[cfe-dev] Any hints on how to solve crash 10131?
Nikola Smiljanic
popizdeh at gmail.com
Mon Jul 18 12:32:10 PDT 2011
I'm investigating crash 10131 <http://llvm.org/bugs/show_bug.cgi?id=10131> and
I managed to reduce the test case to this:
#include <string>
class StringRef
{
public:
StringRef(std::string const& s) : length(s.size() {}
size_t length;
};
Here is what I have so far. The execution reaches this far (see abbreviated
call stack) and then returns to Parser::ParseCXXMemberSpecification. At the
end of this method ParsingDef.Pop() is called and it clears the SmallVector
holding tokens (I think it's the CachedTokens member inside LexedMethod),
execution returns to first ParseDeclarationOrFunctionDefinition where
ConsumeToken is called. This ends up inside TokenLexer::Lex that tries
accessing Tokens member pointing to now deleted tokens. I don't really
understand the code in order to fix it but I'm not ready to surrender yet.
Any hints?
TokenLexer::Lex
Preprocessor::Lex
Parser::ConsumeToken
Parser::SkipUntil
Parser::SkipUntil
Parser::MatchRHSPunctuation
Parser::ParseMemInitializer
Parser::ParseConstructorInitializer
Parser::ParseLexedMethodDef
Parser::LexedMethod::ParseLexedMethodDefs
Parser::ParseLexedMethodDefs
Parser::ParseCXXMemberSpecification
Parser::ParseClassSpecifier
Parser::ParseDeclarationSpecifiers
Parser::ParseDeclarationOrFunctionDefinition
Parser::ParseDeclarationOrFunctionDefinition
Parser::ParseExternalDeclaration
Parser::ParseTopLevelDecl
ParseAST
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20110718/1f976a28/attachment.html>
More information about the cfe-dev
mailing list