[lldb-dev] Race condition crashes during launching LLDB

Jeffrey Tan via lldb-dev lldb-dev at lists.llvm.org
Thu Feb 4 17:27:04 PST 2016 

Hi,

I am revising our lldb automation tests into async mode. However, I found
it randomly crashes depends on timing. And the crash happens mostly while
launching lldb twice in a row. I have narrowed down the code into a simple
repro below. Any assumption I made wrong with the LLDB API here?

The crash stack seems to be not consistently. In the small repro below, the
crash stack is:
Crashed Thread:        0  Dispatch queue: com.apple.main-thread

Exception Type:        EXC_BAD_ACCESS (SIGSEGV)
Exception Codes:       EXC_I386_GPFLT

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   _lldb.so                       0x00000001088c7179
EventMatcher::operator()(std::__1::shared_ptr<lldb_private::Event> const&)
const + 21
1   _lldb.so                       0x00000001088c65d2
lldb_private::Listener::FindNextEventInternal(lldb_private::Broadcaster*,
lldb_private::ConstString const*, unsigned int, unsigned int,
std::__1::shared_ptr<lldb_private::Event>&, bool) + 176
2   _lldb.so                       0x00000001088c6952
lldb_private::Listener::WaitForEventsInternal(lldb_private::TimeValue
const*, lldb_private::Broadcaster*, lldb_private::ConstString const*,
unsigned int, unsigned int, std::__1::shared_ptr<lldb_private::Event>&) +
134
3   _lldb.so                       0x00000001088c6ae9
lldb_private::Listener::WaitForEventForBroadcasterWithType(lldb_private::TimeValue
const*, lldb_private::Broadcaster*, unsigned int,
std::__1::shared_ptr<lldb_private::Event>&) + 27
4   _lldb.so                       0x0000000108abce6c
lldb_private::Process::WaitForStateChangedEvents(lldb_private::TimeValue
const*, std::__1::shared_ptr<lldb_private::Event>&,
lldb_private::Listener*) + 112
5   _lldb.so                       0x0000000108abcc95
lldb_private::Process::WaitForProcessToStop(lldb_private::TimeValue const*,
std::__1::shared_ptr<lldb_private::Event>*, bool, lldb_private::Listener*,
lldb_private::Stream*) + 377
6   _lldb.so                       0x0000000108ac516a
lldb_private::Process::HaltForDestroyOrDetach(std::__1::shared_ptr<lldb_private::Event>&)
+ 216
7   _lldb.so                       0x0000000108abc8b0
lldb_private::Process::Destroy(bool) + 146
8   _lldb.so                       0x0000000108abc56d
lldb_private::Process::Finalize() + 91
9   _lldb.so                       0x00000001088b63c4
lldb_private::Debugger::Clear() + 148
10  _lldb.so                       0x00000001088b61fd
lldb_private::Debugger::Destroy(std::__1::shared_ptr<lldb_private::Debugger>&)
+ 37
11  _lldb.so                       0x0000000106bdb144
lldb::SBDebugger::Destroy(lldb::SBDebugger&) + 116
12  _lldb.so                       0x0000000106c23daf
_wrap_SBDebugger_Destroy(_object*, _object*) + 120
13  org.python.python             0x00000001058dd75f PyEval_EvalFrameEx +
12761

while in the real unit test it is crashing at:
Thread 12 Crashed:
0   libsystem_kernel.dylib         0x00007fff8635a286 __pthread_kill + 10
1   libsystem_c.dylib             0x00007fff919409b3 abort + 129
2   libc++abi.dylib               0x00007fff8a94ea21 abort_message + 257
3   libc++abi.dylib               0x00007fff8a9769d1
default_terminate_handler() + 267
4   libobjc.A.dylib               0x00007fff935e77eb _objc_terminate() + 124
5   libc++abi.dylib               0x00007fff8a9740a1 std::__terminate(void
(*)()) + 8
6   libc++abi.dylib               0x00007fff8a973b30 __cxa_throw + 121
7   com.apple.LLDB.framework       0x000000010b994c6b
std::__1::shared_ptr<lldb_private::Process>::shared_ptr<lldb_private::Process>(std::__1::weak_ptr<lldb_private::Process>
const&, std::__1::enable_if<is_convertible<lldb_private::Process*,
lldb_private::Process*>::value,
std::__1::shared_ptr<lldb_private::Process>::__nat>::type) + 99
8   com.apple.LLDB.framework       0x000000010b8ac762
lldb_private::Process::AppendSTDOUT(char const*, unsigned long) + 86
9   com.apple.LLDB.framework       0x000000010b6951d7
lldb_private::Communication::ReadThread(void*) + 287
10  libsystem_pthread.dylib       0x00007fff8d92c05a _pthread_body + 131
11  libsystem_pthread.dylib       0x00007fff8d92bfd7 _pthread_start + 176


================Repro Code====================

def wait_for_process_stop(process):
    while not process.is_stopped:
        time.sleep(0.1)

def launch_debugging(debugger, stop_at_entry):
    error = lldb.SBError()
    listener = lldb.SBListener('Chrome Dev Tools Listener')
    target = debugger.GetSelectedTarget()
    process = target.Launch (listener,
                    None,      # argv
                    None,      # envp
                    None,      # stdin_path
                    None,      # stdout_path
                    None,      # stderr_path
                    None,      # working directory
                    0,         # launch flags
                    stop_at_entry,      # Stop at entry
                    error)     # error
    print 'Launch result: %s' % str(error)
    event_thread = LLDBListenerThread(debugger)
    event_thread.start()
    return process

def do_test():
    debugger = lldb.SBDebugger.Create()
    debugger.SetAsync(True)
    target = debugger.CreateTargetWithFileAndArch(executable_path,
lldb.LLDB_ARCH_DEFAULT)

    process = launch_debugging(debugger, stop_at_entry=True)

    wait_for_process_stop(process) # wait for entry breakpoint.
    target.BreakpointCreateByName('main')
    process.Continue()
    wait_for_process_stop(process) # wait for main breakpoint.
    lldb.SBDebugger.Destroy(debugger)

def main():
    do_test()
    do_test()
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/lldb-dev/attachments/20160204/3f0dd767/attachment-0001.html>

More information about the lldb-dev mailing list