Opened 10 years ago

Closed 8 years ago

#5495 closed bug (fixed)

Debugger can run into endless loop from within DwarfTypeFactory::CreateType ()

Reported by: stippi Owned by: anevilyak
Priority: normal Milestone: R1
Component: Applications/Debugger Version: R1/Development
Keywords: Cc: bonefish
Blocked By: Blocking: #7756
Has a Patch: yes Platform: All

Description

[...]
#2684 0x002a835c in ImageDebugInfo::GetType ()
#2685 0x002a9e08 in TeamDebugInfo::GetType ()
#2686 0x0029d756 in DwarfTypeFactory::CreateType ()
#2687 0x0029f23c in DwarfTypeFactory::_CreateAddressType ()
---Type <return> to continue, or q <return> to quit---
#2688 0x0029d2e8 in DwarfTypeFactory::_CreateTypeInternal ()
#2689 0x0029d7ab in DwarfTypeFactory::CreateType ()
#2690 0x0029f52e in DwarfTypeFactory::_CreateCompoundType ()
#2691 0x0029d275 in DwarfTypeFactory::_CreateTypeInternal ()
#2692 0x0029d7ab in DwarfTypeFactory::CreateType ()
#2693 0x0029f52e in DwarfTypeFactory::_CreateCompoundType ()
#2694 0x0029d275 in DwarfTypeFactory::_CreateTypeInternal ()
#2695 0x0029d7ab in DwarfTypeFactory::CreateType ()
#2696 0x0029a685 in DwarfImageDebugInfo::GetType ()
#2697 0x002a835c in ImageDebugInfo::GetType ()
#2698 0x002a9e08 in TeamDebugInfo::GetType ()
#2699 0x0029d756 in DwarfTypeFactory::CreateType ()
#2700 0x0029f23c in DwarfTypeFactory::_CreateAddressType ()
#2701 0x0029d2e8 in DwarfTypeFactory::_CreateTypeInternal ()
#2702 0x0029d7ab in DwarfTypeFactory::CreateType ()
#2703 0x0029f52e in DwarfTypeFactory::_CreateCompoundType ()
#2704 0x0029d275 in DwarfTypeFactory::_CreateTypeInternal ()
#2705 0x0029d7ab in DwarfTypeFactory::CreateType ()
#2706 0x0029f52e in DwarfTypeFactory::_CreateCompoundType ()
#2707 0x0029d275 in DwarfTypeFactory::_CreateTypeInternal ()
#2708 0x0029d7ab in DwarfTypeFactory::CreateType ()
#2709 0x0029f23c in DwarfTypeFactory::_CreateAddressType ()
#2710 0x0029d2e8 in DwarfTypeFactory::_CreateTypeInternal ()
#2711 0x0029d7ab in DwarfTypeFactory::CreateType ()
---Type <return> to continue, or q <return> to quit---
#2712 0x0029f52e in DwarfTypeFactory::_CreateCompoundType ()
#2713 0x0029d275 in DwarfTypeFactory::_CreateTypeInternal ()
#2714 0x0029d7ab in DwarfTypeFactory::CreateType ()
#2715 0x0029f52e in DwarfTypeFactory::_CreateCompoundType ()
#2716 0x0029d275 in DwarfTypeFactory::_CreateTypeInternal ()
#2717 0x0029d7ab in DwarfTypeFactory::CreateType ()
#2718 0x0029a685 in DwarfImageDebugInfo::GetType ()
#2719 0x002a835c in ImageDebugInfo::GetType ()
#2720 0x002a9e08 in TeamDebugInfo::GetType ()
#2721 0x0029d756 in DwarfTypeFactory::CreateType ()
#2722 0x0029f23c in DwarfTypeFactory::_CreateAddressType ()
#2723 0x0029d2e8 in DwarfTypeFactory::_CreateTypeInternal ()
#2724 0x0029d7ab in DwarfTypeFactory::CreateType ()
#2725 0x0029f52e in DwarfTypeFactory::_CreateCompoundType ()
#2726 0x0029d275 in DwarfTypeFactory::_CreateTypeInternal ()
#2727 0x0029d7ab in DwarfTypeFactory::CreateType ()
#2728 0x0029f52e in DwarfTypeFactory::_CreateCompoundType ()
#2729 0x0029d275 in DwarfTypeFactory::_CreateTypeInternal ()
#2730 0x0029d7ab in DwarfTypeFactory::CreateType ()
#2731 0x0029f52e in DwarfTypeFactory::_CreateCompoundType ()
#2732 0x0029d275 in DwarfTypeFactory::_CreateTypeInternal ()
#2733 0x0029d7ab in DwarfTypeFactory::CreateType ()
#2734 0x0029a685 in DwarfImageDebugInfo::GetType ()
#2735 0x002a835c in ImageDebugInfo::GetType ()
---Type <return> to continue, or q <return> to quit---
#2736 0x002a9e08 in TeamDebugInfo::GetType ()
#2737 0x0029d756 in DwarfTypeFactory::CreateType ()
#2738 0x0029f23c in DwarfTypeFactory::_CreateAddressType ()
#2739 0x0029d2e8 in DwarfTypeFactory::_CreateTypeInternal ()
#2740 0x0029d7ab in DwarfTypeFactory::CreateType ()
#2741 0x0029f52e in DwarfTypeFactory::_CreateCompoundType ()
#2742 0x0029d275 in DwarfTypeFactory::_CreateTypeInternal ()
#2743 0x0029d7ab in DwarfTypeFactory::CreateType ()
#2744 0x0029f52e in DwarfTypeFactory::_CreateCompoundType ()
#2745 0x0029d275 in DwarfTypeFactory::_CreateTypeInternal ()
#2746 0x0029d7ab in DwarfTypeFactory::CreateType ()
#2747 0x0029a685 in DwarfImageDebugInfo::GetType ()
#2748 0x002a835c in ImageDebugInfo::GetType ()
#2749 0x002a9e08 in TeamDebugInfo::GetType ()
#2750 0x0029d756 in DwarfTypeFactory::CreateType ()
#2751 0x0029f23c in DwarfTypeFactory::_CreateAddressType ()
#2752 0x0029d2e8 in DwarfTypeFactory::_CreateTypeInternal ()
#2753 0x0029d7ab in DwarfTypeFactory::CreateType ()
#2754 0x0029f52e in DwarfTypeFactory::_CreateCompoundType ()
#2755 0x0029d275 in DwarfTypeFactory::_CreateTypeInternal ()
#2756 0x0029d7ab in DwarfTypeFactory::CreateType ()
#2757 0x0029a685 in DwarfImageDebugInfo::GetType ()
#2758 0x002a835c in ImageDebugInfo::GetType ()
#2759 0x002a9e08 in TeamDebugInfo::GetType ()
---Type <return> to continue, or q <return> to quit---
#2760 0x0029d756 in DwarfTypeFactory::CreateType ()
#2761 0x0029f23c in DwarfTypeFactory::_CreateAddressType ()
#2762 0x0029d2e8 in DwarfTypeFactory::_CreateTypeInternal ()
#2763 0x0029d7ab in DwarfTypeFactory::CreateType ()
#2764 0x0029f52e in DwarfTypeFactory::_CreateCompoundType ()
#2765 0x0029d275 in DwarfTypeFactory::_CreateTypeInternal ()
#2766 0x0029d7ab in DwarfTypeFactory::CreateType ()
#2767 0x0029f52e in DwarfTypeFactory::_CreateCompoundType ()
#2768 0x0029d275 in DwarfTypeFactory::_CreateTypeInternal ()
#2769 0x0029d7ab in DwarfTypeFactory::CreateType ()
#2770 0x0029a685 in DwarfImageDebugInfo::GetType ()
#2771 0x002a835c in ImageDebugInfo::GetType ()
#2772 0x002a9e08 in TeamDebugInfo::GetType ()
#2773 0x0029d756 in DwarfTypeFactory::CreateType ()
#2774 0x0029f76c in DwarfTypeFactory::_CreateCompoundType ()
#2775 0x0029d275 in DwarfTypeFactory::_CreateTypeInternal ()
#2776 0x0029d7ab in DwarfTypeFactory::CreateType ()
#2777 0x0029a685 in DwarfImageDebugInfo::GetType ()
#2778 0x002a835c in ImageDebugInfo::GetType ()
#2779 0x002a9e08 in TeamDebugInfo::GetType ()
#2780 0x0029d756 in DwarfTypeFactory::CreateType ()
#2781 0x0029f23c in DwarfTypeFactory::_CreateAddressType ()
#2782 0x0029d2e8 in DwarfTypeFactory::_CreateTypeInternal ()
#2783 0x0029d7ab in DwarfTypeFactory::CreateType ()
---Type <return> to continue, or q <return> to quit---
#2784 0x0029f0dc in DwarfTypeFactory::_CreateModifiedType ()
#2785 0x0029d360 in DwarfTypeFactory::_CreateTypeInternal ()
#2786 0x0029d7ab in DwarfTypeFactory::CreateType ()
#2787 0x0029b614 in DwarfStackFrameDebugInfo::_CreateVariable ()
#2788 0x0029ba15 in DwarfStackFrameDebugInfo::CreateParameter ()
#2789 0x0029acba in DwarfImageDebugInfo::CreateFrame ()
#2790 0x002957fe in Architecture::CreateStackTrace ()
#2791 0x0028cc5e in GetStackTraceJob::Do ()
#2792 0x0029444c in Worker::_ProcessJobs ()
#2793 0x0029474b in Worker::_WorkerLoop ()
#2794 0x00294801 in Worker::_WorkerLoopEntry ()
#2795 0x00682df0 in thread_entry () from /boot/system/lib/libroot.so
#2796 0x7003ffec in ?? ()

I ran into this when trying to step through WebPositive. I could probably provide the debug build with which this can hopefully be reproduced.

Attachments (1)

debug_info_type_match.patch (14.5 KB ) - added by anevilyak 8 years ago.

Download all attachments as: .zip

Change History (15)

comment:1 by anevilyak, 9 years ago

Owner: changed from bonefish to anevilyak
Status: newassigned

Do you by any chance still have a reproducible test case for this one? If so, would you be able to provide it?

comment:2 by stippi, 9 years ago

No idea, sorry. I may have tried to open WebPositive in Debugger. At the time I probably assumed that the problem would reveal itself by following the code paths... :-}

comment:3 by anevilyak, 9 years ago

Unfortunately it's not quite so simple since building compound types is necessarily recursive like this (i.e. a class containing another class as a member which in turn has more members that are themselves classes/compounds). Will see what I can do, trying to build a debug Web+ over here but running into some issues.

comment:4 by anevilyak, 9 years ago

Are you still able to build a debug version of Web+? I'm failing to link libwebkit.so with failures relating to multiple definitions of a symbol with no name in libwebcore.so, which I have to admit I'm not even sure how to begin tracking down.

comment:5 by anevilyak, 9 years ago

Further update, following a mem upgrade I'm able to build, link and even load a full Web+/libwcore/libwebkit/libjavascriptcore in the Debugger, will see if I can reproduce this. At that point Debugger's using around 1.9GB of mem though.

comment:6 by anevilyak, 8 years ago

Blocking: 7756 added

(In #7756) Forgot to check my own ticket list before creating this one, problem is also detailed in ticket #5495.

comment:7 by anevilyak, 8 years ago

Cc: bonefish added
Status: assignedin-progress

The problem turns out to be that Debugger wasn't correctly handling typedefs for opaque types where the name of the type and the name of the typedef were the same, e.g.

typedef struct structname structname;

When resolving the base type of the typedef, it would correctly find the struct, but when creating the type object for that, it would try to look up an existing type by the name only, and would find the typedef again, leading into an endless recursion repeating that process. Attaching a patch which fixes the issue by adding a parameter to GlobalTypeLookup::GetType() so we can match by both name and expected entry type. This fixes the problem since the typedef is then skipped. Since in this case there is no actual definition for the struct in question, we consequently fall back to _CreateTypeInternal(), which in turn creates a compound type with no bases/members for it, which is what we want. The only question is the type of the parameter being passed to GlobalTypeLookup, since this should be independent of the underlying debug format. Ingo, should we make that a void* in order to accomodate potentially more complex types in other formats? For DWARF an int32 is sufficient since the tags are simple integers, but I don't know if that's the case for the debug formats used with PECOFF and other binary formats.

Version 0, edited 8 years ago by anevilyak (next)

comment:8 by anevilyak, 8 years ago

Has a Patch: set

comment:9 by bonefish, 8 years ago

Since the whole type lookup mechanism is eventually supposed to power also type lookups for casts in user-defined expressions, some opaque value (be it an int32 or void*) that only has meaning in the debug info specific code is not helpful. A type_kind would work, but I would wrap that in a class, so it can be easily extended:

class TypeLookupConstraints {
public:
			TypeLookupConstraints();
				// no constraints
			TypeLookupConstraints(type_kind typeKind);

	bool		HasTypeKind() const;
	type_kind	TypeKind() const;

private:
	type_kind	fTypeKind;
	bool		fTypeKindGiven;
};

in reply to:  9 comment:10 by anevilyak, 8 years ago

Replying to bonefish:

Since the whole type lookup mechanism is eventually supposed to power also type lookups for casts in user-defined expressions, some opaque value (be it an int32 or void*) that only has meaning in the debug info specific code is not helpful. A type_kind would work, but I would wrap that in a class, so it can be easily extended:

I considered that, but the concern I run into then in the context of this bug is that type_kind doesn't map 1:1 to the dwarf representation, i.e. TYPE_COMPOUND can map to any of

DW_TAG_class_type
DW_TAG_structure_type
DW_TAG_union_type
DW_TAG_interface_type

So it's still potentially possible for me to find the wrong object if there happens to be another instance with the same name but different type. If that can't happen though, then I'll go ahead and do it the way you suggest.

comment:11 by bonefish, 8 years ago

Just add a compound_type_kind and union subtype_kind to model/Type.h and an optional subtype kind to TypeLookupConstraints.

comment:12 by anevilyak, 8 years ago

Has a Patch: unset

by anevilyak, 8 years ago

Attachment: debug_info_type_match.patch added

comment:13 by anevilyak, 8 years ago

Has a Patch: set

comment:14 by anevilyak, 8 years ago

Resolution: fixed
Status: in-progressclosed

Fixed in hrev42348.

Note: See TracTickets for help on using tickets.