KLapshin added a comment.
@clayborg, @labath,
After more deep investigation I think setting listener for hijacking also looks
like workaround. Setting additional listener just change code flow path and
buggy path not executed, thus no crash. At top level - crash appeared in
Process::m_listener involved - as no hijacked listener was set in Destroy().
See code below:
StateType
Process::WaitForProcessToStop (const TimeValue *timeout,
EventSP *event_sp_ptr,
bool wait_always,
Listener *hijack_listener,
Stream *stream)
{
// We can't just wait for a "stopped" event, because the stopped event
may have restarted the target.
// We have to actually check each event, and in the case of a stopped
event check the restarted flag
// on the event.
if (event_sp_ptr)
event_sp_ptr->reset();
StateType state = GetState();
// If we are exited or detached, we won't ever get back to any
// other valid state...
if (state == eStateDetached || state == eStateExited)
return state;
Log *log(lldb_private::GetLogIfAllCategoriesSet (LIBLLDB_LOG_PROCESS));
if (log)
log->Printf ("Process::%s (timeout = %p)", __FUNCTION__,
static_cast<const void*>(timeout));
if (!wait_always &&
StateIsStoppedState(state, true) &&
StateIsStoppedState(GetPrivateState(), true))
{
if (log)
log->Printf("Process::%s returning without waiting for events;
process private and public states are already 'stopped'.",
__FUNCTION__);
// We need to toggle the run lock as this won't get done in
// SetPublicState() if the process is hijacked.
if (hijack_listener)
m_public_run_lock.SetStopped();
return state;
}
while (state != eStateInvalid)
{
EventSP event_sp;
state = WaitForStateChangedEvents (timeout, event_sp,
hijack_listener); <---
if (event_sp_ptr && event_sp)
*event_sp_ptr = event_sp;
....
StateType
Process::WaitForStateChangedEvents (const TimeValue *timeout, EventSP
&event_sp, Listener *hijack_listener)
{
Log *log(lldb_private::GetLogIfAllCategoriesSet (LIBLLDB_LOG_PROCESS));
if (log)
log->Printf ("Process::%s (timeout = %p, event_sp)...", __FUNCTION__,
static_cast<const void*>(timeout));
Listener *listener = hijack_listener;
if (listener == NULL)
listener = &m_listener; <--- what if m_listener was set as
unitialized or deallocated Listener instance, "dummy" listener ?
StateType state = eStateInvalid;
if (listener->WaitForEventForBroadcasterWithType (timeout,
this,
eBroadcastBitStateChanged | eBroadcastBitInterrupt,
event_sp))
{
if (event_sp && event_sp->GetType() == eBroadcastBitStateChanged)
state =
Process::ProcessEventData::GetStateFromEvent(event_sp.get());
else if (log)
log->Printf ("Process::%s got no event or was interrupted.",
__FUNCTION__);
}
...
You can reproduce crash even without lldb-MI driver - just with remote iOS
target and "process launch", then "process kill".
Corresponding log ("log enable lldb events"):
(lldb) process launch
...
Process::ShouldBroadcastEvent (0x7ff1fa4a1260) => new state: running, last
broadcast state: running - NO
0x7ff1fad1b110 Listener::WaitForEventsInternal (timeout = { 0x0 }) for
lldb.process.internal_state_listener
(lldb) process kill
0x7ff1fad1afa0
Broadcaster("lldb.process.internal_state_broadcaster")::BroadcastEvent
(event_sp = {0x7ff1fce160d0 Event: broadcaster = 0x7ff1fad1afa0
(lldb.process.internal_state_broadcaster), type = 0x00000002, data = <NULL>},
unique =0) hijack = 0x0
0x7ff1fad1b110 Listener('lldb.process.internal_state_listener')::AddEvent
(event_sp = {0x7ff1fce160d0})
0x7ff1fa48e300 Listener::WaitForEventsInternal (timeout = { 0x7fff57d47240 })
for <-- WHAT ?! Listener without name - Process::m_listener may be ?
0x7ff1fad1b110 'lldb.process.internal_state_listener'
Listener::FindNextEventInternal(broadcaster=0x0, broadcaster_names=0x0[0],
event_type_mask=0x00000000, remove=1) event 0x7ff1fce160d0
0x7ff1fad1ae38 Broadcaster("lldb.process")::HijackBroadcaster
(listener("lldb.process.halt_listener")=0x7ff1fe01ca00)
CRASH !
Will continue investigation.
Repository:
rL LLVM
http://reviews.llvm.org/D12968
_______________________________________________
lldb-commits mailing list
lldb-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/lldb-commits
