This is an archive of the discontinued LLVM Phabricator instance.

Differential D106171

[lldb] Avoid moving ThreadPlanSP from plans vector
ClosedPublic

Authored by kastiglione on Jul 16 2021, 11:18 AM.

Details

Reviewers
jingham
aprantl
JDevlieghere
Commits
rG41d0b20cc90f: [lldb] Avoid moving ThreadPlanSP from plans vector
Summary

Change ThreadPlanStack::PopPlan and ::DiscardPlan to not do the following:

  1. Move the last plan, leaving a moved ThreadPlanSP in the plans vector
  2. Call out to WillPop which can't guarantee that m_plans isn't accessed in its invalid state
  3. Pop the last plan off the plans vector

This leaves a period of time where the last element in the plans vector has been moved, leaving a null ThreadPlanSP in the container. There are asserts in place to prevent null ThreadPlanSP instances from being pushed on to the stack, and so this could break that invariant.

From discussion, it seems the use of std::move wasn't the result of a measured performance problem.

Diff Detail

Event Timeline

kastiglione requested review of this revision.Jul 16 2021, 11:18 AM
kastiglione created this revision.
Herald added a project: Restricted Project. · View Herald TranscriptJul 16 2021, 11:18 AM
Herald added a subscriber: lldb-commits. · View Herald Transcript
kastiglione mentioned this in D106122: Add a mutex to guard access to the ThreadPlanStack class.Jul 16 2021, 11:19 AM
Harbormaster completed remote builds in B114554: Diff 359396.Jul 16 2021, 11:50 AM
Herald added a subscriber: JDevlieghere. · View Herald TranscriptJul 16 2021, 11:50 AM
kastiglione updated this revision to Diff 359474.Jul 16 2021, 4:17 PM

Also call pop_back just after retrieving back.

Harbormaster completed remote builds in B114614: Diff 359474.Jul 16 2021, 4:17 PM
aprantl added inline comments.Jul 16 2021, 6:37 PM
lldb/source/Target/ThreadPlanStack.cpp
152–153

Should we comment that we are intentionally making a copy of the SP to avoid a race condition with std::move()?

153

It's counterintuitive that WillPop() is being called *after* the value is popped now.

kastiglione updated this revision to Diff 360290.Jul 20 2021, 3:09 PM

Rename WillPop to DidPop, and comment on m_plans invariant.

Harbormaster completed remote builds in B115206: Diff 360290.Jul 20 2021, 3:10 PM
kastiglione added a comment.Jul 20 2021, 3:11 PM

@aprantl I renamed WillPop to accurately reflect that it's DidPop. I also added a comment about the invariant that is broken when std::move is used on elements of m_plans.

kastiglione updated this revision to Diff 362229.Jul 27 2021, 4:46 PM

Re-simplify following discussion with Adrian and Jim.

Harbormaster completed remote builds in B116578: Diff 362229.Jul 27 2021, 4:47 PM
kastiglione marked 2 inline comments as done.Jul 27 2021, 4:49 PM
kastiglione edited the summary of this revision. (Show Details)Jul 27 2021, 4:53 PM
kastiglione edited the summary of this revision. (Show Details)
JDevlieghere accepted this revision.Jul 28 2021, 9:48 AM

IIRC the fact that the shared pointer is null is implementation defined and the standard just says that a moved-from object is in an undefined state.

lldb/source/Target/ThreadPlanStack.cpp
152–153

Note that moving the top element of the vector leaves it in an undefined state, which breaks the thread plan stack guarantee that the last element is valid.

This revision is now accepted and ready to land.Jul 28 2021, 9:48 AM
kastiglione added a comment.Jul 28 2021, 7:49 PM
In D106171#2910693, @JDevlieghere wrote:

IIRC the fact that the shared pointer is null is implementation defined and the standard just says that a moved-from object is in an undefined state.

According to cppreference, the move constructor says:

After the construction, *this contains a copy of the previous state of r, r is empty and its stored pointer is null.

kastiglione updated this revision to Diff 362880.Jul 29 2021, 2:14 PM
  • Reword comment using Jonas's suggestion
  • Pop the last plan right away, and thus change from WillPop to DidPop
kastiglione marked an inline comment as done.Jul 29 2021, 2:14 PM
Harbormaster completed remote builds in B117045: Diff 362880.Jul 29 2021, 2:15 PM
jingham accepted this revision.Jul 29 2021, 2:18 PM

LGTM

JDevlieghere accepted this revision.Jul 29 2021, 2:21 PM

Thanks!

This revision was landed with ongoing or failed builds.Aug 1 2021, 11:43 AM
Closed by commit rG41d0b20cc90f: [lldb] Avoid moving ThreadPlanSP from plans vector (authored by kastiglione). · Explain Why
This revision was automatically updated to reflect the committed changes.
kastiglione added a commit: rG41d0b20cc90f: [lldb] Avoid moving ThreadPlanSP from plans vector.

Revision Contents

Diff 363345

lldb/include/lldb/Target/ThreadPlan.h

Show First 20 LinesShow All 75 Lines▼ Show 20 Lines
// Your plan may also get discarded, i.e. moved from the plan stack to the // Your plan may also get discarded, i.e. moved from the plan stack to the
// "discarded plan stack". This can happen, for instance, if the plan is // "discarded plan stack". This can happen, for instance, if the plan is
// calling a function and the function call crashes and you want to unwind the // calling a function and the function call crashes and you want to unwind the
// attempt to call. So don't assume that your plan will always successfully // attempt to call. So don't assume that your plan will always successfully
// stop. Which leads to: // stop. Which leads to:
// //
// Cleaning up after your plans: // Cleaning up after your plans:
// //
// When the plan is moved from the plan stack its WillPop method is always // When the plan is moved from the plan stack its DidPop method is always
// called, no matter why. Once it is moved off the plan stack it is done, and // called, no matter why. Once it is moved off the plan stack it is done, and
// won't get a chance to run again. So you should undo anything that affects // won't get a chance to run again. So you should undo anything that affects
// target state in this method. But be sure to leave the plan able to // target state in this method. But be sure to leave the plan able to
// correctly fill the StopInfo, however. N.B. Don't wait to do clean up // correctly fill the StopInfo, however. N.B. Don't wait to do clean up
// target state till the destructor, since that will usually get called when // target state till the destructor, since that will usually get called when
// the target resumes, and you want to leave the target state correct for new // the target resumes, and you want to leave the target state correct for new
// plans in the time between when your plan gets unshipped and the next // plans in the time between when your plan gets unshipped and the next
// resume. // resume.
▲ Show 20 LinesShow All 315 Lines▼ Show 20 Linespublic:
} }
bool GetPrivate() { return m_plan_private; } bool GetPrivate() { return m_plan_private; }
void SetPrivate(bool input) { m_plan_private = input; } void SetPrivate(bool input) { m_plan_private = input; }
virtual void DidPush(); virtual void DidPush();
virtual void WillPop(); virtual void DidPop();
ThreadPlanKind GetKind() const { return m_kind; } ThreadPlanKind GetKind() const { return m_kind; }
bool IsPlanComplete(); bool IsPlanComplete();
void SetPlanComplete(bool success = true); void SetPlanComplete(bool success = true);
virtual bool IsPlanStale() { return false; } virtual bool IsPlanStale() { return false; }
▲ Show 20 LinesShow All 172 LinesShow Last 20 Lines

lldb/include/lldb/Target/ThreadPlanCallFunction.h

Show First 20 LinesShow All 62 Lines▼ Show 20 Lines lldb::ValueObjectSP GetReturnValueObject() override {
return m_return_valobj_sp; return m_return_valobj_sp;
} }
// Return the stack pointer that the function received on entry. Any stack // Return the stack pointer that the function received on entry. Any stack
// address below this should be considered invalid after the function has // address below this should be considered invalid after the function has
// been cleaned up. // been cleaned up.
lldb::addr_t GetFunctionStackPointer() { return m_function_sp; } lldb::addr_t GetFunctionStackPointer() { return m_function_sp; }
// Classes that derive from FunctionCaller, and implement their own WillPop // Classes that derive from FunctionCaller, and implement their own DidPop
// methods should call this so that the thread state gets restored if the // methods should call this so that the thread state gets restored if the
// plan gets discarded. // plan gets discarded.
void WillPop() override; void DidPop() override;
// If the thread plan stops mid-course, this will be the stop reason that // If the thread plan stops mid-course, this will be the stop reason that
// interrupted us. Once DoTakedown is called, this will be the real stop // interrupted us. Once DoTakedown is called, this will be the real stop
// reason at the end of the function call. If it hasn't been set for one or // reason at the end of the function call. If it hasn't been set for one or
// the other of these reasons, we'll return the PrivateStopReason. This is // the other of these reasons, we'll return the PrivateStopReason. This is
// needed because we want the CallFunction thread plans not to show up as the // needed because we want the CallFunction thread plans not to show up as the
// stop reason. But if something bad goes wrong, it is nice to be able to // stop reason. But if something bad goes wrong, it is nice to be able to
// tell the user what really happened. // tell the user what really happened.
▲ Show 20 LinesShow All 74 LinesShow Last 20 Lines

lldb/include/lldb/Target/ThreadPlanCallUserExpression.h

Show All 26 Lines ThreadPlanCallUserExpression(Thread &thread, Address &function,
lldb::UserExpressionSP &user_expression_sp); lldb::UserExpressionSP &user_expression_sp);
~ThreadPlanCallUserExpression() override; ~ThreadPlanCallUserExpression() override;
void GetDescription(Stream *s, lldb::DescriptionLevel level) override; void GetDescription(Stream *s, lldb::DescriptionLevel level) override;
void DidPush() override; void DidPush() override;
void WillPop() override; void DidPop() override;
lldb::StopInfoSP GetRealStopInfo() override; lldb::StopInfoSP GetRealStopInfo() override;
bool MischiefManaged() override; bool MischiefManaged() override;
void TransferExpressionOwnership() { m_manage_materialization = true; } void TransferExpressionOwnership() { m_manage_materialization = true; }
lldb::ExpressionVariableSP GetExpressionVariable() override { lldb::ExpressionVariableSP GetExpressionVariable() override {
Show All 23 Lines

lldb/include/lldb/Target/ThreadPlanStepOverBreakpoint.h

Show All 20 Linespublic:
~ThreadPlanStepOverBreakpoint() override; ~ThreadPlanStepOverBreakpoint() override;
void GetDescription(Stream *s, lldb::DescriptionLevel level) override; void GetDescription(Stream *s, lldb::DescriptionLevel level) override;
bool ValidatePlan(Stream *error) override; bool ValidatePlan(Stream *error) override;
bool ShouldStop(Event *event_ptr) override; bool ShouldStop(Event *event_ptr) override;
bool StopOthers() override; bool StopOthers() override;
lldb::StateType GetPlanRunState() override; lldb::StateType GetPlanRunState() override;
bool WillStop() override; bool WillStop() override;
void WillPop() override; void DidPop() override;
bool MischiefManaged() override; bool MischiefManaged() override;
void ThreadDestroyed() override; void ThreadDestroyed() override;
void SetAutoContinue(bool do_it); void SetAutoContinue(bool do_it);
bool ShouldAutoContinue(Event *event_ptr) override; bool ShouldAutoContinue(Event *event_ptr) override;
bool IsPlanStale() override; bool IsPlanStale() override;
lldb::addr_t GetBreakpointLoadAddress() const { return m_breakpoint_addr; } lldb::addr_t GetBreakpointLoadAddress() const { return m_breakpoint_addr; }
Show All 20 Lines

lldb/source/Target/ThreadPlan.cpp

Show First 20 LinesShow All 143 Lines▼ Show 20 Lines
lldb::user_id_t ThreadPlan::GetNextID() { lldb::user_id_t ThreadPlan::GetNextID() {
static uint32_t g_nextPlanID = 0; static uint32_t g_nextPlanID = 0;
return ++g_nextPlanID; return ++g_nextPlanID;
} }
void ThreadPlan::DidPush() {} void ThreadPlan::DidPush() {}
void ThreadPlan::WillPop() {} void ThreadPlan::DidPop() {}
bool ThreadPlan::OkayToDiscard() { bool ThreadPlan::OkayToDiscard() {
return IsMasterPlan() ? m_okay_to_discard : true; return IsMasterPlan() ? m_okay_to_discard : true;
} }
lldb::StateType ThreadPlan::RunState() { lldb::StateType ThreadPlan::RunState() {
if (m_tracer_sp && m_tracer_sp->TracingEnabled()) if (m_tracer_sp && m_tracer_sp->TracingEnabled())
return eStateStepping; return eStateStepping;
▲ Show 20 LinesShow All 128 LinesShow Last 20 Lines

lldb/source/Target/ThreadPlanCallFunction.cpp

Show First 20 LinesShow All 203 Lines▼ Show 20 Linesvoid ThreadPlanCallFunction::DoTakedown(bool success) {
} else { } else {
LLDB_LOGF(log, LLDB_LOGF(log,
"ThreadPlanCallFunction(%p): DoTakedown called as no-op for " "ThreadPlanCallFunction(%p): DoTakedown called as no-op for "
"thread 0x%4.4" PRIx64 ", m_valid: %d complete: %d.\n", "thread 0x%4.4" PRIx64 ", m_valid: %d complete: %d.\n",
static_cast<void *>(this), m_tid, m_valid, IsPlanComplete()); static_cast<void *>(this), m_tid, m_valid, IsPlanComplete());
} }
} }
void ThreadPlanCallFunction::WillPop() { DoTakedown(PlanSucceeded()); } void ThreadPlanCallFunction::DidPop() { DoTakedown(PlanSucceeded()); }
void ThreadPlanCallFunction::GetDescription(Stream *s, DescriptionLevel level) { void ThreadPlanCallFunction::GetDescription(Stream *s, DescriptionLevel level) {
if (level == eDescriptionLevelBrief) { if (level == eDescriptionLevelBrief) {
s->Printf("Function call thread plan"); s->Printf("Function call thread plan");
} else { } else {
s->Printf("Thread plan to call 0x%" PRIx64, s->Printf("Thread plan to call 0x%" PRIx64,
m_function_addr.GetLoadAddress(&GetTarget())); m_function_addr.GetLoadAddress(&GetTarget()));
} }
▲ Show 20 LinesShow All 248 LinesShow Last 20 Lines

lldb/source/Target/ThreadPlanCallUserExpression.cpp

Show First 20 LinesShow All 53 Lines▼ Show 20 Lines
} }
void ThreadPlanCallUserExpression::DidPush() { void ThreadPlanCallUserExpression::DidPush() {
ThreadPlanCallFunction::DidPush(); ThreadPlanCallFunction::DidPush();
if (m_user_expression_sp) if (m_user_expression_sp)
m_user_expression_sp->WillStartExecuting(); m_user_expression_sp->WillStartExecuting();
} }
void ThreadPlanCallUserExpression::WillPop() { void ThreadPlanCallUserExpression::DidPop() {
ThreadPlanCallFunction::WillPop(); ThreadPlanCallFunction::DidPop();
if (m_user_expression_sp) if (m_user_expression_sp)
m_user_expression_sp.reset(); m_user_expression_sp.reset();
} }
bool ThreadPlanCallUserExpression::MischiefManaged() { bool ThreadPlanCallUserExpression::MischiefManaged() {
Log *log(lldb_private::GetLogIfAllCategoriesSet(LIBLLDB_LOG_STEP)); Log *log(lldb_private::GetLogIfAllCategoriesSet(LIBLLDB_LOG_STEP));
if (IsPlanComplete()) { if (IsPlanComplete()) {
▲ Show 20 LinesShow All 46 LinesShow Last 20 Lines

lldb/source/Target/ThreadPlanStack.cpp

Show First 20 LinesShow All 143 Lines▼ Show 20 Linesvoid ThreadPlanStack::PushPlan(lldb::ThreadPlanSP new_plan_sp) {
} }
m_plans.push_back(new_plan_sp); m_plans.push_back(new_plan_sp);
new_plan_sp->DidPush(); new_plan_sp->DidPush();
} }
lldb::ThreadPlanSP ThreadPlanStack::PopPlan() { lldb::ThreadPlanSP ThreadPlanStack::PopPlan() {
std::lock_guard<std::recursive_mutex> guard(m_stack_mutex); std::lock_guard<std::recursive_mutex> guard(m_stack_mutex);
assert(m_plans.size() > 1 && "Can't pop the base thread plan"); assert(m_plans.size() > 1 && "Can't pop the base thread plan");
lldb::ThreadPlanSP plan_sp = std::move(m_plans.back()); // Note that moving the top element of the vector would leave it in an
aprantlUnsubmitted
Done
ReplyInline Actions

It's counterintuitive that WillPop() is being called *after* the value is popped now.

aprantl: It's counterintuitive that WillPop() is being called *after* the value is popped now.
aprantlUnsubmitted
Done
ReplyInline Actions

Should we comment that we are intentionally making a copy of the SP to avoid a race condition with std::move()?

aprantl: Should we comment that we are intentionally making a copy of the SP to avoid a race condition…
JDevlieghereUnsubmitted
Done
ReplyInline Actions

Note that moving the top element of the vector leaves it in an undefined state, which breaks the thread plan stack guarantee that the last element is valid.

JDevlieghere: Note that moving the top element of the vector leaves it in an undefined state, which breaks…
m_completed_plans.push_back(plan_sp); // undefined state, and break the guarantee that the stack's thread plans are
plan_sp->WillPop(); // all valid.
lldb::ThreadPlanSP plan_sp = m_plans.back();
m_plans.pop_back(); m_plans.pop_back();
m_completed_plans.push_back(plan_sp);
plan_sp->DidPop();
return plan_sp; return plan_sp;
} }
lldb::ThreadPlanSP ThreadPlanStack::DiscardPlan() { lldb::ThreadPlanSP ThreadPlanStack::DiscardPlan() {
std::lock_guard<std::recursive_mutex> guard(m_stack_mutex); std::lock_guard<std::recursive_mutex> guard(m_stack_mutex);
assert(m_plans.size() > 1 && "Can't discard the base thread plan"); assert(m_plans.size() > 1 && "Can't discard the base thread plan");
lldb::ThreadPlanSP plan_sp = std::move(m_plans.back()); // Note that moving the top element of the vector would leave it in an
m_discarded_plans.push_back(plan_sp); // undefined state, and break the guarantee that the stack's thread plans are
plan_sp->WillPop(); // all valid.
lldb::ThreadPlanSP plan_sp = m_plans.back();
m_plans.pop_back(); m_plans.pop_back();
m_discarded_plans.push_back(plan_sp);
plan_sp->DidPop();
return plan_sp; return plan_sp;
} }
// If the input plan is nullptr, discard all plans. Otherwise make sure this // If the input plan is nullptr, discard all plans. Otherwise make sure this
// plan is in the stack, and if so discard up to and including it. // plan is in the stack, and if so discard up to and including it.
void ThreadPlanStack::DiscardPlansUpToPlan(ThreadPlan *up_to_plan_ptr) { void ThreadPlanStack::DiscardPlansUpToPlan(ThreadPlan *up_to_plan_ptr) {
std::lock_guard<std::recursive_mutex> guard(m_stack_mutex); std::lock_guard<std::recursive_mutex> guard(m_stack_mutex);
int stack_size = m_plans.size(); int stack_size = m_plans.size();
▲ Show 20 LinesShow All 337 LinesShow Last 20 Lines

lldb/source/Target/ThreadPlanStepOverBreakpoint.cpp

Show First 20 LinesShow All 118 Lines▼ Show 20 Linesbool ThreadPlanStepOverBreakpoint::DoWillResume(StateType resume_state,
return true; return true;
} }
bool ThreadPlanStepOverBreakpoint::WillStop() { bool ThreadPlanStepOverBreakpoint::WillStop() {
ReenableBreakpointSite(); ReenableBreakpointSite();
return true; return true;
} }
void ThreadPlanStepOverBreakpoint::WillPop() { void ThreadPlanStepOverBreakpoint::DidPop() { ReenableBreakpointSite(); }
ReenableBreakpointSite();
}
bool ThreadPlanStepOverBreakpoint::MischiefManaged() { bool ThreadPlanStepOverBreakpoint::MischiefManaged() {
lldb::addr_t pc_addr = GetThread().GetRegisterContext()->GetPC(); lldb::addr_t pc_addr = GetThread().GetRegisterContext()->GetPC();
if (pc_addr == m_breakpoint_addr) { if (pc_addr == m_breakpoint_addr) {
// If we are still at the PC of our breakpoint, then for some reason we // If we are still at the PC of our breakpoint, then for some reason we
// didn't get a chance to run. // didn't get a chance to run.
return false; return false;
Show All 36 Lines