[Lldb-commits] [lldb] [lldb] [debugserver] Shut down the exception thread when clearing (PR #70979)

[via lldb-commits]

llvmbot wrote:


<!--LLVM PR SUMMARY COMMENT-->

@llvm/pr-subscribers-lldb

Author: Jason Molenda (jasonmolenda)

<details>
<summary>Changes</summary>

MachProcess has a MachTask as an ivar.  In the MachProcess dtor, we call MachTask::Clear() to clear its state, before running the dtor of all our ivars, including the MachTask one.

When we attach on darwin, MachProcess calls MachTask::StartExceptionThread which does the task_for_pid and then starts a thread to listen for mach messages.  Then MachProcess calls ptrace(PT_ATTACHEXC).  If that ptrace() fails, MachProcess will call MachTask::Clear.  But the exception thread is now up & running and is not stopped; its ivars will be reset by the Clear() method, and its object will be freed after the dtor runs.

Actually eliciting a crash in this scenario is very timing sensitive; I hand-modified debugserver to fail to PT_ATTACHEXC trying to simulate it on my desktop and was unable.  But looking at the source, and an occasional crash report we've received, it's clear that this is possible.

rdar://117521198

---
Full diff: https://github.com/llvm/llvm-project/pull/70979.diff


1 Files Affected:

- (modified) lldb/tools/debugserver/source/MacOSX/MachTask.mm (+2) 


``````````diff
diff --git a/lldb/tools/debugserver/source/MacOSX/MachTask.mm b/lldb/tools/debugserver/source/MacOSX/MachTask.mm
index 4f5b4039243f662..fd2ac64ac6cf79c 100644
--- a/lldb/tools/debugserver/source/MacOSX/MachTask.mm
+++ b/lldb/tools/debugserver/source/MacOSX/MachTask.mm
@@ -145,6 +145,8 @@
 //----------------------------------------------------------------------
 void MachTask::Clear() {
   // Do any cleanup needed for this task
+  if (m_exception_thread)
+    ShutDownExcecptionThread();
   m_task = TASK_NULL;
   m_exception_thread = 0;
   m_exception_port = MACH_PORT_NULL;

``````````

</details>


https://github.com/llvm/llvm-project/pull/70979