lldb reproducers
play

LLDB Reproducers Jonas Devlieghere, Apple LLVM Developers - PowerPoint PPT Presentation

Feb 25, 2023 •438 likes •958 views

LLDB Reproducers Jonas Devlieghere, Apple LLVM Developers Meeting, Brussels, Belgium, April 2019 "The debugger doesn't work" Somebody on the internet LLDB Bugs $ lldb ./a.out (lldb) target create

  1. LLDB Reproducers • • Jonas Devlieghere, Apple LLVM Developers’ Meeting, Brussels, Belgium, April 2019

  2. "The debugger doesn't work" — Somebody on the internet •

  3. LLDB Bugs $ lldb ./a.out (lldb) target create "a.out" (lldb) b main.cpp:12 ... (lldb) run ... (lldb) expr @import Foo (lldb) expr Bar cannot materialize variable

  4. LLDB Bug Reports   "Hey this doesn't work..." Bob Alice

  5. LLDB Bug Reports   "Can you attach the expr log?" Bob Alice

  6. LLDB Bug Reports   Expression log Bob Alice

  7. LLDB Bug Reports   "Can you attach the type log?" Bob Alice

  8. LLDB Bug Reports   Type log Bob Alice

  9. LLDB Bug Reports   "How do I reproduce?" Bob Alice

  10. LLDB Bug Reports   Steps to reproduce Bob Alice

  11. LLDB Bug Reports 🤭  "It doesn't reproduce..." Bob Alice

  12. Reproducers • Automate the process • Everything needed to reproduce • Inspired by clang

  13. Reproducers   "Hey this doesn't work..." 📧 Bob Alice

  14. Reproducers 📧   $ lldb ./a.out --capture $ lldb --replay reproducer (lldb) target create "a.out" (lldb) target create "a.out" (lldb) b main.cpp:12 (lldb) b main.cpp:12 ... ... (lldb) run (lldb) run ... ... (lldb) expr @import Foo (lldb) expr @import Foo (lldb) expr Bar (lldb) expr Bar cannot materialize variable cannot materialize variable (lldb) reproducer generate

  15. LLDB Reproducers

  16. Reconstruct the debugger's state • How we get there is more important than the final result • Capture data • Debug during replay

  17. Information User interaction • Commands typed in the command line interpreter • Use of the public API System interaction • Data from the (file) system • Data from the process being debugged

  18. Minimize impact • Don't hide or introduce bugs • Reuse existing infrastructure • Transparency and abstraction

  19. Components

  20. User Interaction • Command Line Interpreter • Public API (Scripting Bridge) • Files • GDB Remote Protocol

  21. Command Interpreter $ lldb ./a.out (lldb) target create "a.out" (lldb) b main.cpp:12 ... (lldb) run ... (lldb) expr @import Foo (lldb) expr Bar

  22. User Interaction • Command Line Interpreter • Public API (Scripting Bridge) • Files • GDB Remote Protocol

  23. Stable C++ API • Accessible through Python wrappers • Used by IDEs such as Xcode, Eclipse, Visual Studio Code • How the command line driver is implemented

  24. Python Example import lldb debugger = lldb.SBDebugger.Create() target = debugger.CreateTarget("/path/to/a.out") target.BreakpointCreateByName("foo") process = target.LaunchSimple(...)

  25. Capture and replay API calls • Capture the call and its argument values • Capture the return value

  26. API Boundary Python SBTarget SBDebugger CreateTarget() GetByteOrder() API boundary

  27. API Boundary Python SBTarget SBDebugger CreateTarget() GetByteOrder() GetByteOrder() API boundary

  28. Detecting API Boundaries • RAII object consisting of two booleans • Static boolean toggles when crossing the API boundary • Non-static boolean tracks if boundary needs to be reset

  29. Capturing Calls • Toggles the API boundary • Captures the call and its arguments • More than 2000 instances lldb::SBThread SBValue::GetThread() { LLDB_RECORD_METHOD_NO_ARGS(lldb::SBThread, SBValue, GetThread); ... return LLDB_RECORD_RESULT(sb_thread); }

  30. Capturing Calls • Maps functions to unique identifier • Type safe • Synthesizes deserialization logic LLDB_REGISTER_METHOD(void, SBDebugger, SetAsync, (bool)); LLDB_REGISTER_METHOD(bool, SBDebugger, GetAsync, ()); LLDB_REGISTER_METHOD(void, SBDebugger, SkipAppInitFiles, (bool)); LLDB_REGISTER_METHOD(void, SBDebugger, SkipAppInitFiles,(bool));

  31. lldb-instr • Utility on top of libTooling • Traverses the clang AST • Inserts the record and register macros

  32. Capturing Arguments • Stream values to file • Look at underlying value for pointers and references

  33. Capturing Objects • Index based on object address • Table keeps mapping between object and index Object Index SBDebugger debugger = SBDebugger::Create(); debugger 1 SBTarget target = debugger.createTarget(); SBLaunchInfo info("--arguments"); target 2 target.Launch(info); info 3

  34. Public API Replay while (deserializer.HasData(1)) { unsigned id = deserializer.Deserialize<unsigned>(); GetReplayer(id)->operator()(deserializer); }

  35. Components System Interaction • Command Line Interpreter • Public API (Scripting Bridge) • Files • GDB Remote Protocol

  36. Files $ lldb ./a.out (lldb) target create "a.out" (binary) (lldb) b main.cpp:12 (debug information) ... (lldb) run (shared libraries) ... (lldb) expr @import Foo (headers) (lldb) expr Bar

  37. Virtual File System • Use files from the reproducer • YAML mapping between virtual and real paths • Lifted from clang to LLVM • Devirtualize to support FILE* and file descriptors

  38. Filesystem Class • Wrapper around the VFS • All file system access must go through this class • FileCollector used for recording files used by LLDB & clang

  39. Components System Interaction • Command Line Interpreter • Public API (Scripting Bridge) • Files • GDB Remote Protocol

  40. GDB Remote Protocol • Simple command and response protocol • Read and write memory, registers and to start/stop the process • Designed for remote debugging but also used locally GDB Implementation Remote Protocol Defined LLDB debugserver a.out

  41. Capture GDB Implementation Remote Protocol Defined LLDB debugserver a.out Reply #1 Reply #2 Reply #3 Reply #4 Reply #5 ...

  42. Replay • Responds with recorded reply (in order) • Fully transparent to the debugger • Replay remote debug sessions Reply #1 GDB Reply #2 Remote Protocol Reply #3 LLDB replay server Reply #4 Reply #5 ...

  43. Limitations and future work

  44. API Arguments • Function pointers • Void & data pointers void Foo(char* data, size_t length); ID Data Length 10 0xFF ... 0x00 56

  45. Memory Management • No lifetime tracking for now • Pointer addresses can be reused • Objects created during replay are never deallocated

  46. Swift • Virtual File System • FileCollector callback

  47. Reproducer Size • Large files • Many files • Do we need all of them?

  48. Crashes • No guarantees in the signal handler • Do something smart like clang

  49. Privacy • Reproducers contain a lot of potentially sensitive information • Need to be clear and upfront about this to the user

  50. Please try it out! • bugs.llvm.org •

  51. Questions? • LLDB Reproducers 
 Jonas Devlieghere, LLVM Developers’ Meeting, Brussels, Belgium, April 2019

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

(gdb) run (lldb) process launch (gdb) r (lldb) run (lldb) r (gdb) b main (lldb) breakpoint

(gdb) run (lldb) process launch (gdb) r (lldb) run (lldb) r (gdb) b main (lldb) breakpoint

(gdb) run (lldb) process launch (gdb) r (lldb) run (lldb) r (gdb) b main (lldb) breakpoint set --name main (lldb) br s -n main (lldb) b main (gdb) x/4xw 0xbffff3c0 (lldb) memory read --size 4 --format x --count 4 0xbffff3c0 (lldb) me r

887 views • 41 slides
Support for mini-debuginfo in LLDB How to read the .gnu_debugdata section Konrad Kleine February

Support for mini-debuginfo in LLDB How to read the .gnu_debugdata section Konrad Kleine February

Support for mini-debuginfo in LLDB How to read the .gnu_debugdata section Konrad Kleine February 2, 2020 Red Hat - LLDB 1/10 Overall goal Improve LLDB for Fedora and RHEL release binaries 1 when no debug symbols installed not all

300 views • 18 slides
Extending LLDB to More Scripting Languages Jonas Devlieghere, Apple C++ API Scripting Bridge

Extending LLDB to More Scripting Languages Jonas Devlieghere, Apple C++ API Scripting Bridge

Extending LLDB to More Scripting Languages Jonas Devlieghere, Apple C++ API Scripting Bridge API Scripting Bridge API SBThread SBDebugger SBBreakpoint SBTarget SBFrame SBSymbol SBValue SBProcess SBFunction Python Python

307 views • 15 slides
Debugging With LLVM A quick introducon to LLDB and LLVM sanizers Graham Hunter, Andrzej

Debugging With LLVM A quick introducon to LLDB and LLVM sanizers Graham Hunter, Andrzej

Debugging With LLVM A quick introducon to LLDB and LLVM sanizers Graham Hunter, Andrzej Warzyski Arm February 2020 Our Background Compiler engineers at Arm Arm Compiler For Linux Downstream and upstream LLVM Based in

913 views • 28 slides
Porting LLDB Hafiz Abid Qadeer mentor.com/embedded Android is a trademark of Google Inc. Use of

Porting LLDB Hafiz Abid Qadeer mentor.com/embedded Android is a trademark of Google Inc. Use of

Porting LLDB Hafiz Abid Qadeer mentor.com/embedded Android is a trademark of Google Inc. Use of this trademark is subject to Google Permissions. Linux is the registered trademark of Linus Torvalds in the U.S. and other countries. Outline

766 views • 23 slides
CS 294-73 Software Engineering for Scientific Computing Lecture 6: Git, homework #1,

CS 294-73 Software Engineering for Scientific Computing Lecture 6: Git, homework #1,

CS 294-73 Software Engineering for Scientific Computing Lecture 6: Git, homework #1, coding standards. gdb / lldb We need to find out where the errors are occurring, and why they are occurring. Interactive debuggers: gdb

440 views • 32 slides
TOS Arno Puder 1 Objectives Explain the TOS testing system Explain some debugging

TOS Arno Puder 1 Objectives Explain the TOS testing system Explain some debugging

TOS Arno Puder 1 Objectives Explain the TOS testing system Explain some debugging techniques when a program error typically crashes the whole system Explain symbolic debugging of TOS 2 Test Cases TOS comes with many test cases

483 views • 22 slides
Hacking PostgreSQL with Eclipse Metin Dl metin@citusdata.com PGCONF.EU 2017 1

Hacking PostgreSQL with Eclipse Metin Dl metin@citusdata.com PGCONF.EU 2017 1

Hacking PostgreSQL with Eclipse Metin Dl metin@citusdata.com PGCONF.EU 2017 1 Motivation Postgres cant do everything You can extend it Eclipse makes it easy 2 Extensions postGIS - Spatial and Geographic objects pg_cron - Run

376 views • 19 slides
Checkpoint-Restart for a Network of Virtual Machines Rohan Garg, Komal Sodha, Zhengping Jin, Gene

Checkpoint-Restart for a Network of Virtual Machines Rohan Garg, Komal Sodha, Zhengping Jin, Gene

Checkpoint-Restart for a Network of Virtual Machines Rohan Garg, Komal Sodha, Zhengping Jin, Gene Cooperman College of Computer and Information Science Northeastern University, Boston Boston, Massachusetts 02115 { rohgarg, komal, jinzp, gene }

668 views • 34 slides
Segmentation Faults Otherwise known as segfaults. Occur when you try to access memory that

Segmentation Faults Otherwise known as segfaults. Occur when you try to access memory that

Segmentation Faults Otherwise known as segfaults. Occur when you try to access memory that you don't have permission to. Results in one of the least-informative error messages when using gcc. It is often more useful to be told the

678 views • 20 slides
On Another Level: How to Debug Compiling Query Engines Timo Kersten and Thomas Neumann Technical

On Another Level: How to Debug Compiling Query Engines Timo Kersten and Thomas Neumann Technical

On Another Level: How to Debug Compiling Query Engines On Another Level: How to Debug Compiling Query Engines Timo Kersten and Thomas Neumann Technical University of Munich 1 kersten@in.tum.de | DBTEST 20 On Another Level: How to Debug

438 views • 10 slides
radare2 Radare2 - a framework for reverse engineering Maxime Morin (@Maijin212), Julien Voisin,

radare2 Radare2 - a framework for reverse engineering Maxime Morin (@Maijin212), Julien Voisin,

radare2 Radare2 - a framework for reverse engineering Maxime Morin (@Maijin212), Julien Voisin, Jeffrey Crowell (@jeffreycrow- ell), Anton Kochkov (@akochkov) October 22, 2015 Hack.lu 10-2015 maxime morin 22 y/o french expat @ Luxembourg

1.99k views • 84 slides
Project 2 Soumya Basu Department of Computer Science Cornell University September 18, 2015

Project 2 Soumya Basu Department of Computer Science Cornell University September 18, 2015

Project 2 Soumya Basu Department of Computer Science Cornell University September 18, 2015 Administrivia Administrivia Project 2 is due on September 30 Administrivia Project 2 is due on September 30 Ground Truth First Hint First

1.12k views • 64 slides
ENERGY INTERNATIONAL GDF SUEZ - Overview GDF SUEZ is a Global LNG portfolio player 3 rd

ENERGY INTERNATIONAL GDF SUEZ - Overview GDF SUEZ is a Global LNG portfolio player 3 rd

GDF Suez GEMI Symposium March 11 th , 2015 ENERGY INTERNATIONAL GDF SUEZ - Overview GDF SUEZ is a Global LNG portfolio player 3 rd largest importer of LNG in the world Involved in Liquefaction in the USA Global portfolio of LNG

246 views • 8 slides
Coordinate Reference S y stems W OR K IN G W ITH G E OSPATIAL DATA IN P YTH ON Joris Van den

Coordinate Reference S y stems W OR K IN G W ITH G E OSPATIAL DATA IN P YTH ON Joris Van den

Coordinate Reference S y stems W OR K IN G W ITH G E OSPATIAL DATA IN P YTH ON Joris Van den Bossche Open so u rce so w are de v eloper and teacher , GeoPandas maintainer Coordinate Reference S y stem ( CRS ) Location of the Ei el To w

688 views • 39 slides
Performance Optimization: Performance Optimizatio n: Simulation and Real Measurement Simulation

Performance Optimization: Performance Optimizatio n: Simulation and Real Measurement Simulation

Performance Optimization: Performance Optimizatio n: Simulation and Real Measurement Simulation and Real Measurement Josef Weidendorfer KDE Developer Conference 2004 Ludwigsburg, Germany Agenda Agenda Introduction Performance

492 views • 30 slides
Exchange of Information amongst Competitors Dos and Donts Dos and Donts FEB

Exchange of Information amongst Competitors Dos and Donts Dos and Donts FEB

Exchange of Information amongst Competitors Dos and Donts Dos and Donts FEB Seminar, 22 June 2011 Lars Kjlbye Information exchange: exposure New chapter in Commission Guidelines on horizontal cooperation agreements New

269 views • 10 slides
CERT-SPC: role and mission Cap. G.di F. Gabriele Cicognani - CERT-SPC - Rome, 04.21.2009 Agenda

CERT-SPC: role and mission Cap. G.di F. Gabriele Cicognani - CERT-SPC - Rome, 04.21.2009 Agenda

A modern approach to ICT security in pubblic administration CERT-SPC: role and mission Cap. G.di F. Gabriele Cicognani - CERT-SPC - Rome, 04.21.2009 Agenda SPCs architetture Scenario: security threats The CERT-SPC: role and

562 views • 30 slides
The RESULTS S United ed National al Webin inar Welcome! 2 Remarks from Execu cutiv tive

The RESULTS S United ed National al Webin inar Welcome! 2 Remarks from Execu cutiv tive

The RESULTS S United ed National al Webin inar Welcome! 2 Remarks from Execu cutiv tive Director tor Dr. Joanne nne Carter rter 3 Our Anti-Oppressi ssion on Values RESULTS is a movement of passionate, committed everyday people.

458 views • 42 slides
October 9, 2014 San Joaquin Valley APCD State law requires the Office of Environmental

October 9, 2014 San Joaquin Valley APCD State law requires the Office of Environmental

October 9, 2014 San Joaquin Valley APCD State law requires the Office of Environmental Health Hazard Assessment (OEHHA) to develop guidelines for estimating health risk District utilizes OEHHA guidelines to calculate health risk:

327 views • 32 slides
Geospaal data processing for image automac analysis PyParis 2018 - 15/11/18 Raphal

Geospaal data processing for image automac analysis PyParis 2018 - 15/11/18 Raphal

Geospaal data processing for image automac analysis PyParis 2018 - 15/11/18 Raphal Delhome 1 Introduction Introduction 2 Oslandia... Oslandia... since 2009 Open Source specialist GIS experts (QGIS contributors) Provide

623 views • 33 slides
Mobile Resource Guarantees Ian Stark Laboratory for Foundations of Computer Science School of

Mobile Resource Guarantees Ian Stark Laboratory for Foundations of Computer Science School of

Mobile Resource Guarantees Ian Stark Laboratory for Foundations of Computer Science School of Informatics, University of Edinburgh David Aspinall, Stephen Gilmore, Don Sannella, *Kenneth MacKenzie, *Lennart Beringer, Michal Kone n LMU

146 views • 14 slides
Virgo Status B. Mours (LAPP Annecy) For the Virgo Collaboration Detector Status Computing

Virgo Status B. Mours (LAPP Annecy) For the Virgo Collaboration Detector Status Computing

Virgo Status B. Mours (LAPP Annecy) For the Virgo Collaboration Detector Status Computing Data Analysis status and Plans GWDAW, Dec 2003 1 Milwaukee Recent history Sept 01-July 02: Central ITF (CITF) commissioning 5

573 views • 19 slides
Comparing distributions via their canonical Stein operators: a new view of Steins method

Comparing distributions via their canonical Stein operators: a new view of Steins method

Comparing distributions via their canonical Stein operators: a new view of Steins method Gesine Reinert Department of Statistics University of Oxford International Colloquium on Steins Method, Concentration Inequalities, and Malliavin

578 views • 45 slides

More recommend