[llvm-bugs] [Bug 52449] New: LLDB crashes on expression evaluation
via llvm-bugs
llvm-bugs at lists.llvm.org
Tue Nov 9 08:40:53 PST 2021
https://bugs.llvm.org/show_bug.cgi?id=52449
Bug ID: 52449
Summary: LLDB crashes on expression evaluation
Product: lldb
Version: 13.0
Hardware: PC
OS: Linux
Status: NEW
Severity: enhancement
Priority: P
Component: All Bugs
Assignee: lldb-dev at lists.llvm.org
Reporter: weratt at gmail.com
CC: jdevlieghere at apple.com, llvm-bugs at lists.llvm.org,
teemperor at gmail.com
The following code reliably crashes LLDB (built in Debug to trigger the
assertion):
```
> cat main.cc
struct Foo { static int Bar; };
int Foo::Bar = 10;
int main() { return 0; }
> lldb ./main -o "p (int*)100 + (long long)(&Foo::Bar)"
Assertion failed: isa<X>(Val) && "cast<Ty>() argument of incompatible type!",
file D:\src\llvm-project\build_x64_debug\include\llvm/Support/Casting.h, line
269
PLEASE submit a bug report to https://bugs.llvm.org/ and include the crash
backtrace.
Stack dump:
0. Program arguments: D:\src\llvm-project\build_x64_debug\bin\lldb.exe
.\bug.exe -o p (int*)100 + (long long)(&Foo::Bar)
#0 0x00007ff76373ebfc HandleAbort
D:\src\llvm-project\llvm\lib\Support\Windows\Signals.inc:408:0
#1 0x00007ffd8352bc31 (C:\Windows\SYSTEM32\ucrtbased.dll+0x6bc31)
#2 0x00007ffd8352d889 (C:\Windows\SYSTEM32\ucrtbased.dll+0x6d889)
#3 0x00007ffd835334b5 (C:\Windows\SYSTEM32\ucrtbased.dll+0x734b5)
#4 0x00007ffd83533027 (C:\Windows\SYSTEM32\ucrtbased.dll+0x73027)
#5 0x00007ffd83531091 (C:\Windows\SYSTEM32\ucrtbased.dll+0x71091)
#6 0x00007ffd83533a1f (C:\Windows\SYSTEM32\ucrtbased.dll+0x73a1f)
#7 0x00007ffd27957cf1 llvm::cast<class llvm::ConstantInt, class
llvm::Value>(class llvm::Value *)
D:\src\llvm-project\build_x64_debug\include\llvm\Support\Casting.h:269:0
#8 0x00007ffd2d42dbe0 llvm::DataLayout::getIndexedOffsetInType(class
llvm::Type *, class llvm::ArrayRef<class llvm::Value *>) const
D:\src\llvm-project\llvm\lib\IR\DataLayout.cpp:846:0
#9 0x00007ffd261b2d89 InterpreterStackFrame::ResolveConstantValue(class
llvm::APInt &, class llvm::Constant const *)
D:\src\llvm-project\lldb\source\Expression\IRInterpreter.cpp:289:0
#10 0x00007ffd2da23416 InterpreterStackFrame::ResolveConstant(unsigned __int64,
class llvm::Constant const *)
D:\src\llvm-project\lldb\source\Expression\IRInterpreter.cpp:345:0
#11 0x00007ffd2da23e64 InterpreterStackFrame::ResolveValue(class llvm::Value
const *, class llvm::Module &)
D:\src\llvm-project\lldb\source\Expression\IRInterpreter.cpp:422:0
#12 0x00007ffd2da1c439 IRInterpreter::Interpret(class llvm::Module &, class
llvm::Function &, class llvm::ArrayRef<unsigned __int64>, class
lldb_private::IRExecutionUnit &, class lldb_private::Status &, unsigned
__int64, unsigned __int64, class lldb_private::ExecutionContext &)
D:\src\llvm-project\lldb\source\Expression\IRInterpreter.cpp:1276:0
#13 0x00007ffd2da030e8 lldb_private::LLVMUserExpression::DoExecute(class
lldb_private::DiagnosticManager &, class lldb_private::ExecutionContext &,
class lldb_private::EvaluateExpressionOptions const &, class
std::shared_ptr<class lldb_private::UserExpression> &, class
std::shared_ptr<class lldb_private::ExpressionVariable> &)
D:\src\llvm-project\lldb\source\Expression\LLVMUserExpression.cpp:123:0
#14 0x00007ffd26cb5ad4 lldb_private::UserExpression::Execute(class
lldb_private::DiagnosticManager &, class lldb_private::ExecutionContext &,
class lldb_private::EvaluateExpressionOptions const &, class
std::shared_ptr<class lldb_private::UserExpression> &, class
std::shared_ptr<class lldb_private::ExpressionVariable> &)
D:\src\llvm-project\lldb\source\Expression\UserExpression.cpp:397:0
#15 0x00007ffd26cb6e16 lldb_private::UserExpression::Evaluate(class
lldb_private::ExecutionContext &, class lldb_private::EvaluateExpressionOptions
const &, class llvm::StringRef, class llvm::StringRef, class
std::shared_ptr<class lldb_private::ValueObject> &, class lldb_private::Status
&, class std::basic_string<char, struct std::char_traits<char>, class
std::allocator<char>> *, class lldb_private::ValueObject *)
D:\src\llvm-project\lldb\source\Expression\UserExpression.cpp:344:0
#16 0x00007ffd26eb1537 lldb_private::Target::EvaluateExpression(class
llvm::StringRef, class lldb_private::ExecutionContextScope *, class
std::shared_ptr<class lldb_private::ValueObject> &, class
lldb_private::EvaluateExpressionOptions const &, class std::basic_string<char,
struct std::char_traits<char>, class std::allocator<char>> *, class
lldb_private::ValueObject *)
D:\src\llvm-project\lldb\source\Target\Target.cpp:2416:0
#17 0x00007ffd28779104
lldb_private::CommandObjectExpression::EvaluateExpression(class
llvm::StringRef, class lldb_private::Stream &, class lldb_private::Stream &,
class lldb_private::CommandReturnObject &)
D:\src\llvm-project\lldb\source\Commands\CommandObjectExpression.cpp:424:0
#18 0x00007ffd28778aa6 lldb_private::CommandObjectExpression::DoExecute(class
llvm::StringRef, class lldb_private::CommandReturnObject &)
D:\src\llvm-project\lldb\source\Commands\CommandObjectExpression.cpp:653:0
#19 0x00007ffd26d2c271 lldb_private::CommandObjectRaw::Execute(char const *,
class lldb_private::CommandReturnObject &)
D:\src\llvm-project\lldb\source\Interpreter\CommandObject.cpp:1015:0
#20 0x00007ffd26d35a41 lldb_private::CommandInterpreter::HandleCommand(char
const *, enum lldb_private::LazyBool, class lldb_private::CommandReturnObject
&, class lldb_private::ExecutionContext *, bool, bool)
D:\src\llvm-project\lldb\source\Interpreter\CommandInterpreter.cpp:1797:0
#21 0x00007ffd26d42085
lldb_private::CommandInterpreter::IOHandlerInputComplete(class
lldb_private::IOHandler &, class std::basic_string<char, struct
std::char_traits<char>, class std::allocator<char>> &)
D:\src\llvm-project\lldb\source\Interpreter\CommandInterpreter.cpp:2800:0
#22 0x00007ffd26c450e2 lldb_private::IOHandlerEditline::Run(void)
D:\src\llvm-project\lldb\source\Core\IOHandler.cpp:559:0
#23 0x00007ffd26b3b7aa lldb_private::Debugger::RunIOHandlers(void)
D:\src\llvm-project\lldb\source\Core\Debugger.cpp:948:0
#24 0x00007ffd26d41118
lldb_private::CommandInterpreter::RunCommandInterpreter(class
lldb_private::CommandInterpreterRunOptions &)
D:\src\llvm-project\lldb\source\Interpreter\CommandInterpreter.cpp:2986:0
#25 0x00007ffd26346023 lldb::SBDebugger::RunCommandInterpreter(class
lldb::SBCommandInterpreterRunOptions const &)
D:\src\llvm-project\lldb\source\API\SBDebugger.cpp:1210:0
#26 0x00007ff7636ee638 Driver::MainLoop(void)
D:\src\llvm-project\lldb\tools\driver\Driver.cpp:543:0
#27 0x00007ff7636f10c2 main
D:\src\llvm-project\lldb\tools\driver\Driver.cpp:839:0
#28 0x00007ff763888859 invoke_main
d:\a01\_work\14\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl:79:0
#29 0x00007ff76388873e __scrt_common_main_seh
d:\a01\_work\14\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl:288:0
#30 0x00007ff7638885fe __scrt_common_main
d:\a01\_work\14\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl:331:0
#31 0x00007ff7638888ee mainCRTStartup
d:\a01\_work\14\s\src\vctools\crt\vcstartup\src\startup\exe_main.cpp:17:0
#32 0x00007ffde9f37c24 (C:\Windows\System32\KERNEL32.DLL+0x17c24)
#33 0x00007ffdeb7ad721 (C:\Windows\SYSTEM32\ntdll.dll+0x6d721)
```
(the backtrace is from Windows, but on Linux it's the same)
```
lldb version 14.0.0 (https://github.com/llvm/llvm-project.git revision
d89490db70ebc6438db507a20ac9558e822f1453)
clang revision d89490db70ebc6438db507a20ac9558e822f1453
llvm revision d89490db70ebc6438db507a20ac9558e822f1453
```
Full log of LLDB's expression evaluation in Release --
https://pastebin.com/a3V9n7bU
The problems seems to be that `InterpreterStackFrame::ResolveConstantValue`
assumes all operands of `GetElementPtr` are `ConstantInt`, which is not always
the case --
https://github.com/llvm/llvm-project/blob/baa6a851308dceca141a191847bc6e1a526eea17/lldb/source/Expression/IRInterpreter.cpp#L290
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20211109/4f69fdbe/attachment-0001.html>
More information about the llvm-bugs
mailing list