[lldb-dev] Top of tree lldb crashes running target modules dump symfile twice
Ted Woodward via lldb-dev
lldb-dev at lists.llvm.org
Wed Jul 18 14:21:07 PDT 2018
I have a very simple testcase, from the libc++ tests. get_id.pass.cpp.
#include <thread>
#include <cassert>
int main()
{
std::thread::id id = std::this_thread::get_id();
std::thread::id id2 = std::thread::id();
assert(id != std::thread::id());
}
I built it with clang 3.8.0. I get the crash when I build it with g++ 4.8.4
as well.
% clang++ get_id.pass.cpp -o get_id.pass.cpp.exe -g -O0 -std=c++11
% lldb get_id.pass.cpp.exe
(lldb) b main
(lldb) run
(lldb) image dump symfile
<data>
(lldb) image dump symfile
Segmentation fault
Test was run on Ubuntu 14.04. The crash happens in TypeList::Dump
void TypeList::Dump(Stream *s, bool show_context) {
for (iterator pos = m_types.begin(), end = m_types.end(); pos != end;
++pos) {
pos->get()->Dump(s, show_context);
}
}
The call to Dump can change the vector, which makes the iterator invalid and
causes the crash when it's incremented. The change seems to happen in
SymbolFileDWARF::GetTypeForDIE.
The vector has a size of 8. Entries are:
"id"
"id"
"std::__1::__thread_id"
"std::__1::__thread_id"
"__thread_id"
"__thread_id"
"__libcpp_thread_id"
"__libcpp_thread_id"
The crash occurs when the 5th entry, the first "__thread_id", is dumped.
After the crash, the vector has 18 entries. The first 6 are the same as
before the Dump call that crashes.
--
Qualcomm Innovation Center, Inc.
The Qualcomm Innovation Center, Inc. is a member of Code Aurora Forum, a
Linux Foundation Collaborative Project
More information about the lldb-dev
mailing list