[lldb-dev] Invalid iterator dereference in TypeMap::ForEach when it's invoked with TypeMaptoList callback

Pavel Labath via lldb-dev lldb-dev at lists.llvm.org
Mon Nov 16 08:34:19 PST 2015 

Thanks for the heads-up Mikhail.

Ravi,

this looks like your code. Could you take a look at this?

pl


On 16 November 2015 at 16:24, Mikhail Filimonov via lldb-dev
<lldb-dev at lists.llvm.org> wrote:
> Hi guys and thank you for the excellent community project!
>
>
>
> Recently I’ve stumbled on a pesky, but trivial Invalid iterator dereference
> bug in SymbolContext and TypeMap implementations at revisions
>
> https://github.com/llvm-mirror/lldb/blob/e528da256d14ecac7df858462b44dca931879509/source/Symbol/SymbolContext.cpp#L823
>
> and
>
> https://github.com/llvm-mirror/lldb/blob/5ac1fc5bc961688505334395598a2bb174eabd3b/source/Symbol/TypeMap.cpp#L172
>
>
>
> From the code below it is obvious that TypeMap::ForEach calls the
> pre-increment operator on m_types iterator right after it has been
> invalidated by m_types.erase
>
>
>
> SymbolContext::SortTypeList(TypeMap &type_map, TypeList &type_list ) const
>
> {
>
>         TypeMaptoList callbackM2L (type_map, type_list);
>
>         type_map.ForEach(callbackM2L);
>
>                 return ;
>
> }
>
>
>
> void
>
> TypeMap::ForEach (std::function <bool(lldb::TypeSP &type_sp)> const
> &callback)
>
> {
>
>     for (auto pos = m_types.begin(), end = m_types.end(); pos != end; ++pos)
>
>     {
>
>         if (!callback(pos->second))
>
>             break;
>
>     }
>
> }
>
>
>
> bool
>
> TypeMap::RemoveTypeWithUID (user_id_t uid)
>
> {
>
>     iterator pos = m_types.find(uid);
>
>
>
>     if (pos != m_types.end())
>
>     {
>
>         m_types.erase(pos);
>
>         return true;
>
>     }
>
>     return false;
>
> }
>
>
>
> class TypeMaptoList
>
> {
>
> public:
>
>     TypeMaptoList(TypeMap &typem, TypeList &typel) :
>
>         type_map(typem),type_list(typel)
>
>     {
>
>     }
>
>
>
>     bool
>
>     operator() (const lldb::TypeSP& type)
>
>     {
>
>         if(type)
>
>         {
>
>             type_list.Insert(type);
>
>             type_map.RemoveTypeWithUID(type->GetID());
>
>             if (type_map.Empty())
>
>                 return false;
>
>         }
>
>         return true;
>
>     }
>
>
>
> private:
>
>     TypeMap &type_map;
>
>     TypeList &type_list;
>
> };
>
>
>
> Regards,
>
> Mikhail Filimonov
>
>
>
>
>
>
>
> ________________________________
> This email message is for the sole use of the intended recipient(s) and may
> contain confidential information.  Any unauthorized review, use, disclosure
> or distribution is prohibited.  If you are not the intended recipient,
> please contact the sender by reply email and destroy all copies of the
> original message.
> ________________________________
>
> _______________________________________________
> lldb-dev mailing list
> lldb-dev at lists.llvm.org
> http://lists.llvm.org/cgi-bin/mailman/listinfo/lldb-dev
>

More information about the lldb-dev mailing list