Another successful use case of rr to track down a weird bug in LuaJIT's GC

Yichun Zhang yichun at openresty.com
Thu Feb 28 01:15:11 UTC 2019


Hi folks,

One of our OpenResty open source community's users reported a weird
infinite loop in the LuaJIT VM. It is hard to reproduce without some
load of traffic. Fortunately I successfully used mozilla rr to record
a bad run and quickly nail it down to be a GC bug that results in
use-after-free problems like infinite looping or random core dumps.

Just to share our experience in this use case, I wrote a detailed
comment here in the original GitHub issue:

    https://github.com/openresty/luajit2/issues/42#issuecomment-468092267

The full rr debugging session in gdb is also edited and put here:

    https://gist.github.com/agentzh/534aabb3a5bc75ff62b8fd25e3d371e0

It is especially powerful to leverage complex gdb python commands in
the rr gdb session when investigating complex data structures in the
target :) Our new gdb python tools are (mostly) automatically
generated from the target programs' C source code and DWARF debuginfo
data otherwise they are painful to write by hand. Some open source gdb
tools used in this rr session are hosted here:
https://github.com/openresty/openresty-gdb-utils

Hope this is helpful to other rr users and LuaJIT developers.

Thanks to rr and it saves my day today once again :) GC bugs are
notoriously hard to debug due to GCs' inherent nondeterminism.

Best,
Yichun


More information about the rr-dev mailing list