netcoredbg process crashes when pausing after the last debugged thread ended #151
Comments
|
Looks like some Windows related only issue (some MS compiler optimization?), I was able to reproduce some time "silent" exit after "finish" command and |
|
The exception is in mscordbi.dll!CordbStepper::Deactivate() Line 380. It is called directly from netcoredbg.exe. |
|
The point is, we deactivate all steppers that active in app domain and this list provided by runtime debug API itself on each stop (break, breakpoint) this is common logic: netcoredbg/src/debugger/stepper_simple.cpp Lines 113 to 131 in aafa6f3 runtime debug API (mscordbi.dll part of it, that executed on debugger's side) care about lists of active threads and steppers.
netcoredbg don't hold and don't release managed threads, care about threads and steppers COM object is part of runtime debug API. netcoredbg could only request thread COM objects references (that will increase internal ref counter by 1) at execution stop (break, breakpoint, step...) for interuction and "release" this ref (that only mean decrease ref counter for this COM object). But all real memory related work (allocation and release) is part of debugger API (in case of debugger's side - DAC/DBI). For example, from code I posted above, at |
|
The VS debugger clearly shows that the CorDebugThread memory is damaged at the time of calling ICordbStepper::Deactivate. For example the invalid pointer value stored in it as m_pAppDomain is 0x50. I only guess the the reason. |
|
This issue looks like some race condition in runtime code (https://github.com/dotnet/runtime). For example, debuggee process already have thread dead, but mscordbi don't have this info and provide to debugger data, mscordbi get this updated thread status from debuggee process and change internal states, but debuger call in mscordbi something that by mscordbi internal logic can't be called any more (and mscordbi don't count on this). Usually this mean 1) mscordbi don't prevent data changes from one side when another side do something with this data; or 2) mscordbi don't check changes in proper place. I really doubt that this is m_pAppDomain related, since this object never changes during managed process execution till process exit. Find and fix "race condition" like issues not so easy, you should find differences in execution sequence in mscordbi/runtime with and without this issue, analize current mscordbi code and find solution that will not broke current logic but prevent race condition... Knowledge that some pointer is wrong give nothing, in order to fix this issue you should understand why it wrong in this time and ok in another. |
|
A workaround. Possible memory leak, but now never crashes. HRESULT STDMETHODCALLTYPE ManagedCallback::ExitThread(ICorDebugAppDomain *pAppDomain, ICorDebugThread *pThread)
{
LogFuncEntry();
ThreadId threadId(getThreadId(pThread));
m_debugger.m_sharedThreads->Remove(threadId);
m_debugger.m_sharedEvalWaiter->NotifyEvalComplete(pThread, nullptr);
if (m_debugger.GetLastStoppedThreadId() == threadId) {
m_debugger.InvalidateLastStoppedThreadId();
//Workaround for netcoredbg process crash later when calling pStepper->Deactivate() from SimpleStepper::DisableAllSteppers.
//https://github.com/Samsung/netcoredbg/issues/151
//Never mind: possible memory leak.
pThread->AddRef();
}
m_debugger.m_sharedBreakpoints->ManagedCallbackExitThread(pThread);
m_debugger.pProtocol->EmitThreadEvent(ThreadEvent(ManagedThreadExited, threadId, m_debugger.m_interopDebugging));
return m_sharedCallbacksQueue->ContinueAppDomain(pAppDomain);
} |
Code to reproduce:
Steps to reproduce:
Debugger.Break, execute 'finish' (step out) or two 'next'. The thread ends. The main thread continues and runs until reaches the secondDebugger.Break.Result:
Sometimes netcoredbg process crashes at the second
Debugger.Break.Not every time. About 1/5 times.
Tested and can be reproduced on Windows 11 with CLI and MI.
If can't reproduce, I can attach .dmp.
The text was updated successfully, but these errors were encountered: