This is an archive of the discontinued LLVM Phabricator instance.

Differential D15978

Prevent infinite recursive loop in AppleObjCTrampolineHandler constructor
ClosedPublic

Authored by fjricci on Jan 7 2016, 3:48 PM.

Details

Reviewers
clayborg
jingham
Commits
rG728384a05ecf: Prevent infinite recursive loop in AppleObjCTrampolineHandler constructor
rLLDB257204: Prevent infinite recursive loop in AppleObjCTrampolineHandler constructor
Summary

When we construct AppleObjCTrampolineHandler, if m_impl_fn_addr is invalid, we call CanJIT(). If the gdb remote process does not support allocating and deallocating memory, this call stack will include a call to the AppleObjCRuntime constructor. The AppleObjCRuntime constructor will then call the AppleObjCTrampolineHandler constructor, creating a recursive call loop that eventually overflows the stack and segfaults.

Avoid this call loop by not constructing the AppleObjCTrampolineHandler within AppleObjCRuntime until we actually need to use it.

Diff Detail

Event Timeline

fjricci updated this revision to Diff 44279.Jan 7 2016, 3:48 PM
fjricci retitled this revision from to Prevent infinite recursive loop in AppleObjCTrampolineHandler constructor.
fjricci updated this object.
fjricci added reviewers: clayborg, jingham.
fjricci added subscribers: lldb-commits, sas.
jingham edited edge metadata.Jan 7 2016, 4:11 PM

Can you post the backtrace in this case? It seems to me odd that CanJIT -> AllocateMemory needs to construct the AppleObjCRuntime to do its job. I'd rather cut the chain at that point if it makes sense.

fjricci added a comment.EditedJan 7 2016, 5:41 PM

Here's a paste of the end of the backtrace.

pastebin.com/3VkF3Biq

jingham added a comment.Jan 7 2016, 6:01 PM

Ah, right. We're doing that so that we can make sure that an ObjC Exception thrown during the course of expression evaluation doesn't unwind past the frame we are using to call the function.

Seems like for low-level stuff like AllocateMemory we should be avoiding all this extra work, which you can do by calling options.SetTrapExceptions(false) on the ExpressionEvaluationOptions that you pass in to the thread plan in InferiorCallMmap in InferiorCallPOSIX.cpp.

Would you mind checking that adding that bit to InferiorCallMmap (without your change to avoid recursion fixes the problem as well.) I don't mind the current change as well, but it would be really nice to get the ObjC runtime out of the picture when trying to allocate memory...

jingham added a comment.Jan 7 2016, 6:03 PM

That penultimate sentence would be clearer if I had put the end ")" in the right place - after "recursion"

fjricci updated this revision to Diff 44305.Jan 7 2016, 6:59 PM
fjricci edited edge metadata.

Follow suggestion by @jingham to avoid setting up ObjC runtime for low-level POSIX memory allocations

fjricci added a comment.Jan 7 2016, 7:00 PM

@jingham - your suggestion does avoid the recursion as well, and seems a lot cleaner.

jingham added a comment.Jan 7 2016, 7:09 PM

Cool! For completeness I think it is a good idea to do this to all the functions in InferiorCallPOSIX. For the general InferiorCall one it might be a good idea to add a defaulted (to false) parameter so that if somebody really needs to use it for something that might throw they can. But this is for calling simple low level function which shouldn't be throwing, so defaulting to not firing up the runtimes to catch exceptions is more appropriate.

Then this is good to go.

clayborg accepted this revision.Jan 8 2016, 9:36 AM
clayborg edited edge metadata.
This revision is now accepted and ready to land.Jan 8 2016, 9:36 AM
fjricci added a comment.Jan 8 2016, 11:23 AM

Would you still like me to make the parameter change to InferiorCallMmap before merging?

jingham added a comment.Jan 8 2016, 11:31 AM

If you don't mind, please add the same code to the InferiorCallMunmap, and then add the same thing to InferiorCall, but that's the one that should take a parameter in case somebody does end up using the general function for something that could throw. Otherwise we'll just end up coming back to this again later...

fjricci added a comment.Jan 8 2016, 11:32 AM

Sounds good, will do.

fjricci updated this revision to Diff 44361.Jan 8 2016, 12:27 PM
fjricci edited edge metadata.

Disable exception trapping by default on all functions in InferiorCallPOSIX

jingham accepted this revision.Jan 8 2016, 12:29 PM
jingham edited edge metadata.

Great, thanks!

sas closed this revision.Jan 8 2016, 12:36 PM

Committed as r257204.

Revision Contents

PathSize
source/
Plugins/
Process/
Utility/
3 lines
6 lines

Diff 44361

source/Plugins/Process/Utility/InferiorCallPOSIX.h

Show All 25 Lines
}; };
bool InferiorCallMmap(Process *proc, lldb::addr_t &allocated_addr, bool InferiorCallMmap(Process *proc, lldb::addr_t &allocated_addr,
lldb::addr_t addr, lldb::addr_t length, unsigned prot, lldb::addr_t addr, lldb::addr_t length, unsigned prot,
unsigned flags, lldb::addr_t fd, lldb::addr_t offset); unsigned flags, lldb::addr_t fd, lldb::addr_t offset);
bool InferiorCallMunmap(Process *proc, lldb::addr_t addr, lldb::addr_t length); bool InferiorCallMunmap(Process *proc, lldb::addr_t addr, lldb::addr_t length);
bool InferiorCall(Process *proc, const Address *address, lldb::addr_t &returned_func); bool InferiorCall(Process *proc, const Address *address, lldb::addr_t &returned_func,
bool trap_exceptions = false);
} // namespace lldb_private } // namespace lldb_private
#endif // lldb_InferiorCallPOSIX_h_ #endif // lldb_InferiorCallPOSIX_h_

source/Plugins/Process/Utility/InferiorCallPOSIX.cpp

Show First 20 LinesShow All 66 Lines▼ Show 20 Lines if (count > 0)
const bool use_inline_block_range = false; const bool use_inline_block_range = false;
EvaluateExpressionOptions options; EvaluateExpressionOptions options;
options.SetStopOthers(true); options.SetStopOthers(true);
options.SetUnwindOnError(true); options.SetUnwindOnError(true);
options.SetIgnoreBreakpoints(true); options.SetIgnoreBreakpoints(true);
options.SetTryAllThreads(true); options.SetTryAllThreads(true);
options.SetDebug (false); options.SetDebug (false);
options.SetTimeoutUsec(500000); options.SetTimeoutUsec(500000);
options.SetTrapExceptions(false);
addr_t prot_arg, flags_arg = 0; addr_t prot_arg, flags_arg = 0;
if (prot == eMmapProtNone) if (prot == eMmapProtNone)
prot_arg = PROT_NONE; prot_arg = PROT_NONE;
else { else {
prot_arg = 0; prot_arg = 0;
if (prot & eMmapProtExec) if (prot & eMmapProtExec)
prot_arg |= PROT_EXEC; prot_arg |= PROT_EXEC;
▲ Show 20 LinesShow All 84 Lines▼ Show 20 Lines if (count > 0)
const bool use_inline_block_range = false; const bool use_inline_block_range = false;
EvaluateExpressionOptions options; EvaluateExpressionOptions options;
options.SetStopOthers(true); options.SetStopOthers(true);
options.SetUnwindOnError(true); options.SetUnwindOnError(true);
options.SetIgnoreBreakpoints(true); options.SetIgnoreBreakpoints(true);
options.SetTryAllThreads(true); options.SetTryAllThreads(true);
options.SetDebug (false); options.SetDebug (false);
options.SetTimeoutUsec(500000); options.SetTimeoutUsec(500000);
options.SetTrapExceptions(false);
AddressRange munmap_range; AddressRange munmap_range;
if (sc.GetAddressRange(range_scope, 0, use_inline_block_range, munmap_range)) if (sc.GetAddressRange(range_scope, 0, use_inline_block_range, munmap_range))
{ {
lldb::addr_t args[] = { addr, length }; lldb::addr_t args[] = { addr, length };
lldb::ThreadPlanSP call_plan_sp (new ThreadPlanCallFunction (*thread, lldb::ThreadPlanSP call_plan_sp (new ThreadPlanCallFunction (*thread,
munmap_range.GetBaseAddress(), munmap_range.GetBaseAddress(),
CompilerType(), CompilerType(),
Show All 26 Lines
} }
// FIXME: This has nothing to do with Posix, it is just a convenience function that calls a // FIXME: This has nothing to do with Posix, it is just a convenience function that calls a
// function of the form "void * (*)(void)". We should find a better place to put this. // function of the form "void * (*)(void)". We should find a better place to put this.
bool bool
lldb_private::InferiorCall (Process *process, lldb_private::InferiorCall (Process *process,
const Address *address, const Address *address,
addr_t &returned_func) addr_t &returned_func,
bool trap_exceptions)
{ {
Thread *thread = process->GetThreadList().GetSelectedThread().get(); Thread *thread = process->GetThreadList().GetSelectedThread().get();
if (thread == NULL || address == NULL) if (thread == NULL || address == NULL)
return false; return false;
EvaluateExpressionOptions options; EvaluateExpressionOptions options;
options.SetStopOthers(true); options.SetStopOthers(true);
options.SetUnwindOnError(true); options.SetUnwindOnError(true);
options.SetIgnoreBreakpoints(true); options.SetIgnoreBreakpoints(true);
options.SetTryAllThreads(true); options.SetTryAllThreads(true);
options.SetDebug (false); options.SetDebug (false);
options.SetTimeoutUsec(500000); options.SetTimeoutUsec(500000);
options.SetTrapExceptions(trap_exceptions);
ClangASTContext *clang_ast_context = process->GetTarget().GetScratchClangASTContext(); ClangASTContext *clang_ast_context = process->GetTarget().GetScratchClangASTContext();
CompilerType clang_void_ptr_type = clang_ast_context->GetBasicType(eBasicTypeVoid).GetPointerType(); CompilerType clang_void_ptr_type = clang_ast_context->GetBasicType(eBasicTypeVoid).GetPointerType();
lldb::ThreadPlanSP call_plan_sp (new ThreadPlanCallFunction (*thread, lldb::ThreadPlanSP call_plan_sp (new ThreadPlanCallFunction (*thread,
*address, *address,
clang_void_ptr_type, clang_void_ptr_type,
llvm::ArrayRef<addr_t>(), llvm::ArrayRef<addr_t>(),
options)); options));
Show All 34 Lines