<table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Issue</th>
<td>
<a href=https://github.com/llvm/llvm-project/issues/110528>110528</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>
LLDB does not flush IO after expression evaluation which makes output of expression overlapped
</td>
</tr>
<tr>
<th>Labels</th>
<td>
new issue
</td>
</tr>
<tr>
<th>Assignees</th>
<td>
</td>
</tr>
<tr>
<th>Reporter</th>
<td>
ikey4u
</td>
</tr>
</table>
<pre>
When debugging clang static analyzer, the output of evaluating dump of ProgramState of ExplodedNode seems does not work in LLDB, the issue is weirded that I cannot describe it in simple one or two statements. As a result, I spend a lot of time to create a docker environment that easy you to reproduce the problem, and the problem is described in the last.
# Host
The following operations are executed in host.
- Create docker base image
docker pull centos:7.6.1810
- Create docker container
mkdir -p ~/share/lldb-bug
docker run --name lldb-bug -d -i -t -v ~/share/lldb-bug:/lldb-bug centos:7.6.1810 bash
# Docker
The following operations are executed in docker, you can use following command
to get into docker on your host:
docker exec -it lldb-bug bash
- Update yum
cp -a /etc/yum.repos.d /etc/yum.repos.d.bak
sed -e "s|^mirrorlist=|#mirrorlist=|g" \
-e "s|^#baseurl=http://mirror.centos.org/centos/\$releasever|baseurl=https://mirrors.tuna.tsinghua.edu.cn/centos-vault/7.6.1810|g" \
-e "s|^#baseurl=http://mirror.centos.org/\$contentdir/\$releasever|baseurl=https://mirrors.tuna.tsinghua.edu.cn/centos-vault/7.6.1810|g" \
-i.bak \
/etc/yum.repos.d/CentOS-*.repo
echo sslverify=false >> /etc/yum.conf
cat >> /etc/yum.repos.d/CentOS-Base.repo <<EOF
[sclo]
name=CentOS-7.6.1810 -Sclo -mirrors.tuna.tsinghua.edu.cn/centos-vault
failovermethod=priority
baseurl=http://mirrors.tuna.tsinghua.edu.cn/centos-vault/7.6.1810/sclo/\$basearch/rh
gpgcheck=0
enabled=1
gpgkey=http://mirrors.tuna.tsinghua.edu.cn/centos-vault/RPM-GPG-KEY-CentOS-7
EOF
yum makecache
- Install dependencies
source /opt/rh/devtoolset-8/enable
yum install -y pcre2-devel devtoolset-8 git make git patch openssl-devel zlib-devel readline-devel sqlite-devel bzip2-devel zlib libffi-devel
cd /lldb-bug
curl https://pyenv.run | bash
echo 'export PYENV_ROOT="$HOME/.pyenv"' >> ~/.bashrc
echo 'command -v pyenv >/dev/null || export PATH="$PYENV_ROOT/bin:$PATH"' >> ~/.bashrc
echo 'eval "$(pyenv init -)"' >> ~/.bashrc
source ~/.bashrc
PYTHON_CONFIGURE_OPTS="--enable-shared" pyenv install 3.9.5
pyenv global 3.9.5
cd /lldb-bug
curl -LO http://prdownloads.sourceforge.net/swig/swig-4.2.1.tar.gz
tar zxvf swig-4.2.1.tar.gz
cd swig-4.2.1
./configure --prefix=${PWD}/out
make
make install
cd /lldb-bug
curl -LO https://www.thrysoee.dk/editline/libedit-20240517-3.1.tar.gz
tar zxvf libedit-20240517-3.1.tar.gz
cd libedit-20240517-3.1/
./configure --prefix=${PWD}/out
make
make install
cd /lldb-bug
curl -LO https://github.com/Kitware/CMake/releases/download/v3.20.6/cmake-3.20.6-linux-x86_64.tar.gz
tar zxvf cmake-3.20.6-linux-x86_64.tar.gz
cd /lldb-bug
curl -LO https://github.com/ninja-build/ninja/releases/download/v1.12.1/ninja-linux.zip
unzip ninja-linux.zip -d ninja
- Build lldb
source /opt/rh/devtoolset-8/enable
cd /lldb-bug
git clone https://github.com/llvm/llvm-project.git
cd llvm-project && git checkout tags/llvmorg-18.1.8
# build clang in release mode using gcc 8.3 which will be used to build
# clang it self later since gcc 8.3 will crash randomly when build clang
# in debug mode
cd /lldb-bug
export PKG_CONFIG_PATH=/lldb-bug/libedit-20240517-3.1/out/lib/pkgconfig:${PKG_CONFIG_PATH}
export PATH=/lldb-bug/ninja:/lldb-bug/swig-4.2.1/out/bin:/lldb-bug/cmake-3.20.6-linux-x86_64/bin:${PATH}
cmake -G "Ninja" -B /lldb-bug/llvm-project/build/Release \
-D CMAKE_EXPORT_COMPILE_COMMANDS=1 \
-D LLVM_ENABLE_PROJECTS="clang;" \
-D LLVM_PARALLEL_LINK_JOBS=1 \
-D LLVM_PARALLEL_COMPILE_JOBS=32 \
-D CMAKE_BUILD_TYPE=Release \
-S /lldb-bug/llvm-project/llvm
time ninja -C /lldb-bug/llvm-project/build/Release
# build clang and lldb in debug mode
cd /lldb-bug
export PKG_CONFIG_PATH=/lldb-bug/libedit-20240517-3.1/out/lib/pkgconfig:${PKG_CONFIG_PATH}
export PATH=/lldb-bug/llvm-project/build/Release/bin/:/lldb-bug/ninja:/lldb-bug/swig-4.2.1/out/bin:/lldb-bug/cmake-3.20.6-linux-x86_64/bin:${PATH}
cmake -G "Ninja" -B /lldb-bug/llvm-project/build/Debug \
-D CMAKE_CXX_COMPILER=clang++ \
-D CMAKE_C_COMPILER=clang \
-D CMAKE_EXPORT_COMPILE_COMMANDS=1 \
-D LLVM_ENABLE_PROJECTS="clang;lldb;" \
-D LLVM_PARALLEL_LINK_JOBS=1 \
-D LLVM_PARALLEL_COMPILE_JOBS=32 \
-D CMAKE_BUILD_TYPE=Debug \
-S /lldb-bug/llvm-project/llvm
time ninja -C /lldb-bug/llvm-project/build/Debug
- The time has finally come to reproduce the bug
Create a div zero file in home directory:
// /lldb-bug/divzero.cpp
int foo(int x) {
return x/0;
}
Load it using lldb:
/lldb-bug/llvm-project/build/Debug/bin/lldb -- /lldb-bug/llvm-project/build/Debug/bin/clang++ --analyze -Xanalyzer -analyzer-checker=core.DivideZero /lldb-bug/divzero.cpp
Disable ASLR in lldb when using lldb in a docker to avoid error
`personality set failed: Operation not permitted`:
settings set target.disable-aslr false
And set a breakpoint in lldb:
breakpoint set --name ExprEngine::Visit
Then run lldb:
r
When the breakpoint hits, checke the ExplodeNode state using following
command:
* thread #1, name = 'clang++', stop reason = breakpoint 1.1
frame #0: 0x0000558522a13fc6 clang++`clang::ento::ExprEngine::Visit(this=0x00007ffcf1baf400, S=0x000055852d8bb390, Pred=0x000055852d8df550, DstTop=0x00007ffcf1baeb48) at ExprEngine.cpp:1714:33
1711
1712 void ExprEngine::Visit(const Stmt *S, ExplodedNode *Pred,
1713 ExplodedNodeSet &DstTop) {
-> 1714 PrettyStackTraceLoc CrashInfo(getContext().getSourceManager(),
1715 S->getBeginLoc(), "Error evaluating statement");
1716 ExplodedNodeSet Dst;
1717 StmtNodeBuilder Bldr(Pred, DstTop, *currBldrCtx);
(lldb) p Pred->Location->dump()
"kind": "Statement", "stmt_kind": "DeclRefExpr", "stmt_id": 606, "pointer": "0x55852d8bb390", "pretty": "x", "location": { "line": 2, "column": 12, "file": "/lldb-bug/divzero.cpp" }, "stmt_point_kind": "PreStmtPurgeDeadSymbols" Evaluated this expression after applying Fix-It(s):
Pred->Location.dump()
Note that lldb auto fix the command, and let's type the right command, the
bug appears:
(lldb) p Pred->Location.dump()
(lldb) "Statement", "stmt_kind": "DeclRefExpr", "stmt_id": 606, "pointer": "0x55852d8bb390", "pretty": "x", "location": { "line": 2, "column": 12, "file": "/lldb-bug/divzero.cpp" }, "stmt_point_kind": "PreStmtPurgeDeadSymbols"(lldb)
Note that the last `(lldb)` which is not right, and the content between the
two `(lldb)` will not appear correctly on the terminal which seems is eat
out by the terminal.
</pre>
<img width="1px" height="1px" alt="" src="http://email.email.llvm.org/o/eJzsWklz6ziS_jXwJYMMEdRiH3zQ-sr99GyH7aqumosDIlMU2hDAAUDZeof57RMJktbqt3R1z_RMtA62BGR-yEzkBpDCOVloxGvWG7He5EJUfmXstXzBbbe6WJh8e_3XFWrIcVEVhdQFZEroApwXXmYgtFDbr2gZH4NfIZjKl5UHswTcCFUJTxx5tS5p6N6awor1oxce6ff0rVQmx_zW5AgOce0gN-hAGw-vxr6A1DCfT0YtuHSuor_witLmmINfCQ83kAlNLDm6zMoFgvTE6eS6VAhGIxgL_tUEmXGN2rsYhg4EWHSV8gR_A65EnYMAZYL4Xq4RvIHMIkkrIDfZC1pAvZHWaEKpl0fhtrA1FRFbLK3JqwyDuKU1C4Vrghc63x8iHVppc5KV5pRwPmadCesMm788hV-M8_tjTyuEpVHKvJJhTYlWeGm0A2ER8A2zyteIK3OEFsG4VqVRZCEcglyLAvepoPk0RGWlFGSovXEsHQ7ifpxcJp1vwWZGeyE12nOo65dcWohK-C_GZ24lLDI-UypfRIuqOCuArTREkRZrhJYOohwiCZGHaHMeKB3u_ToVn1RfHRt6Etb7u0xdi0rbTG6QCQ2V22fNzHotdF6jegMFkn960-poNDHasGUk-5HhWsd7wwwi6Xd2OFYjgl_LnLZiW63PWT8rIRLA-Ax9xvhsW61ji6VxcX52MF6Il0MAhzlECIxzxwZj1puupbXGKklyT2iIp8dDBeMcWG98iESfAyTGU3LIyiqWTlbel_UmMj6rAeN6F2NjC8ZnzZbyGQHzrkWFwuEGLRuMD2HcEY6LfaVF7J3UxaoSMeZVnOl3yGgjQkKYvbv6P0mDWnAKFtQ-l_Z_XxdJ-703d84lGJ-NUfu7x4jxYRg852eYrQw4pzZo5XLL0slSKIfA0ilLp4e4mdHLIycV_izliQQj4TCMAkvHLB1P72at5L2Ry5RhvckhNGURlk4a_vdsED1mykD0MzatYZdCKrNBu0a_MjlLJ6WVxkq_bea_6Q4_vXl8FpRq_YTAhc1WjM9skwWgKItshdkLSyedoy3RYqGQZEx2tC-4_XOyPdx_iT7df4o-T_-IWqs28O-7cSjHtlrDWrxgJrIVHuauG-28UApypEKMOpPoDiCcqWxGETczpa_V5rMcN94Y5dBHl-QvQc-PVpbNEtEWyswij3LcIK24w4BC-iBh-FIKn60o9WvnVEP9VclF89WiyJXU2Px0_6mkb38svsqS77GAkovlUtYjZ7NzyMLni2FWWQWHKaDcot7EVB7ZYLxXCg6CkPEBvpXGerj_Y3r72_PD3d0TpWXOGe_-cvdlyvgsDkhhaNBGHlXVmDBtdh61KWlUgQN7YAy7wfhMU9NASXEwhnb54dMv7wvvycJnC6mDTt1A8h0p3pXaCAU1GOOXtQRSSw8R41c_qErjTqfz9388_XJ3-zy-u53dfPr1Yfp8d__0WAsfRbWDRaHlyCmZtovXnpXGV3GvwalnCmUW4mDiJ7c9mt_BQYyWNjevWhmRu7hWYmlsgbFGigr3KovmX9SNeZzEXti4-HqI7IWFr2-bJXyHLsv3KA6nYsoHRi9lUVmEKCotLuVbsFOXDUb3f52wwYSCtfJHTaB4wdOR1oR_yka78Hh9fY39ym6dQYzzF0oNufQUrIREbbf0Ee_wbqeXDKL0e2b6YY4sP0tLQtV0_9pmK6RfVYs4M2vGZ5-lf6076_EXWpzPmuaEOq_WBxmfbdKYd-I-KUYiRfXPSEldvUVvl_3nfvfQVu9m_TH6f6xWWuq_iWhRSZW3vz7WLIkTHnav5goixl9l2Sxb6a-yhKM5Op_UsAf1bUQrhub9H1jVvmUMKmCZouPvN6yh1Kb9F5XW_A0zHxfSnzr1HgEw3me8Xy9A_YapPHhRuAbI2CJKLuMkvjwnMh22gvWbiwSpoTE-rE2OUFHXAUWWwWWcwutKZit4lUrBgubo0G9q_lPYBtCDQ7UEJTxacFJnuIMjoMwKtwIrdG7WaguvK9T7Ep3iyub6Iwj44xvQ1r7Pn5pi8vxeBncc57NRkwDCJKX8l6LOGXWppDxxBDpoe93jgru_Uu2VB6fjg1LxvmpblPfJPozV_SJOkh2IE7gg-kTV-raONQ7RCI5MsOddBNcE50PjF7tDSTSB8Zfh5-nz9Pf7u4en5_Hdl_ub-ZT-fxneTqhMJx-cbyYwn__25Xl6OxzNp8_3D3d_mY7bul7vezr6-HTUcN8PH4bz-XT-PL-5_fz8l7vRD6z4ztMK27ClH69V6zj69WY-eX76437K0smpLfZZHr9t0BDlh5VNrrHOUhCNf2o3fiSmqTUkwP83kfMdk9QRwGcnQfN_LeImYbPOxNv4999b_31g6aQOGD5ifPQdJx6fsH2H4Z8T2aHu_ksH-LHp_6fDO6x_2LI8rbBGWgkHS6mFUlvITH0xfnjXfcRLMozfb87lBr6iNbCUCuu76TVCLi1m3tjtmSvPOqdQs3Ikey43hBRnZXlILbWHpTGMX9K3N8avgA1Gp6a06CuriWDWIX84XLINot3w3IicOoq6K6m96CNxf9TGbbYIGTKK_h7W_fiLouYhDES_t49joB2zUejQ0FL0GYvxRG5kjv9B2_Ed0-70m0hHDSgMH-cPtH9B8NA27cxC4-8PSbwBsTEyB7TW2B0Q63dKtM5ooaTfgkMfLtEwZ-kQ7tob9vD8p0S7lt5jzvqdD0zu0HupCxdwvLAF-jivRY2EUxbCveMx51DngUHAwqJ4KQ05TKPU8UJ7FMTSPIiYvpV2qgs6S6ZDlg5_k07642WeyDy2Oo978nAkPGILcbRbcSW9Y3xct9h1lDUPzOrnZeEpWr0B788adojtQ4ePvHUIfmVRUBFOE1omqMbSSbje2bkX4wOadd6UYFE4owPRnpzJ8c0AfZY2wPGUNg86b51Op9PrXfY4F0m6zPqwv0S_06RpsiZqb-pv5-3ML_1KOpZOatDBcpktk4VYdjsdEvTxfSYsl18uFulVmLm34QL0YDJf9nphcuL8kylPUHHRvaRcIvzerocQSYfJIOmydJimJ9ong-TUJMkg4RCC4iO9MqOdh0e_phPW8JHEOnhCyvgw6MBPS0QySNID4kcMx7RGrXPZMGLplPi6ZBjvt49eZC9PVmQ4NxmM6Yx0o5eUUQv0Y6M9vpGQjF_FBfrHcGz9IrQo0NbDO7mSQdKD730eSYAC_QgLqecmewehxmVKeWP_EfL7o9twu3d1krprG_QBTqwwcf4D6kGwNdGFszlaGKmclGms3DpFEGmYVdbS_Ni_7QtwHFeXId75FZTB4UjJuclCXqPvebUuG02PGPmL1Dlplw7p1-OBwsEozq_98yHVBDP1gEvyqCM62VL1O_1mPIQr2h135-0wRlqAMjjEju5tN6UaXdrJwSiMhnu1MNISZkZV65YsaUepA9jhflyAqE0bTPb1CcIfaX9vkXbwvrIFTlDkj9v1wihH3NPadcI7AtJRb2_ROSouYunRgihLtSXHmsm36IYc24VdbffzeO_i443bbd-t8Vi_ChDqoKg8dTpvIWG3Wbh5BUChZ3zgwG_LOqFbWaz8PpVf7R2TqCEUZYnCug_z-Df87UTmM1z_drU_62o7Y37sGO3rHdQA7dH3O839lqzfeQnesP-6SPN8GBboX7HuEHbw_tWcwZNKBazabyAzltpstQVTNxie-iotVLNy_dYNRYjYu_QzlYfF9oD-4F2Si_w6za_SK3GB18mADwYJT3jvYnUtrgZpmmN_KS6vuj2OIr9KBpf9Ae9laSI62YW8Dof1q7ST9Du804u7opt0B1d9nooeXi6WrNvBtZAqpj44Nra4CG_9XCdJp8cvL5RYoHLhZSXONb7W7wTRNvQmF_Y6NM-LqnCs21HSebeD8dIrvJ7PJ6PdS0ZLVbkV3Nw1SWEvS7Slx-jGUHSqdvuvN-1ozQatInvnF5VV1z9328r4LKjgGJ81Om6u-X8HAAD__84TDCs">