[lldb-dev] [Bug 36525] New: std::bad_alloc : Process::ReadModuleFromMemory is passed bogus size_to_read when "target modules load" libart.so

via lldb-dev lldb-dev at lists.llvm.org
Mon Feb 26 12:23:39 PST 2018


https://bugs.llvm.org/show_bug.cgi?id=36525

            Bug ID: 36525
           Summary: std::bad_alloc : Process::ReadModuleFromMemory is
                    passed bogus size_to_read when "target modules load"
                    libart.so
           Product: lldb
           Version: 5.0
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P
         Component: All Bugs
          Assignee: lldb-dev at lists.llvm.org
          Reporter: anthony.louis.eden at gmail.com
                CC: llvm-bugs at lists.llvm.org

(lldb) thread backtrace all
* thread #1, name = 'lldb', stop reason = signal SIGABRT
  * frame #0: 0x00007ffff49d2860 libc.so.6`__GI_raise + 272
    frame #1: 0x00007ffff49d3ec9 libc.so.6`__GI_abort + 457
    frame #2: 0x00007ffff4de3d57
libstdc++.so.6`__gnu_cxx::__verbose_terminate_handler() at vterminate.cc:95
    frame #3: 0x00007ffff4de18c6
libstdc++.so.6`__cxxabiv1::__terminate(handler=<unavailable>)()) at
eh_terminate.cc:47
    frame #4: 0x00007ffff4de1913 libstdc++.so.6`std::terminate() at
eh_terminate.cc:57
    frame #5: 0x00007ffff4de1b68
libstdc++.so.6`__cxxabiv1::__cxa_throw(obj=<unavailable>, tinfo=<unavailable>,
dest=<unavailable>)(void *)) at eh_throw.cc:93
    frame #6: 0x00007ffff4de20cf libstdc++.so.6`operator new(sz=<unavailable>)
at new_op.cc:54
    frame #7: 0x00007ffff588f8c4
liblldb.so.5`lldb_private::DataBufferHeap::DataBufferHeap(unsigned long,
unsigned char) [inlined] __gnu_cxx::new_allocator<unsigned
char>::allocate(this=<unavailable>, (null)=<unavailable>, __n=<unavailable>) at
new_allocator.h:111
    frame #8: 0x00007ffff588f8be
liblldb.so.5`lldb_private::DataBufferHeap::DataBufferHeap(unsigned long,
unsigned char) [inlined] std::allocator_traits<std::allocator<unsigned char>
>::allocate(__a=<unavailable>, __n=<unavailable>) at alloc_traits.h:436
    frame #9: 0x00007ffff588f8be
liblldb.so.5`lldb_private::DataBufferHeap::DataBufferHeap(unsigned long,
unsigned char) at stl_vector.h:172
    frame #10: 0x00007ffff588f8be
liblldb.so.5`lldb_private::DataBufferHeap::DataBufferHeap(unsigned long,
unsigned char) [inlined] std::_Vector_base<unsigned char,
std::allocator<unsigned char> >::_M_create_storage(__n=13151649335953326080,
this=<unavailable>) at stl_vector.h:187
    frame #11: 0x00007ffff588f8be
liblldb.so.5`lldb_private::DataBufferHeap::DataBufferHeap(unsigned long,
unsigned char) [inlined]
_ZNSt12_Vector_baseIhSaIhEEC4EmRKS0_(__a=0x0000555555dbfd48,
__n=13151649335953326080, this=<unavailable>) at stl_vector.h:138
    frame #12: 0x00007ffff588f8be
liblldb.so.5`lldb_private::DataBufferHeap::DataBufferHeap(unsigned long,
unsigned char) [inlined]
_ZNSt6vectorIhSaIhEEC4EmRKhRKS0_(__a=0x0000555555dbfd48, __value=<unavailable>,
__n=13151649335953326080, this=<unavailable>) at stl_vector.h:297
    frame #13: 0x00007ffff588f8be
liblldb.so.5`lldb_private::DataBufferHeap::DataBufferHeap(unsigned long,
unsigned char) at vector.tcc:242
    frame #14: 0x00007ffff588f8be
liblldb.so.5`lldb_private::DataBufferHeap::DataBufferHeap(unsigned long,
unsigned char) [inlined] std::vector<unsigned char, std::allocator<unsigned
char> >::assign(__val=<unavailable>, __n=13151649335953326080,
this=0x0000555555dbfd48) at stl_vector.h:502
    frame #15: 0x00007ffff588f8be
liblldb.so.5`lldb_private::DataBufferHeap::DataBufferHeap(this=0x0000555555dbfd40,
n=13151649335953326080, ch=<unavailable>) at DataBufferHeap.cpp:30
    frame #16: 0x00007ffff56615fd
liblldb.so.5`lldb_private::Module::GetMemoryObjectFile(std::shared_ptr<lldb_private::Process>
const&, unsigned long, lldb_private::Status&, unsigned long) [inlined]
std::enable_if<!(std::is_array<lldb_private::DataBufferHeap>::value),
std::unique_ptr<lldb_private::DataBufferHeap,
std::default_delete<lldb_private::DataBufferHeap> > >::type
llvm::make_unique<lldb_private::DataBufferHeap, unsigned long&,
int>((null)=<unavailable>, (null)=<unavailable>) at STLExtras.h:944
    frame #17: 0x00007ffff56615e6
liblldb.so.5`lldb_private::Module::GetMemoryObjectFile(this=0x0000555555dbfff0,
process_sp=std::__shared_ptr<lldb_private::Process, 4>::element_type @
0x000055555591fc20, header_addr=3068708324, error=0x00007fffffffc2a0,
size_to_read=13151649335953326080) at Module.cpp:333
    frame #18: 0x00007ffff580384f
liblldb.so.5`lldb_private::Process::ReadModuleFromMemory(this=0x000055555591fc20,
file_spec=<unavailable>, header_addr=3068708324,
size_to_read=13151649335953326080) at Process.cpp:2632
    frame #19: 0x00007ffff59a8e9b liblldb.so.5`bool
JITLoaderGDB::ReadJITDescriptorImpl<unsigned int>(this=0x000055555596cb60,
all_entries=true) at JITLoaderGDB.cpp:318
    frame #20: 0x00007ffff59a7485
liblldb.so.5`JITLoaderGDB::SetJITBreakpoint(lldb_private::ModuleList&) at
JITLoaderGDB.cpp:202
    frame #21: 0x00007ffff59a72fd
liblldb.so.5`JITLoaderGDB::SetJITBreakpoint(this=0x000055555596cb60,
module_list=<unavailable>)
    frame #22: 0x00007ffff587f6d0
liblldb.so.5`lldb_private::JITLoaderList::ModulesDidLoad(this=0x0000555555967760,
module_list=0x00007fffffffc790) at JITLoaderList.cpp:55
    frame #23: 0x00007ffff580853f
liblldb.so.5`lldb_private::Process::ModulesDidLoad(this=0x000055555591fc20,
module_list=0x00007fffffffc790) at Process.cpp:5899
    frame #24: 0x00007ffff5ab259a
liblldb.so.5`lldb_private::process_gdb_remote::ProcessGDBRemote::ModulesDidLoad(this=0x000055555591fc20,
module_list=<unavailable>) at ProcessGDBRemote.cpp:4763
    frame #25: 0x00007ffff583e69a
liblldb.so.5`lldb_private::Target::ModulesDidLoad(lldb_private::ModuleList&)
[inlined] lldb_private::Target::ModulesDidLoad(module_list=0x00007fffffffc790,
this=0x0000555555918f30) at Target.cpp:1410
    frame #26: 0x00007ffff583e654
liblldb.so.5`lldb_private::Target::ModulesDidLoad(this=0x0000555555918f30,
module_list=0x00007fffffffc790)
    frame #27: 0x00007ffff5c4b3b4
liblldb.so.5`CommandObjectTargetModulesLoad::DoExecute(this=<unavailable>,
args=<unavailable>, result=<unavailable>) at CommandObjectTarget.cpp:2747
    frame #28: 0x00007ffff573b432
liblldb.so.5`lldb_private::CommandObjectParsed::Execute(this=0x000055555582db40,
args_string=<unavailable>, result=0x00007fffffffdc40) at CommandObject.cpp:991
    frame #29: 0x00007ffff573488e
liblldb.so.5`lldb_private::CommandInterpreter::HandleCommand(this=<unavailable>,
command_line=<unavailable>, lazy_add_to_history=<unavailable>,
result=0x00007fffffffdc40, override_context=0x0000000000000000,
repeat_on_empty_command=<unavailable>, no_context_switching=false) at
CommandInterpreter.cpp:1677
    frame #30: 0x00007ffff5735f3f
liblldb.so.5`lldb_private::CommandInterpreter::IOHandlerInputComplete(this=0x0000555555809280,
io_handler=0x0000555555914780, line="target modules load -s 0xb68d2000 --file
libart.so") at CommandInterpreter.cpp:2704
    frame #31: 0x00007ffff5648349
liblldb.so.5`lldb_private::IOHandlerEditline::Run(this=0x0000555555914780) at
IOHandler.cpp:573
    frame #32: 0x00007ffff561e15f
liblldb.so.5`lldb_private::Debugger::RunIOHandler(this=0x0000555555807bb0,
reader_sp=std::__shared_ptr<lldb_private::IOHandler, 4>::element_type @
0x0000555555914780) at Debugger.cpp:1006
    frame #33: 0x00007ffff572a147
liblldb.so.5`lldb_private::CommandInterpreter::HandleCommandsFromFile(lldb_private::FileSpec&,
lldb_private::ExecutionContext*, lldb_private::CommandInterpreterRunOptions&,
lldb_private::CommandReturnObject&) at CommandInterpreter.cpp:2455
    frame #34: 0x00007ffff5729ee1
liblldb.so.5`lldb_private::CommandInterpreter::HandleCommandsFromFile(this=0x0000555555809280,
cmd_file=<unavailable>, context=<unavailable>, options=<unavailable>,
result=0x00007fffffffe330)
    frame #35: 0x00007ffff5bec6f0
liblldb.so.5`CommandObjectCommandsSource::DoExecute(this=0x0000555555817930,
command=<unavailable>, result=0x00007fffffffe330) at
CommandObjectCommands.cpp:337
    frame #36: 0x00007ffff573b432
liblldb.so.5`lldb_private::CommandObjectParsed::Execute(this=0x0000555555817930,
args_string=<unavailable>, result=0x00007fffffffe330) at CommandObject.cpp:991
    frame #37: 0x00007ffff573488e
liblldb.so.5`lldb_private::CommandInterpreter::HandleCommand(this=<unavailable>,
command_line=<unavailable>, lazy_add_to_history=<unavailable>,
result=0x00007fffffffe330, override_context=0x0000000000000000,
repeat_on_empty_command=<unavailable>, no_context_switching=false) at
CommandInterpreter.cpp:1677
    frame #38: 0x00007ffff5735f3f
liblldb.so.5`lldb_private::CommandInterpreter::IOHandlerInputComplete(this=0x0000555555809280,
io_handler=0x0000555555912c80, line="command source -s 0
'/tmp/tmp.hDQ9pXP1uT'") at CommandInterpreter.cpp:2704
    frame #39: 0x00007ffff5648349
liblldb.so.5`lldb_private::IOHandlerEditline::Run(this=0x0000555555912c80) at
IOHandler.cpp:573
    frame #40: 0x00007ffff561b28d
liblldb.so.5`lldb_private::Debugger::ExecuteIOHandlers(this=0x0000555555807bb0)
at Debugger.cpp:961
    frame #41: 0x00007ffff572910e
liblldb.so.5`lldb_private::CommandInterpreter::RunCommandInterpreter(this=0x0000555555809280,
auto_handle_events=<unavailable>, spawn_thread=<unavailable>,
options=<unavailable>) at CommandInterpreter.cpp:2901
    frame #42: 0x00007ffff54afc32
liblldb.so.5`lldb::SBDebugger::RunCommandInterpreter(this=<unavailable>,
auto_handle_events=<unavailable>, spawn_thread=<unavailable>,
options=<unavailable>, num_errors=0x00007fffffffe63c,
quit_requested=0x00007fffffffe638, stopped_for_crash=0x00007fffffffe639) at
SBDebugger.cpp:827
    frame #43: 0x00005555555589dd
lldb`Driver::MainLoop(this=0x00007fffffffe760) at Driver.cpp:1104
    frame #44: 0x0000555555557322 lldb`main(argc=4, argv=0x00007fffffffe9d8) at
Driver.cpp:1253
    frame #45: 0x00007ffff49bef4a libc.so.6`__libc_start_main + 234
    frame #46: 0x000055555555738a lldb`_start + 42
  thread #2, name = 'lldb'
    frame #0: 0x00007ffff7bc73bd libpthread.so.0`__pthread_cond_wait + 509
    frame #1: 0x00007ffff4e085bd
libstdc++.so.6`std::condition_variable::wait(std::unique_lock<std::mutex>&)
[inlined] __gthread_cond_wait(__mutex=<unavailable>, __cond=<unavailable>) at
gthr-default.h:864
    frame #2: 0x00007ffff4e085b4
libstdc++.so.6`std::condition_variable::wait(this=<unavailable>,
__lock=<unavailable>) at condition_variable.cc:53
    frame #3: 0x00007ffff5657526
liblldb.so.5`lldb_private::Listener::GetEventInternal(this=0x0000555555809140,
timeout=0x00007fffebf9ae10, broadcaster=0x0000000000000000,
broadcaster_names=0x0000000000000000, num_broadcaster_names=0,
event_type_mask=0, event_sp=nullptr) at Listener.cpp:368
    frame #4: 0x00007ffff565772b
liblldb.so.5`lldb_private::Listener::GetEvent(this=<unavailable>,
event_sp=<unavailable>, timeout=<unavailable>) at Listener.cpp:405
    frame #5: 0x00007ffff5622489
liblldb.so.5`lldb_private::Debugger::DefaultEventHandler(this=0x0000555555807bb0)
at Debugger.cpp:1593
    frame #6: 0x00007ffff5622afa
liblldb.so.5`lldb_private::Debugger::EventHandlerThread(arg=<unavailable>) at
Debugger.cpp:1646
    frame #7: 0x00007ffff5717c2c
liblldb.so.5`lldb_private::HostNativeThreadBase::ThreadCreateTrampoline(arg=0x0000555555912f60)
at HostNativeThreadBase.cpp:66
    frame #8: 0x00007ffff7bc108c libpthread.so.0`start_thread + 220
    frame #9: 0x00007ffff4a93e7f libc.so.6`__GI___clone + 63
  thread #3, name = 'lldb'
    frame #0: 0x00007ffff7bc73bd libpthread.so.0`__pthread_cond_wait + 509
    frame #1: 0x00007ffff4e085bd
libstdc++.so.6`std::condition_variable::wait(std::unique_lock<std::mutex>&)
[inlined] __gthread_cond_wait(__mutex=<unavailable>, __cond=<unavailable>) at
gthr-default.h:864
    frame #2: 0x00007ffff4e085b4
libstdc++.so.6`std::condition_variable::wait(this=<unavailable>,
__lock=<unavailable>) at condition_variable.cc:53
    frame #3: 0x00007ffff5657526
liblldb.so.5`lldb_private::Listener::GetEventInternal(this=0x0000555555941b60,
timeout=0x00007fffeb799df0, broadcaster=0x0000000000000000,
broadcaster_names=0x0000000000000000, num_broadcaster_names=0,
event_type_mask=0, event_sp=nullptr) at Listener.cpp:368
    frame #4: 0x00007ffff565772b
liblldb.so.5`lldb_private::Listener::GetEvent(this=<unavailable>,
event_sp=<unavailable>, timeout=<unavailable>) at Listener.cpp:405
    frame #5: 0x00007ffff5aabfdf
liblldb.so.5`lldb_private::process_gdb_remote::ProcessGDBRemote::AsyncThread(arg=0x000055555591fc20)
at ProcessGDBRemote.cpp:3565
    frame #6: 0x00007ffff5717c2c
liblldb.so.5`lldb_private::HostNativeThreadBase::ThreadCreateTrampoline(arg=0x0000555555945340)
at HostNativeThreadBase.cpp:66
    frame #7: 0x00007ffff7bc108c libpthread.so.0`start_thread + 220
    frame #8: 0x00007ffff4a93e7f libc.so.6`__GI___clone + 63
  thread #4, name = 'lldb'
    frame #0: 0x00007ffff7bc73bd libpthread.so.0`__pthread_cond_wait + 509
    frame #1: 0x00007ffff4e085bd
libstdc++.so.6`std::condition_variable::wait(std::unique_lock<std::mutex>&)
[inlined] __gthread_cond_wait(__mutex=<unavailable>, __cond=<unavailable>) at
gthr-default.h:864
    frame #2: 0x00007ffff4e085b4
libstdc++.so.6`std::condition_variable::wait(this=<unavailable>,
__lock=<unavailable>) at condition_variable.cc:53
    frame #3: 0x00007ffff5657526
liblldb.so.5`lldb_private::Listener::GetEventInternal(this=0x0000555555938a90,
timeout=0x00007fffeaf98df0, broadcaster=0x0000000000000000,
broadcaster_names=0x0000000000000000, num_broadcaster_names=0,
event_type_mask=0, event_sp=nullptr) at Listener.cpp:368
    frame #4: 0x00007ffff565772b
liblldb.so.5`lldb_private::Listener::GetEvent(this=<unavailable>,
event_sp=<unavailable>, timeout=<unavailable>) at Listener.cpp:405
    frame #5: 0x00007ffff57fd9cd
liblldb.so.5`lldb_private::Process::GetEventsPrivate(this=0x000055555591fc20,
event_sp=nullptr, timeout=0x00007fffeaf98df0, control_only=<unavailable>) at
Process.cpp:1334
    frame #6: 0x00007ffff581122c
liblldb.so.5`lldb_private::Process::RunPrivateStateThread(this=0x000055555591fc20,
is_secondary_thread=<unavailable>) at Process.cpp:4007
    frame #7: 0x00007ffff5811736
liblldb.so.5`lldb_private::Process::PrivateStateThread(arg=0x0000555555967390)
at Process.cpp:3991
    frame #8: 0x00007ffff5717c2c
liblldb.so.5`lldb_private::HostNativeThreadBase::ThreadCreateTrampoline(arg=0x00005555559672d0)
at HostNativeThreadBase.cpp:66
    frame #9: 0x00007ffff7bc108c libpthread.so.0`start_thread + 220
    frame #10: 0x00007ffff4a93e7f libc.so.6`__GI___clone + 63

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/lldb-dev/attachments/20180226/3e6ff38b/attachment-0001.html>


More information about the lldb-dev mailing list