[Lldb-commits] [PATCH] D108817: [LLDB] Fix 'std::out_of_range' crashing bug when file name completion with using file path.

Hiroki Imai via Phabricator via lldb-commits lldb-commits at lists.llvm.org
Fri Aug 27 05:43:40 PDT 2021 

HirokiImai created this revision.
Herald added a subscriber: pengfei.
HirokiImai requested review of this revision.
Herald added a project: LLDB.
Herald added a subscriber: lldb-commits.

When I run a lldb command  that uses filename completion, if I enter a string that is not only a filename but also a string with a non-file name string added, such as a relative path, it will crash as soon as I press the [Tab] key.
For example, debugging an executable named hello that is compiled from a file named hello.c, and I’ll put a breakpoint on line 3 of hello.c.

  $ lldb ./hello
  (lldb) breakpoint set --file hello.c --line 3

This is not a problem, but if I set  "--file ./hello."  and then press [Tab] key to complete file name, lldb crashes.

  $ lldb ./hello
  (lldb) breakpoint set --file ./hello.terminate called after throwing an instance of 'std::out_of_range'
    what():  basic_string::substr: __pos (which is 8) > this->size() (which is 7)
  PLEASE submit a bug report to https://bugs.llvm.org/ and include the crash backtrace.
  Stack dump:
  0.	Program arguments: lldb-12 ./hello
  Stack dump without symbol names (ensure you have llvm-symbolizer in your PATH or set the environment var `LLVM_SYMBOLIZER_PATH` to point to it):
  /lib/x86_64-linux-gnu/libLLVM-12.so.1(_ZN4llvm3sys15PrintStackTraceERNS_11raw_ostreamEi+0x23)[0x7f172281de53]
  /lib/x86_64-linux-gnu/libLLVM-12.so.1(_ZN4llvm3sys17RunSignalHandlersEv+0x50)[0x7f172281c170]
  /lib/x86_64-linux-gnu/libLLVM-12.so.1(+0xbd94bf)[0x7f172281e4bf]
  /lib/x86_64-linux-gnu/libpthread.so.0(+0x153c0)[0x7f172b08a3c0]
  /lib/x86_64-linux-gnu/libc.so.6(gsignal+0xcb)[0x7f172174b18b]
  /lib/x86_64-linux-gnu/libc.so.6(abort+0x12b)[0x7f172172a859]
  /lib/x86_64-linux-gnu/libstdc++.so.6(+0x9e911)[0x7f1721b01911]
  /lib/x86_64-linux-gnu/libstdc++.so.6(+0xaa38c)[0x7f1721b0d38c]
  /lib/x86_64-linux-gnu/libstdc++.so.6(+0xaa3f7)[0x7f1721b0d3f7]
  /lib/x86_64-linux-gnu/libstdc++.so.6(+0xaa6a9)[0x7f1721b0d6a9]
  /lib/x86_64-linux-gnu/libstdc++.so.6(+0xa13ab)[0x7f1721b043ab]
  /lib/x86_64-linux-gnu/liblldb-12.so.1(+0x63cbb3)[0x7f172a67bbb3]
  /lib/x86_64-linux-gnu/liblldb-12.so.1(+0x63fa59)[0x7f172a67ea59]
  /lib/x86_64-linux-gnu/libedit.so.2(el_wgets+0x102)[0x7f1721112d42]
  /lib/x86_64-linux-gnu/liblldb-12.so.1(+0x63ee36)[0x7f172a67de36]
  /lib/x86_64-linux-gnu/liblldb-12.so.1(+0x5b9a5b)[0x7f172a5f8a5b]
  /lib/x86_64-linux-gnu/liblldb-12.so.1(+0x5babfe)[0x7f172a5f9bfe]
  /lib/x86_64-linux-gnu/liblldb-12.so.1(+0x59f254)[0x7f172a5de254]
  /lib/x86_64-linux-gnu/liblldb-12.so.1(+0x66446d)[0x7f172a6a346d]
  /lib/x86_64-linux-gnu/liblldb-12.so.1(_ZN4lldb10SBDebugger21RunCommandInterpreterEbb+0xe9)[0x7f172a2be949]
  lldb-12[0x406e5a]
  lldb-12[0x408826]
  /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf3)[0x7f172172c0b3]
  lldb-12[0x40435e]
  Aborted (core dumped)

The crash was caused because substr() (in lldb/source/Host/common/Editline.cpp) cut out string which size is user's input string from the completed string.

I modified the code that erase the user's intput string from current line then add the completion string.


Repository:
  rG LLVM Github Monorepo

https://reviews.llvm.org/D108817

Files:
  lldb/source/Host/common/Editline.cpp


Index: lldb/source/Host/common/Editline.cpp
===================================================================
--- lldb/source/Host/common/Editline.cpp
+++ lldb/source/Host/common/Editline.cpp
@@ -1006,11 +1006,11 @@
     switch (completion.GetMode()) {
     case CompletionMode::Normal: {
       std::string to_add = completion.GetCompletion();
-      to_add = to_add.substr(request.GetCursorArgumentPrefix().size());
       // Terminate the current argument with a quote if it started with a quote.
       if (!request.GetParsedLine().empty() && request.GetParsedArg().IsQuoted())
         to_add.push_back(request.GetParsedArg().GetQuoteChar());
       to_add.push_back(' ');
+	  el_deletestr(m_editline, request.GetCursorArgumentPrefix().size());
       el_insertstr(m_editline, to_add.c_str());
       // Clear all the autosuggestion parts if the only single space can be completed.
       if (to_add == " ")


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D108817.369079.patch
Type: text/x-patch
Size: 915 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/lldb-commits/attachments/20210827/3431386d/attachment.bin>

More information about the lldb-commits mailing list