This is an archive of the discontinued LLVM Phabricator instance.

Paths

Table of Contentst

-
lldb/
-
include/lldb/Core/
-
lldb/
-
Core/
-
Communication.h
-
ThreadedCommunication.h
-
source/
-
Core/
1/5
Communication.cpp
1/1
ThreadedCommunication.cpp
-
Plugins/Process/MacOSX-Kernel/
-
Process/
-
MacOSX-Kernel/
1/1
ProcessKDP.cpp

Differential D157159

[lldb] Properly protect the Communication class with reader/writer lock
AbandonedPublic

Authored by JDevlieghere on Aug 4 2023, 4:41 PM.

Download Raw Diff

Details

Reviewers

aprantl
augusto2112
bulbazord

Summary

The Communication class was trying to (ab)use unique_ptr's atomic properties to protected it from concurrent access. Replace it with a regular reader/writer lock.

Diff Detail

Event Timeline

JDevlieghere created this revision.Aug 4 2023, 4:41 PM

Herald added a project: Restricted Project. · View Herald TranscriptAug 4 2023, 4:41 PM

JDevlieghere requested review of this revision.Aug 4 2023, 4:41 PM

Harbormaster completed remote builds in B250467: Diff 547403.Aug 4 2023, 4:44 PM

On the description you mention unique_ptr but I only see shared_ptr here. Was that a typo or do you mean that users of this class kept it behind a unique_ptr?

In any case I think this change is great.

lldb/source/Core/Communication.cpp
35	Do you think it's possible that between the call to `Clear` and this lock someone acquires the lock?

This revision is now accepted and ready to land.Aug 4 2023, 5:02 PM

bulbazord added a subscriber: bulbazord.Aug 4 2023, 5:02 PM

bulbazord added inline comments.

lldb/source/Core/Communication.cpp
34–35	I think this one may be slightly incorrect. Here's how I imagine it going wrong: Thread 1 calls Connect. It only runs `Clear()` (which disconnects) and then Thread 2 is scheduled. Thread 2 then calls Connect. It also only runs `Clear()` and then Thread 1 is scheduled. Thread 1 grabs the lock, connects, and exits. Thread 2 also grabs the lock, connects, and exits. I'm not sure how gracefully `Connection::Connect` handles another connection if not properly disconnected from the first url beforehand. Reading through some of the `Connection` derived class implementations of `Connect` I'm not sure exactly what will happen though. The documentation isn't much clearer either...

JDevlieghere added inline comments.Aug 4 2023, 5:26 PM

lldb/source/Core/Communication.cpp
35	Yes, you're both correct. We can't use the `ClearUnlocked` trick here because it's `Disconnect` that locks and `Clear` is virtual. I'll need to play around with this. Maybe we don't need a `Clear` and we can call `DisconnectUnlocked` directly ?

bulbazord added inline comments.Aug 4 2023, 5:34 PM

lldb/source/Core/Communication.cpp
35	Yeah calling `Disconnect` in an unlocked fashion would solve that if you called it after locking in `Connect`.

Remove Communication::Clear method

JDevlieghere added inline comments.Aug 6 2023, 9:20 PM

lldb/source/Core/ThreadedCommunication.cpp
63–67	This wasn't used: nobody called `Clear` on an instance of `ThreadedCommunication`.
lldb/source/Plugins/Process/MacOSX-Kernel/ProcessKDP.cpp
560	According to the comment on line 541 this is wrong: // We are running and we can't interrupt a running kernel, so we need to // just close the connection to the kernel and hope for the best `m_comm` is an instance of `CommunicationKDP` which didn't override `Communication::Clear` and hence just called `Disconnected`.

Harbormaster completed remote builds in B250671: Diff 547639.Aug 6 2023, 9:21 PM

LGTM

lldb/source/Core/Communication.cpp
115–118	Unrelated to your patch but something about this is triggering my spider sense. Is it possible that `status == eConnectionStatusSuccess` while `WriteUnlocked` returns 0? This might end up in an infinite loop then, no? Obviously you don't need to address this since it's unrelated, but something to think about for resiliency.

Abandoning this in favor of D157347

augusto2112 mentioned this in D157760: [lldb] Properly protect the Communication class with reader/writer lock.Aug 11 2023, 2:56 PM

augusto2112 mentioned this in rG5d16957207ce: [lldb] Properly protect the Communication class with reader/writer lock.Aug 15 2023, 3:47 PM

Revision Contents

Path

Size

lldb/

include/

lldb/

Core/

Communication.h

11 lines

ThreadedCommunication.h

2 lines

source/

Core/

Communication.cpp

72 lines

ThreadedCommunication.cpp

6 lines

Plugins/

Process/

MacOSX-Kernel/

ProcessKDP.cpp

1 line

Diff 547639

lldb/include/lldb/Core/Communication.h

Show All 9 Lines
#define LLDB_CORE_COMMUNICATION_H		#define LLDB_CORE_COMMUNICATION_H

#include "lldb/Utility/Timeout.h"		#include "lldb/Utility/Timeout.h"
#include "lldb/lldb-defines.h"		#include "lldb/lldb-defines.h"
#include "lldb/lldb-enumerations.h"		#include "lldb/lldb-enumerations.h"
#include "lldb/lldb-forward.h"		#include "lldb/lldb-forward.h"
#include "lldb/lldb-types.h"		#include "lldb/lldb-types.h"

#include <mutex>		#include <shared_mutex>
#include <string>		#include <string>

namespace lldb_private {		namespace lldb_private {
class Connection;		class Connection;
class ConstString;		class ConstString;
class Status;		class Status;

/// \class Communication Communication.h "lldb/Core/Communication.h" An		/// \class Communication Communication.h "lldb/Core/Communication.h" An
Show All 14 Lines	public:
/// Construct the Communication object.		/// Construct the Communication object.
Communication();		Communication();

/// Destructor.		/// Destructor.
///		///
/// The destructor is virtual since this class gets subclassed.		/// The destructor is virtual since this class gets subclassed.
virtual ~Communication();		virtual ~Communication();

virtual void Clear();

/// Connect using the current connection by passing \a url to its connect		/// Connect using the current connection by passing \a url to its connect
/// function. string.		/// function. string.
///		///
/// \param[in] url		/// \param[in] url
/// A string that contains all information needed by the		/// A string that contains all information needed by the
/// subclass to connect to another client.		/// subclass to connect to another client.
///		///
/// \return		/// \return
▲ Show 20 Lines • Show All 101 Lines • ▼ Show 20 Lines	public:

static std::string ConnectionStatusAsString(lldb::ConnectionStatus status);		static std::string ConnectionStatusAsString(lldb::ConnectionStatus status);

bool GetCloseOnEOF() const { return m_close_on_eof; }		bool GetCloseOnEOF() const { return m_close_on_eof; }

void SetCloseOnEOF(bool b) { m_close_on_eof = b; }		void SetCloseOnEOF(bool b) { m_close_on_eof = b; }

protected:		protected:
		size_t WriteUnlocked(const void *src, size_t src_len,
		lldb::ConnectionStatus &status, Status *error_ptr);
		lldb::ConnectionStatus DisconnectUnlocked(Status *error_ptr = nullptr);

lldb::ConnectionSP m_connection_sp; ///< The connection that is current in use		lldb::ConnectionSP m_connection_sp; ///< The connection that is current in use
///by this communications class.		///by this communications class.
std::mutex		mutable std::shared_mutex m_shared_mutex;
m_write_mutex; ///< Don't let multiple threads write at the same time...
bool m_close_on_eof;		bool m_close_on_eof;

size_t ReadFromConnection(void *dst, size_t dst_len,		size_t ReadFromConnection(void *dst, size_t dst_len,
const Timeout<std::micro> &timeout,		const Timeout<std::micro> &timeout,
lldb::ConnectionStatus &status, Status *error_ptr);		lldb::ConnectionStatus &status, Status *error_ptr);

private:		private:
Communication(const Communication &) = delete;		Communication(const Communication &) = delete;
const Communication &operator=(const Communication &) = delete;		const Communication &operator=(const Communication &) = delete;
};		};

} // namespace lldb_private		} // namespace lldb_private

#endif // LLDB_CORE_COMMUNICATION_H		#endif // LLDB_CORE_COMMUNICATION_H

lldb/include/lldb/Core/ThreadedCommunication.h

Show First 20 Lines • Show All 91 Lines • ▼ Show 20 Lines	public:
/// is called.		/// is called.
ThreadedCommunication(const char *broadcaster_name);		ThreadedCommunication(const char *broadcaster_name);

/// Destructor.		/// Destructor.
///		///
/// The destructor is virtual since this class gets subclassed.		/// The destructor is virtual since this class gets subclassed.
~ThreadedCommunication() override;		~ThreadedCommunication() override;

void Clear() override;

/// Disconnect the communications connection if one is currently connected.		/// Disconnect the communications connection if one is currently connected.
///		///
/// \return		/// \return
/// \b True if the disconnect succeeded, \b false otherwise. The		/// \b True if the disconnect succeeded, \b false otherwise. The
/// internal error object should be filled in with an		/// internal error object should be filled in with an
/// appropriate value based on the result of this function.		/// appropriate value based on the result of this function.
///		///
/// \see Status& Communication::GetError ();		/// \see Status& Communication::GetError ();
▲ Show 20 Lines • Show All 179 Lines • Show Last 20 Lines

lldb/source/Core/Communication.cpp

	Show All 21 Lines
	#include <cerrno>			#include <cerrno>
	#include <cinttypes>			#include <cinttypes>
	#include <cstdio>			#include <cstdio>

	using namespace lldb;			using namespace lldb;
	using namespace lldb_private;			using namespace lldb_private;

	Communication::Communication()			Communication::Communication()
	: m_connection_sp(), m_write_mutex(), m_close_on_eof(true) {			: m_connection_sp(), m_shared_mutex(), m_close_on_eof(true) {}
	}

	Communication::~Communication() {
	Clear();
	}

	void Communication::Clear() {			Communication::~Communication() { Disconnect(nullptr); }
	Disconnect(nullptr);
	}

	ConnectionStatus Communication::Connect(const char url, Status error_ptr) {			ConnectionStatus Communication::Connect(const char url, Status error_ptr) {
	Clear();

	LLDB_LOG(GetLog(LLDBLog::Communication),			LLDB_LOG(GetLog(LLDBLog::Communication),
				bulbazordUnsubmitted Not Done Reply Inline Actions I think this one may be slightly incorrect. Here's how I imagine it going wrong: Thread 1 calls Connect. It only runs `Clear()` (which disconnects) and then Thread 2 is scheduled. Thread 2 then calls Connect. It also only runs `Clear()` and then Thread 1 is scheduled. Thread 1 grabs the lock, connects, and exits. Thread 2 also grabs the lock, connects, and exits. I'm not sure how gracefully `Connection::Connect` handles another connection if not properly disconnected from the first url beforehand. Reading through some of the `Connection` derived class implementations of `Connect` I'm not sure exactly what will happen though. The documentation isn't much clearer either... bulbazord: I think this one //may// be slightly incorrect. Here's how I imagine it going wrong: - Thread…
				augusto2112Unsubmitted Not Done Reply Inline Actions Do you think it's possible that between the call to `Clear` and this lock someone acquires the lock? augusto2112: Do you think it's possible that between the call to `Clear` and this lock someone acquires the…
				JDevlieghereAuthorUnsubmitted Done Reply Inline Actions Yes, you're both correct. We can't use the `ClearUnlocked` trick here because it's `Disconnect` that locks and `Clear` is virtual. I'll need to play around with this. Maybe we don't need a `Clear` and we can call `DisconnectUnlocked` directly ? JDevlieghere: Yes, you're both correct. We can't use the `ClearUnlocked` trick here because it's `Disconnect`…
				bulbazordUnsubmitted Not Done Reply Inline Actions Yeah calling `Disconnect` in an unlocked fashion would solve that if you called it after locking in `Connect`. bulbazord: Yeah calling `Disconnect` in an unlocked fashion would solve that if you called it after…
	"{0} Communication::Connect (url = {1})", this, url);			"{0} Communication::Connect (url = {1})", this, url);

	lldb::ConnectionSP connection_sp(m_connection_sp);			std::unique_lock guard(m_shared_mutex);
	if (connection_sp)
	return connection_sp->Connect(url, error_ptr);			DisconnectUnlocked();

				if (m_connection_sp)
				return m_connection_sp->Connect(url, error_ptr);
	if (error_ptr)			if (error_ptr)
	error_ptr->SetErrorString("Invalid connection.");			error_ptr->SetErrorString("Invalid connection.");
	return eConnectionStatusNoConnection;			return eConnectionStatusNoConnection;
	}			}

	ConnectionStatus Communication::Disconnect(Status *error_ptr) {			ConnectionStatus Communication::Disconnect(Status *error_ptr) {
				std::unique_lock guard(m_shared_mutex);
				return DisconnectUnlocked();
				}

				ConnectionStatus Communication::DisconnectUnlocked(Status *error_ptr) {
	LLDB_LOG(GetLog(LLDBLog::Communication), "{0} Communication::Disconnect ()",			LLDB_LOG(GetLog(LLDBLog::Communication), "{0} Communication::Disconnect ()",
	this);			this);

	lldb::ConnectionSP connection_sp(m_connection_sp);			if (m_connection_sp) {
	if (connection_sp) {			ConnectionStatus status = m_connection_sp->Disconnect(error_ptr);
	ConnectionStatus status = connection_sp->Disconnect(error_ptr);
	// We currently don't protect connection_sp with any mutex for multi-
	// threaded environments. So lets not nuke our connection class without
	// putting some multi-threaded protections in. We also probably don't want
	// to pay for the overhead it might cause if every time we access the
	// connection we have to take a lock.
	//
	// This unique pointer will cleanup after itself when this object goes
	// away, so there is no need to currently have it destroy itself
	// immediately upon disconnect.
	// connection_sp.reset();
	return status;			return status;
	}			}
	return eConnectionStatusNoConnection;			return eConnectionStatusNoConnection;
	}			}

	bool Communication::IsConnected() const {			bool Communication::IsConnected() const {
	lldb::ConnectionSP connection_sp(m_connection_sp);			std::shared_lock guard(m_shared_mutex);
	return (connection_sp ? connection_sp->IsConnected() : false);			return (m_connection_sp ? m_connection_sp->IsConnected() : false);
	}			}

	bool Communication::HasConnection() const {			bool Communication::HasConnection() const {
				std::shared_lock guard(m_shared_mutex);
	return m_connection_sp.get() != nullptr;			return m_connection_sp.get() != nullptr;
	}			}

	size_t Communication::Read(void *dst, size_t dst_len,			size_t Communication::Read(void *dst, size_t dst_len,
	const Timeout<std::micro> &timeout,			const Timeout<std::micro> &timeout,
	ConnectionStatus &status, Status *error_ptr) {			ConnectionStatus &status, Status *error_ptr) {
	Log *log = GetLog(LLDBLog::Communication);			std::shared_lock guard(m_shared_mutex);
	LLDB_LOG(			LLDB_LOG(
	log,			GetLog(LLDBLog::Communication),
	"this = {0}, dst = {1}, dst_len = {2}, timeout = {3}, connection = {4}",			"this = {0}, dst = {1}, dst_len = {2}, timeout = {3}, connection = {4}",
	this, dst, dst_len, timeout, m_connection_sp.get());			this, dst, dst_len, timeout, m_connection_sp.get());

	return ReadFromConnection(dst, dst_len, timeout, status, error_ptr);			return ReadFromConnection(dst, dst_len, timeout, status, error_ptr);
	}			}

	size_t Communication::Write(const void *src, size_t src_len,			size_t Communication::Write(const void *src, size_t src_len,
	ConnectionStatus &status, Status *error_ptr) {			ConnectionStatus &status, Status *error_ptr) {
	lldb::ConnectionSP connection_sp(m_connection_sp);			std::unique_lock guard(m_shared_mutex);
				return WriteUnlocked(src, src_len, status, error_ptr);
				}

	std::lock_guard<std::mutex> guard(m_write_mutex);			size_t Communication::WriteUnlocked(const void *src, size_t src_len,
				ConnectionStatus &status,
				Status *error_ptr) {
	LLDB_LOG(GetLog(LLDBLog::Communication),			LLDB_LOG(GetLog(LLDBLog::Communication),
	"{0} Communication::Write (src = {1}, src_len = {2}"			"{0} Communication::Write (src = {1}, src_len = {2}"
	") connection = {3}",			") connection = {3}",
	this, src, (uint64_t)src_len, connection_sp.get());			this, src, (uint64_t)src_len, m_connection_sp.get());

	if (connection_sp)			if (m_connection_sp)
	return connection_sp->Write(src, src_len, status, error_ptr);			return m_connection_sp->Write(src, src_len, status, error_ptr);

	if (error_ptr)			if (error_ptr)
	error_ptr->SetErrorString("Invalid connection.");			error_ptr->SetErrorString("Invalid connection.");
	status = eConnectionStatusNoConnection;			status = eConnectionStatusNoConnection;
	return 0;			return 0;
	}			}

	size_t Communication::WriteAll(const void *src, size_t src_len,			size_t Communication::WriteAll(const void *src, size_t src_len,
	ConnectionStatus &status, Status *error_ptr) {			ConnectionStatus &status, Status *error_ptr) {
				std::unique_lock guard(m_shared_mutex);
	size_t total_written = 0;			size_t total_written = 0;
	do			do
	total_written += Write(static_cast<const char *>(src) + total_written,			total_written +=
				WriteUnlocked(static_cast<const char *>(src) + total_written,
	src_len - total_written, status, error_ptr);			src_len - total_written, status, error_ptr);
	while (status == eConnectionStatusSuccess && total_written < src_len);			while (status == eConnectionStatusSuccess && total_written < src_len);
				bulbazordUnsubmitted Not Done Reply Inline Actions Unrelated to your patch but something about this is triggering my spider sense. Is it possible that `status == eConnectionStatusSuccess` while `WriteUnlocked` returns 0? This might end up in an infinite loop then, no? Obviously you don't need to address this since it's unrelated, but something to think about for resiliency. bulbazord: Unrelated to your patch but something about this is triggering my spider sense. Is it possible…
	return total_written;			return total_written;
	}			}

	size_t Communication::ReadFromConnection(void *dst, size_t dst_len,			size_t Communication::ReadFromConnection(void *dst, size_t dst_len,
	const Timeout<std::micro> &timeout,			const Timeout<std::micro> &timeout,
	ConnectionStatus &status,			ConnectionStatus &status,
	Status *error_ptr) {			Status *error_ptr) {
				std::shared_lock guard(m_shared_mutex);
	lldb::ConnectionSP connection_sp(m_connection_sp);			lldb::ConnectionSP connection_sp(m_connection_sp);
	if (connection_sp)			if (connection_sp)
	return connection_sp->Read(dst, dst_len, timeout, status, error_ptr);			return connection_sp->Read(dst, dst_len, timeout, status, error_ptr);

	if (error_ptr)			if (error_ptr)
	error_ptr->SetErrorString("Invalid connection.");			error_ptr->SetErrorString("Invalid connection.");
	status = eConnectionStatusNoConnection;			status = eConnectionStatusNoConnection;
	return 0;			return 0;
	Show All 28 Lines

lldb/source/Core/ThreadedCommunication.cpp

	Show First 20 Lines • Show All 54 Lines • ▼ Show 20 Lines
	}			}

	ThreadedCommunication::~ThreadedCommunication() {			ThreadedCommunication::~ThreadedCommunication() {
	LLDB_LOG(GetLog(LLDBLog::Object \| LLDBLog::Communication),			LLDB_LOG(GetLog(LLDBLog::Object \| LLDBLog::Communication),
	"{0} ThreadedCommunication::~ThreadedCommunication (name = {1})",			"{0} ThreadedCommunication::~ThreadedCommunication (name = {1})",
	this, GetBroadcasterName());			this, GetBroadcasterName());
	}			}

	void ThreadedCommunication::Clear() {
	SetReadThreadBytesReceivedCallback(nullptr, nullptr);
	StopReadThread(nullptr);
	Communication::Clear();
	}
	JDevlieghereAuthorUnsubmitted Done Reply Inline Actions This wasn't used: nobody called `Clear` on an instance of `ThreadedCommunication`. JDevlieghere: This wasn't used: nobody called `Clear` on an instance of `ThreadedCommunication`.

	ConnectionStatus ThreadedCommunication::Disconnect(Status *error_ptr) {			ConnectionStatus ThreadedCommunication::Disconnect(Status *error_ptr) {
	assert((!m_read_thread_enabled \|\| m_read_thread_did_exit) &&			assert((!m_read_thread_enabled \|\| m_read_thread_did_exit) &&
	"Disconnecting while the read thread is running is racy!");			"Disconnecting while the read thread is running is racy!");
	return Communication::Disconnect(error_ptr);			return Communication::Disconnect(error_ptr);
	}			}

	size_t ThreadedCommunication::Read(void *dst, size_t dst_len,			size_t ThreadedCommunication::Read(void *dst, size_t dst_len,
	const Timeout<std::micro> &timeout,			const Timeout<std::micro> &timeout,
	▲ Show 20 Lines • Show All 295 Lines • Show Last 20 Lines

lldb/source/Plugins/Process/MacOSX-Kernel/ProcessKDP.cpp

Show First 20 Lines • Show All 551 Lines • ▼ Show 20 Lines	if (!keep_stopped && m_comm.IsConnected()) {
else		else
log->PutCString(		log->PutCString(
"ProcessKDP::DoDetach() connection channel shutdown failed");		"ProcessKDP::DoDetach() connection channel shutdown failed");
}		}
m_comm.Disconnect();		m_comm.Disconnect();
}		}
}		}
StopAsyncThread();		StopAsyncThread();
m_comm.Clear();
JDevlieghereAuthorUnsubmitted Done Reply Inline Actions According to the comment on line 541 this is wrong: // We are running and we can't interrupt a running kernel, so we need to // just close the connection to the kernel and hope for the best `m_comm` is an instance of `CommunicationKDP` which didn't override `Communication::Clear` and hence just called `Disconnected`. JDevlieghere: According to the comment on line 541 this is wrong: ``` // We are running and we can't…

SetPrivateState(eStateDetached);		SetPrivateState(eStateDetached);
ResumePrivateStateThread();		ResumePrivateStateThread();

// KillDebugserverProcess ();		// KillDebugserverProcess ();
return error;		return error;
}		}

▲ Show 20 Lines • Show All 431 Lines • Show Last 20 Lines