This is an archive of the discontinued LLVM Phabricator instance.

Differential D134927

Make the sanitizer Notify callbacks asynchronous
ClosedPublic

Authored by jingham on Sep 29 2022, 5:35 PM.

Details

Reviewers
JDevlieghere
kubamracek
yln
wrotki
thetruestblue
rsundahl
Commits
rG852a4bdb25d1: Change the Sanitizer report breakpoint callbacks to asynchronous.
Summary

lldb handles breakpoints in two phases, the "sync" and "async" phase. The synchronous phase happens early in the event handling, and is for when you need to do some work before anyone else gets a chance to look at the breakpoint. It's used by the dynamic loader plugins, for instance.

As such, we're in a place where we haven't quite figured out about the current event, and are not in a state to handle another one. That makes running the expression evaluator in synchronous callbacks flakey. The Sanitizer callbacks were all registered as synchronous, even though their primary job is to call report generation functions in the target. TTTT, calling functions works better than I would have expected, but if you rapidly continue enough times over a sequence of sanitizer reports, you eventually confuse the event state machine.

I bet with enough thinking we could make expression evaluation in sync callbacks work, but it would further complicate an already complex system. And there's no reason for the sanitizer callbacks to be synchronous, they are very like user report functions in a breakpoint, and should run in the same way. So the simpler path of converting these to async seems the better one.

This patch switches the report functions from sync to async, adds some testing for continuing past sequential UBSan reports, and adds a comment telling people not to use expressions in sync callbacks. The test is not great, in that I can get this same test code to misbehave quite regularly in Xcode, but I couldn't reproduce enough of the Xcode environment in a test to produce a reliably failing test, so this test for the most part passes even without the fix.

Diff Detail

Event Timeline

jingham created this revision.Sep 29 2022, 5:35 PM
Herald added a project: Restricted Project. · View Herald TranscriptSep 29 2022, 5:35 PM
jingham requested review of this revision.Sep 29 2022, 5:35 PM
Herald added a project: Restricted Project. · View Herald TranscriptSep 29 2022, 5:35 PM
Herald added a subscriber: lldb-commits. · View Herald Transcript
Harbormaster completed remote builds in B189570: Diff 464103.Sep 29 2022, 5:39 PM
kubamracek accepted this revision.Sep 30 2022, 8:24 AM
kubamracek added reviewers: yln, wrotki, thetruestblue, rsundahl.
This revision is now accepted and ready to land.Sep 30 2022, 8:25 AM
JDevlieghere accepted this revision.Sep 30 2022, 8:56 AM

LGTM

lldb/source/Plugins/InstrumentationRuntime/ASan/InstrumentationRuntimeASan.cpp
301–310

Might be nice spell this out explicitly, like we do for the internal and hardware arguments to CreateBreakpoint

jingham added a comment.Sep 30 2022, 5:00 PM

I had to fix one other thing. I had arbitrarily made the decision that if an internal breakpoint was hit while running an expression we should stop before running its callbacks. At the time we only had internal breakpoints with sync callbacks (again mostly dynamic loader plugins) so there wasn't really an example to reason on. But with these sanitizer ones now async, we can hit this issue. The problem with hitting a breakpoint while running an expression is that those breakpoint commands could run the target in arbitrary ways, which could hit this breakpoint, and then call other commands, etc, and right now the Command Interpreter can only be invoked recursively with some care, so I outlaw that. But I think it's better for internal breakpoints to let their callbacks run, and leave it up to the callback how it wants to do its business. In the case of the sanitizers, they just don't run their reports if there's a sanitizer issue while calling a function, in other cases we're just reading memory, etc.

So I added that change to StopInfo, and updated the patch. I'll let it sit for a bit in case anyone wants to have a look. I also made variables for the "false" I was passing to SetCallback as Jonas suggested.

jingham updated this revision to Diff 464442.Sep 30 2022, 5:02 PM

Handled hitting the sanitizer breakpoint while calling a function in StopInfoBreakpoint.

Harbormaster completed remote builds in B189807: Diff 464442.Sep 30 2022, 5:05 PM
Closed by commit rG852a4bdb25d1: Change the Sanitizer report breakpoint callbacks to asynchronous. (authored by jingham). · Explain WhyOct 3 2022, 6:10 PM
This revision was automatically updated to reflect the committed changes.
jingham added a commit: rG852a4bdb25d1: Change the Sanitizer report breakpoint callbacks to asynchronous..

Revision Contents

PathSize
lldb/
include/
lldb/
Breakpoint/
5 lines
source/
Plugins/
InstrumentationRuntime/
ASan/
7 lines
MainThreadChecker/
3 lines
TSan/
7 lines
UBSan/
3 lines
Target/
36 lines
test/
API/
functionalities/
ubsan/
basic/
7 lines
14 lines

Diff 464864

lldb/include/lldb/Breakpoint/Breakpoint.h

Show First 20 LinesShow All 376 Lines▼ Show 20 Linespublic:
/// ///
/// \param[in] callback /// \param[in] callback
/// The method that will get called when the breakpoint is hit. /// The method that will get called when the breakpoint is hit.
/// \param[in] baton /// \param[in] baton
/// A void * pointer that will get passed back to the callback function. /// A void * pointer that will get passed back to the callback function.
/// \param[in] is_synchronous /// \param[in] is_synchronous
/// If \b true the callback will be run on the private event thread /// If \b true the callback will be run on the private event thread
/// before the stop event gets reported. If false, the callback will get /// before the stop event gets reported. If false, the callback will get
/// handled on the public event thread after the stop has been posted. /// handled on the public event thread while the stop event is being
/// pulled off the event queue.
/// Note: synchronous callbacks cannot cause the target to run, in
/// particular, they should not try to run the expression evaluator.
void SetCallback(BreakpointHitCallback callback, void *baton, void SetCallback(BreakpointHitCallback callback, void *baton,
bool is_synchronous = false); bool is_synchronous = false);
void SetCallback(BreakpointHitCallback callback, void SetCallback(BreakpointHitCallback callback,
const lldb::BatonSP &callback_baton_sp, const lldb::BatonSP &callback_baton_sp,
bool is_synchronous = false); bool is_synchronous = false);
void ClearCallback(); void ClearCallback();
▲ Show 20 LinesShow All 289 LinesShow Last 20 Lines

lldb/source/Plugins/InstrumentationRuntime/ASan/InstrumentationRuntimeASan.cpp

Show First 20 LinesShow All 292 Lines▼ Show 20 Linesvoid InstrumentationRuntimeASan::Activate() {
if (!symbol->ValueIsAddress() || !symbol->GetAddressRef().IsValid()) if (!symbol->ValueIsAddress() || !symbol->GetAddressRef().IsValid())
return; return;
Target &target = process_sp->GetTarget(); Target &target = process_sp->GetTarget();
addr_t symbol_address = symbol->GetAddressRef().GetOpcodeLoadAddress(&target); addr_t symbol_address = symbol->GetAddressRef().GetOpcodeLoadAddress(&target);
if (symbol_address == LLDB_INVALID_ADDRESS) if (symbol_address == LLDB_INVALID_ADDRESS)
return; return;
bool internal = true; const bool internal = true;
bool hardware = false; const bool hardware = false;
const bool sync = false;
Breakpoint *breakpoint = Breakpoint *breakpoint =
process_sp->GetTarget() process_sp->GetTarget()
.CreateBreakpoint(symbol_address, internal, hardware) .CreateBreakpoint(symbol_address, internal, hardware)
.get(); .get();
breakpoint->SetCallback(InstrumentationRuntimeASan::NotifyBreakpointHit, this, breakpoint->SetCallback(InstrumentationRuntimeASan::NotifyBreakpointHit, this,
true); sync);
JDevlieghereUnsubmitted
Not Done
ReplyInline Actions
return;
- bool internal = true;
- bool hardware = false;
+ const bool internal = true;
+ const bool hardware = false;
+ const bool synchronous = false;
Breakpoint *breakpoint =
process_sp->GetTarget()
.CreateBreakpoint(symbol_address, internal, hardware)
.get();
breakpoint->SetCallback(InstrumentationRuntimeASan::NotifyBreakpointHit, this,
- false);
+ synchronous);
breakpoint->SetBreakpointKind("address-sanitizer-report");

Might be nice spell this out explicitly, like we do for the internal and hardware arguments to CreateBreakpoint

JDevlieghere: Might be nice spell this out explicitly, like we do for the `internal` and `hardware` arguments…
breakpoint->SetBreakpointKind("address-sanitizer-report"); breakpoint->SetBreakpointKind("address-sanitizer-report");
SetBreakpointID(breakpoint->GetID()); SetBreakpointID(breakpoint->GetID());
SetActive(true); SetActive(true);
} }
void InstrumentationRuntimeASan::Deactivate() { void InstrumentationRuntimeASan::Deactivate() {
if (GetBreakpointID() != LLDB_INVALID_BREAK_ID) { if (GetBreakpointID() != LLDB_INVALID_BREAK_ID) {
ProcessSP process_sp = GetProcessSP(); ProcessSP process_sp = GetProcessSP();
if (process_sp) { if (process_sp) {
process_sp->GetTarget().RemoveBreakpointByID(GetBreakpointID()); process_sp->GetTarget().RemoveBreakpointByID(GetBreakpointID());
SetBreakpointID(LLDB_INVALID_BREAK_ID); SetBreakpointID(LLDB_INVALID_BREAK_ID);
} }
} }
SetActive(false); SetActive(false);
} }

lldb/source/Plugins/InstrumentationRuntime/MainThreadChecker/InstrumentationRuntimeMainThreadChecker.cpp

Show First 20 LinesShow All 208 Lines▼ Show 20 Linesvoid InstrumentationRuntimeMainThreadChecker::Activate() {
if (symbol_address == LLDB_INVALID_ADDRESS) if (symbol_address == LLDB_INVALID_ADDRESS)
return; return;
Breakpoint *breakpoint = Breakpoint *breakpoint =
process_sp->GetTarget() process_sp->GetTarget()
.CreateBreakpoint(symbol_address, /*internal=*/true, .CreateBreakpoint(symbol_address, /*internal=*/true,
/*hardware=*/false) /*hardware=*/false)
.get(); .get();
const bool sync = false;
breakpoint->SetCallback( breakpoint->SetCallback(
InstrumentationRuntimeMainThreadChecker::NotifyBreakpointHit, this, true); InstrumentationRuntimeMainThreadChecker::NotifyBreakpointHit, this, sync);
breakpoint->SetBreakpointKind("main-thread-checker-report"); breakpoint->SetBreakpointKind("main-thread-checker-report");
SetBreakpointID(breakpoint->GetID()); SetBreakpointID(breakpoint->GetID());
SetActive(true); SetActive(true);
} }
void InstrumentationRuntimeMainThreadChecker::Deactivate() { void InstrumentationRuntimeMainThreadChecker::Deactivate() {
SetActive(false); SetActive(false);
▲ Show 20 LinesShow All 50 LinesShow Last 20 Lines

lldb/source/Plugins/InstrumentationRuntime/TSan/InstrumentationRuntimeTSan.cpp

Show First 20 LinesShow All 909 Lines▼ Show 20 Lines if (!symbol->ValueIsAddress() || !symbol->GetAddressRef().IsValid())
return; return;
Target &target = process_sp->GetTarget(); Target &target = process_sp->GetTarget();
addr_t symbol_address = symbol->GetAddressRef().GetOpcodeLoadAddress(&target); addr_t symbol_address = symbol->GetAddressRef().GetOpcodeLoadAddress(&target);
if (symbol_address == LLDB_INVALID_ADDRESS) if (symbol_address == LLDB_INVALID_ADDRESS)
return; return;
bool internal = true; const bool internal = true;
bool hardware = false; const bool hardware = false;
const bool sync = false;
Breakpoint *breakpoint = Breakpoint *breakpoint =
process_sp->GetTarget() process_sp->GetTarget()
.CreateBreakpoint(symbol_address, internal, hardware) .CreateBreakpoint(symbol_address, internal, hardware)
.get(); .get();
breakpoint->SetCallback(InstrumentationRuntimeTSan::NotifyBreakpointHit, this, breakpoint->SetCallback(InstrumentationRuntimeTSan::NotifyBreakpointHit, this,
true); sync);
breakpoint->SetBreakpointKind("thread-sanitizer-report"); breakpoint->SetBreakpointKind("thread-sanitizer-report");
SetBreakpointID(breakpoint->GetID()); SetBreakpointID(breakpoint->GetID());
SetActive(true); SetActive(true);
} }
void InstrumentationRuntimeTSan::Deactivate() { void InstrumentationRuntimeTSan::Deactivate() {
if (GetBreakpointID() != LLDB_INVALID_BREAK_ID) { if (GetBreakpointID() != LLDB_INVALID_BREAK_ID) {
▲ Show 20 LinesShow All 135 LinesShow Last 20 Lines

lldb/source/Plugins/InstrumentationRuntime/UBSan/InstrumentationRuntimeUBSan.cpp

Show First 20 LinesShow All 269 Lines▼ Show 20 Linesvoid InstrumentationRuntimeUBSan::Activate() {
if (symbol_address == LLDB_INVALID_ADDRESS) if (symbol_address == LLDB_INVALID_ADDRESS)
return; return;
Breakpoint *breakpoint = Breakpoint *breakpoint =
process_sp->GetTarget() process_sp->GetTarget()
.CreateBreakpoint(symbol_address, /*internal=*/true, .CreateBreakpoint(symbol_address, /*internal=*/true,
/*hardware=*/false) /*hardware=*/false)
.get(); .get();
const bool sync = false;
breakpoint->SetCallback(InstrumentationRuntimeUBSan::NotifyBreakpointHit, breakpoint->SetCallback(InstrumentationRuntimeUBSan::NotifyBreakpointHit,
this, true); this, sync);
breakpoint->SetBreakpointKind("undefined-behavior-sanitizer-report"); breakpoint->SetBreakpointKind("undefined-behavior-sanitizer-report");
SetBreakpointID(breakpoint->GetID()); SetBreakpointID(breakpoint->GetID());
SetActive(true); SetActive(true);
} }
void InstrumentationRuntimeUBSan::Deactivate() { void InstrumentationRuntimeUBSan::Deactivate() {
SetActive(false); SetActive(false);
▲ Show 20 LinesShow All 52 LinesShow Last 20 Lines

lldb/source/Target/StopInfo.cpp

Show First 20 LinesShow All 356 Lines▼ Show 20 Lines if (thread_sp) {
return; return;
} }
LLDB_LOGF(log, "StopInfoBreakpoint::PerformAction - Hit a " LLDB_LOGF(log, "StopInfoBreakpoint::PerformAction - Hit a "
"breakpoint while running an expression," "breakpoint while running an expression,"
" not running commands to avoid recursion."); " not running commands to avoid recursion.");
bool ignoring_breakpoints = bool ignoring_breakpoints =
process->GetIgnoreBreakpointsInExpressions(); process->GetIgnoreBreakpointsInExpressions();
if (ignoring_breakpoints) { // Internal breakpoints should be allowed to do their job, we
m_should_stop = false; // can make sure they don't do anything that would cause recursive
// Internal breakpoints will always stop. // command execution:
for (size_t j = 0; j < num_owners; j++) { if (!m_was_all_internal) {
lldb::BreakpointLocationSP bp_loc_sp = m_should_stop = !ignoring_breakpoints;
bp_site_sp->GetOwnerAtIndex(j);
if (bp_loc_sp->GetBreakpoint().IsInternal()) {
m_should_stop = true;
break;
}
}
} else {
m_should_stop = true;
}
LLDB_LOGF(log, LLDB_LOGF(log,
"StopInfoBreakpoint::PerformAction - in expression, " "StopInfoBreakpoint::PerformAction - in expression, "
"continuing: %s.", "continuing: %s.",
m_should_stop ? "true" : "false"); m_should_stop ? "true" : "false");
Debugger::ReportWarning( Debugger::ReportWarning(
"hit breakpoint while running function, skipping commands and " "hit breakpoint while running function, skipping commands "
"conditions to prevent recursion", "and conditions to prevent recursion",
process->GetTarget().GetDebugger().GetID()); process->GetTarget().GetDebugger().GetID());
return; return;
} }
}
StoppointCallbackContext context(event_ptr, exe_ctx, false); StoppointCallbackContext context(event_ptr, exe_ctx, false);
// For safety's sake let's also grab an extra reference to the // For safety's sake let's also grab an extra reference to the
// breakpoint owners of the locations we're going to examine, since // breakpoint owners of the locations we're going to examine, since
// the locations are going to have to get back to their breakpoints, // the locations are going to have to get back to their breakpoints,
// and the locations don't keep their owners alive. I'm just // and the locations don't keep their owners alive. I'm just
// sticking the BreakpointSP's in a vector since I'm only using it to // sticking the BreakpointSP's in a vector since I'm only using it to
▲ Show 20 LinesShow All 1,093 LinesShow Last 20 Lines

lldb/test/API/functionalities/ubsan/basic/TestUbsanBasic.py

Show First 20 LinesShow All 80 Lines▼ Show 20 Lines def ubsan_tests(self):
json_line = '\n'.join(output_lines[2:]) json_line = '\n'.join(output_lines[2:])
data = json.loads(json_line) data = json.loads(json_line)
self.assertEqual(data["instrumentation_class"], "UndefinedBehaviorSanitizer") self.assertEqual(data["instrumentation_class"], "UndefinedBehaviorSanitizer")
self.assertEqual(data["description"], "misaligned-pointer-use") self.assertEqual(data["description"], "misaligned-pointer-use")
self.assertEqual(os.path.basename(data["filename"]), "main.c") self.assertEqual(os.path.basename(data["filename"]), "main.c")
self.assertEqual(data["line"], self.line_align) self.assertEqual(data["line"], self.line_align)
self.runCmd("continue") for count in range(0,8):
process.Continue()
stop_reason = thread.GetStopReason()
self.assertEqual(stop_reason, lldb.eStopReasonInstrumentation,
"Round {0} wasn't instrumentation".format(count))

lldb/test/API/functionalities/ubsan/basic/main.c

int main() { int main() {
int data[4]; int data[4];
return *(int *)(((char *)&data[0]) + 2); // align line int result = *(int *)(((char *)&data[0]) + 2); // align line
int *p = data + 5; // Index 5 out of bounds for type 'int [4]'
*p = data + 5;
*p = data + 5;
*p = data + 5;
*p = data + 5;
*p = data + 5;
*p = data + 5;
*p = data + 5;
*p = data + 5;
return 0;
} }