[lldb] Debugger::IOHandlerThread accessing invalid fd causes python crash

[slydiman]

Sometimes we got an unexpected fail of the test UNRESOLVED: lldb-api::TestIOHandlerResizeNoEditline.py on Windows host.
https://lab.llvm.org/staging/#/builders/197/builds/1562
https://lab.llvm.org/staging/#/builders/197/builds/1541
https://lab.llvm.org/staging/#/builders/197/builds/1512
The exit code 0xC0000409 means an assert/exception inside the native python code.

I already fixed the test lldb-api::TestModuleLoadedNotifys.py for Windows #92286.
But this test still crashes sometimes on the last line dbg.GetInputFile().Close() with the following exception inside CRT:

Exception Code: 0x80000003
 #0 0x00007ffb4842e03d (C:\WINDOWS\SYSTEM32\ucrtbased.dll+0x14e03d)
 #1 0x00007ffb4842e4f5 (C:\WINDOWS\SYSTEM32\ucrtbased.dll+0x14e4f5)
 #2 0x00007ffb28a29f09 lldb_private::NativeFile::GetStream(void) D:\llvm-project\lldb\source\Host\common\File.cpp:292:0
 #3 0x00007ffb289af668 lldb_private::IOHandler::GetInputFILE(void) D:\llvm-project\lldb\source\Core\IOHandler.cpp:92:0
 #4 0x00007ffb289b0988 lldb_private::IOHandlerEditline::GetLine(class std::basic_string<char, struct std::char_traits<char>, class std::allocator<char>> &, bool &) D:\llvm-project\lldb\source\Core\IOHandler.cpp:385:0
 #5 0x00007ffb289b034e lldb_private::IOHandlerEditline::Run(void) D:\llvm-project\lldb\source\Core\IOHandler.cpp:596:0
 #6 0x00007ffb28887c68 lldb_private::Debugger::RunIOHandlers(void) D:\llvm-project\lldb\source\Core\Debugger.cpp:1118:0
 #7 0x00007ffb2888a644 lldb_private::Debugger::IOHandlerThread(void) D:\llvm-project\lldb\source\Core\Debugger.cpp:2052:0
 #8 0x00007ffb2888ebb7 `lldb_private::Debugger::StartIOHandlerThread'::`5'::<lambda_1>::operator() D:\llvm-project\lldb\source\Core\Debugger.cpp:2163:0
 #9 0x00007ffb2889b7c4 std::invoke<`lldb_private::Debugger::StartIOHandlerThread'::`5'::<lambda_1> &> C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.42.34433\include\type_traits:1696:0
#10 0x00007ffb2888ef8b std::_Func_impl_no_alloc<`lldb_private::Debugger::StartIOHandlerThread'::`5'::<lambda_1>,unsigned int>::_Do_call C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.42.34433\include\functional:878:0
#11 0x00007ffb28a82f80 std::_Func_class<unsigned int>::operator()(void) const C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.42.34433\include\functional:921:0
#12 0x00007ffb28a82e0c lldb_private::HostNativeThreadBase::ThreadCreateTrampoline(void *) D:\llvm-project\lldb\source\Host\common\HostNativeThreadBase.cpp:62:0
#13 0x00007ffb48393010 (C:\WINDOWS\SYSTEM32\ucrtbased.dll+0xb3010)
#14 0x00007ffb774c4cb0 (C:\WINDOWS\System32\KERNEL32.DLL+0x14cb0)
#15 0x00007ffb78a1edcb (C:\WINDOWS\SYSTEM32\ntdll.dll+0x7edcb)

It seems Debugger::IOHandlerThread is using an invalid (already closed) m_descriptor in the line m_descriptor = ::_dup(m_descriptor); inside NativeFile::GetStream() and python crashes handling a CRT exception (invalid fd).

[llvmbot]

@llvm/issue-subscribers-lldb

Author: Dmitry Vasilyev (slydiman)

Sometimes we got an unexpected fail of the test `UNRESOLVED: lldb-api::TestIOHandlerResizeNoEditline.py` on Windows host. https://lab.llvm.org/staging/#/builders/197/builds/1562 https://lab.llvm.org/staging/#/builders/197/builds/1541 https://lab.llvm.org/staging/#/builders/197/builds/1512 The exit code 0xC0000409 means an assert/exception inside the native python code.

I already fixed the test lldb-api::TestModuleLoadedNotifys.py for Windows #92286.
But this test still crashes sometimes on the last line dbg.GetInputFile().Close() with the following exception inside CRT:

Exception Code: 0x80000003
 #<!-- -->0 0x00007ffb4842e03d (C:\WINDOWS\SYSTEM32\ucrtbased.dll+0x14e03d)
 #<!-- -->1 0x00007ffb4842e4f5 (C:\WINDOWS\SYSTEM32\ucrtbased.dll+0x14e4f5)
 #<!-- -->2 0x00007ffb28a29f09 lldb_private::NativeFile::GetStream(void) D:\llvm-project\lldb\source\Host\common\File.cpp:292:0
 #<!-- -->3 0x00007ffb289af668 lldb_private::IOHandler::GetInputFILE(void) D:\llvm-project\lldb\source\Core\IOHandler.cpp:92:0
 #<!-- -->4 0x00007ffb289b0988 lldb_private::IOHandlerEditline::GetLine(class std::basic_string&lt;char, struct std::char_traits&lt;char&gt;, class std::allocator&lt;char&gt;&gt; &amp;, bool &amp;) D:\llvm-project\lldb\source\Core\IOHandler.cpp:385:0
 #<!-- -->5 0x00007ffb289b034e lldb_private::IOHandlerEditline::Run(void) D:\llvm-project\lldb\source\Core\IOHandler.cpp:596:0
 #<!-- -->6 0x00007ffb28887c68 lldb_private::Debugger::RunIOHandlers(void) D:\llvm-project\lldb\source\Core\Debugger.cpp:1118:0
 #<!-- -->7 0x00007ffb2888a644 lldb_private::Debugger::IOHandlerThread(void) D:\llvm-project\lldb\source\Core\Debugger.cpp:2052:0
 #<!-- -->8 0x00007ffb2888ebb7 `lldb_private::Debugger::StartIOHandlerThread'::`5'::&lt;lambda_1&gt;::operator() D:\llvm-project\lldb\source\Core\Debugger.cpp:2163:0
 #<!-- -->9 0x00007ffb2889b7c4 std::invoke&lt;`lldb_private::Debugger::StartIOHandlerThread'::`5'::&lt;lambda_1&gt; &amp;&gt; C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.42.34433\include\type_traits:1696:0
#<!-- -->10 0x00007ffb2888ef8b std::_Func_impl_no_alloc&lt;`lldb_private::Debugger::StartIOHandlerThread'::`5'::&lt;lambda_1&gt;,unsigned int&gt;::_Do_call C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.42.34433\include\functional:878:0
#<!-- -->11 0x00007ffb28a82f80 std::_Func_class&lt;unsigned int&gt;::operator()(void) const C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.42.34433\include\functional:921:0
#<!-- -->12 0x00007ffb28a82e0c lldb_private::HostNativeThreadBase::ThreadCreateTrampoline(void *) D:\llvm-project\lldb\source\Host\common\HostNativeThreadBase.cpp:62:0
#<!-- -->13 0x00007ffb48393010 (C:\WINDOWS\SYSTEM32\ucrtbased.dll+0xb3010)
#<!-- -->14 0x00007ffb774c4cb0 (C:\WINDOWS\System32\KERNEL32.DLL+0x14cb0)
#<!-- -->15 0x00007ffb78a1edcb (C:\WINDOWS\SYSTEM32\ntdll.dll+0x7edcb)

It seems Debugger::IOHandlerThread is using an invalid (already closed) m_descriptor in the line m_descriptor = ::_dup(m_descriptor); inside NativeFile::GetStream() and python crashes handling a CRT exception (invalid fd).

[slydiman]

Note replacing dbg.GetInputFile().Close() with dbg.SetInputFileHandle(None, False) in the test TestIOHandlerResizeNoEditline.py did not help. I got the following exception at the end:

ok
PASS: LLDB (D:\dbg\bin\clang.exe-aarch64) :: test_resize_no_editline (TestIOHandlerResizeNoEditline.TestCase.test_resize_no_editline)
----------------------------------------------------------------------
Ran 1 test in 0.295s

Windows fatal exception: code 0x80000003

Thread 0x000025e8 (most recent call first):
  File "<shim>", line ??? in <interpreter trampoline>
  File "C:\Python312\Lib\contextlib.py", line 594 in helper
  File "C:\Python312\Lib\unittest\case.py", line 637 in run
  File "C:\Python312\Lib\unittest\case.py", line 690 in __call__
  File "C:\Python312\Lib\unittest\suite.py", line 122 in run
  File "C:\Python312\Lib\unittest\suite.py", line 84 in __call__
  File "C:\Python312\Lib\unittest\suite.py", line 122 in run
  File "C:\Python312\Lib\unittest\suite.py", line 84 in __call__
  File "C:\Python312\Lib\unittest\runner.py", line 240 in run
  File "D:\llvm-project\lldb\packages\Python\lldbsuite\test\dotest.py", line 1106 in run_suite
  File "D:\llvm-project\lldb\test\API\dotest.py", line 8 in <module>

 #0 0x00007ffb47b4e03d (C:\WINDOWS\SYSTEM32\ucrtbased.dll+0x14e03d)
 #1 0x00007ffb47b4e4f5 (C:\WINDOWS\SYSTEM32\ucrtbased.dll+0x14e4f5)
 #2 0x00007ffb28a29f09 lldb_private::NativeFile::GetStream(void) D:\llvm-project\lldb\source\Host\common\File.cpp:292:0
 #3 0x00007ffb289af668 lldb_private::IOHandler::GetInputFILE(void) D:\llvm-project\lldb\source\Core\IOHandler.cpp:92:0
 #4 0x00007ffb289b0988 lldb_private::IOHandlerEditline::GetLine(class std::basic_string<char, struct std::char_traits<char>, class std::allocator<char>> &, bool &) D:\llvm-project\lldb\source\Core\IOHandler.cpp:385:0
 #5 0x00007ffb289b034e lldb_private::IOHandlerEditline::Run(void) D:\llvm-project\lldb\source\Core\IOHandler.cpp:596:0
 #6 0x00007ffb28887c68 lldb_private::Debugger::RunIOHandlers(void) D:\llvm-project\lldb\source\Core\Debugger.cpp:1118:0
 #7 0x00007ffb2888a644 lldb_private::Debugger::IOHandlerThread(void) D:\llvm-project\lldb\source\Core\Debugger.cpp:2052:0
 #8 0x00007ffb2888ebb7 `lldb_private::Debugger::StartIOHandlerThread'::`5'::<lambda_1>::operator() D:\llvm-project\lldb\source\Core\Debugger.cpp:2163:0
 #9 0x00007ffb2889b7c4 std::invoke<`lldb_private::Debugger::StartIOHandlerThread'::`5'::<lambda_1> &> C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.42.34433\include\type_traits:1696:0
#10 0x00007ffb2888ef8b std::_Func_impl_no_alloc<`lldb_private::Debugger::StartIOHandlerThread'::`5'::<lambda_1>,unsigned int>::_Do_call C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.42.34433\include\functional:878:0
#11 0x00007ffb28a82f80 std::_Func_class<unsigned int>::operator()(void) const C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.42.34433\include\functional:921:0
#12 0x00007ffb28a82e0c lldb_private::HostNativeThreadBase::ThreadCreateTrampoline(void *) D:\llvm-project\lldb\source\Host\common\HostNativeThreadBase.cpp:62:0
#13 0x00007ffb47ab3010 (C:\WINDOWS\SYSTEM32\ucrtbased.dll+0xb3010)
#14 0x00007ffb774c4cb0 (C:\WINDOWS\System32\KERNEL32.DLL+0x14cb0)
#15 0x00007ffb78a1edcb (C:\WINDOWS\SYSTEM32\ntdll.dll+0x7edcb)