb/trunk/source/Target/Process.cpp?rev=233935&r1=233934&r2=233935&view=diff
==============================================================================
--- lldb/trunk/source/Target/Process.cpp (original)
+++ lldb/trunk/source/Target/Process.cpp Thu Apr  2 13:44:58 2015
@@ -749,9 +749,10 @@ Process::Process(Target &target, Listene
     m_private_run_lock (),
     m_currently_handling_event(false),
     m_stop_info_override_callback (NULL),
-    m_finalize_called(false),
+    m_finalizing (false),
+    m_finalize_called (false),
     m_clear_thread_plans_on_stop (false),
-    m_force_next_event_delivery(false),
+    m_force_next_event_delivery (false),
     m_last_broadcast_state (eStateInvalid),
     m_destroy_in_process (false),
     m_can_jit(eCanJITDontKnow)
@@ -822,6 +823,8 @@ Process::GetGlobalProperties()
 void
 Process::Finalize()
 {
+    m_finalizing = true;
+    
     // Destroy this process if needed
     switch (GetPrivateState())
     {
@@ -1832,6 +1835,12 @@ Process::GetImageInfoAddress()
 uint32_t
 Process::LoadImage (const FileSpec &image_spec, Error &error)
 {
+    if (m_finalizing)
+    {
+        error.SetErrorString("process is tearing itself down");
+        return LLDB_INVALID_IMAGE_TOKEN;
+    }
+
     char path[PATH_MAX];
     image_spec.GetPath(path, sizeof(path));
 
@@ -1951,6 +1960,13 @@ Error
 Process::UnloadImage (uint32_t image_token)
 {
     Error error;
+
+    if (m_finalizing)
+    {
+        error.SetErrorString("process is tearing itself down");
+        return error;
+    }
+
     if (image_token < m_image_tokens.size())
     {
         const addr_t image_addr = m_image_tokens[image_token];
@@ -2025,6 +2041,9 @@ Process::UnloadImage (uint32_t image_tok
 const lldb::ABISP &
 Process::GetABI()
 {
+    if (m_finalizing)
+        return lldb::ABISP();
+
     if (!m_abi_sp)
         m_abi_sp = ABI::FindPlugin(m_target.GetArchitecture());
     return m_abi_sp;
@@ -2033,6 +2052,9 @@ Process::GetABI()
 LanguageRuntime *
 Process::GetLanguageRuntime(lldb::LanguageType language, bool retry_if_null)
 {
+    if (m_finalizing)
+        return nullptr;
+
     LanguageRuntimeCollection::iterator pos;
     pos = m_language_runtimes.find (language);
     if (pos == m_language_runtimes.end() || (retry_if_null && !(*pos).second))
@@ -2067,6 +2089,9 @@ Process::GetObjCLanguageRuntime (bool re
 bool
 Process::IsPossibleDynamicValue (ValueObject& in_value)
 {
+    if (m_finalizing)
+        return false;
+
     if (in_value.IsDynamic())
         return false;
     LanguageType known_type = in_value.GetObjectRuntimeLanguage();

More information about the lldb-commits mailing list