Today, we’ll look at a crash that occurred when trying to erase an element from a std::set.
The Case of the Crash When Trying to Erase an Element from a std::set
by Raymond Chen
From the article:
rax=000001f565bc046e rbx=000001f589b20340 rcx=000001f565bc046e rdx=000000e6658feca8 rsi=000001f589b20690 rdi=000001f589b203c0 rip=00007ffdd4726bc4 rsp=000000e6658fec30 rbp=0000388a1713ab55 r8=000001f589b895d0 r9=000001f589b895d0 r10=000001f589000140 r11=0000000000000000 r12=0000000000000001 r13=000000007ffe0385 r14=0000000000000000 r15=000001f589b8f900 LitWare!std::_Tree<std::_Tset_traits<WidgetWatcher *, std::less<WidgetWatcher *>, std::allocator<WidgetWatcher *>,0> >::_Eqrange+0x14 [inlined in LitWare!std::_Tree<std::_Tset_traits< WidgetWatcher *,std::less<WidgetWatcher *>, std::allocator<WidgetWatcher *>,0> >::erase+0x18]: 00007ffd`d4726bc4 cmp byte ptr [rax+19h],r11b ds:000001f5`65bc0487=??The stack trace has some information about how we got here.
LitWare!std::_Tree<std::_Tset_traits<Widget *, std::less<Widget *>, std::allocator<Widget *>,0> >::_Eqrange+0x14 LitWare!std::_Tree<std::_Tset_traits<Widget *, std::less<Widget *>, std::allocator<Widget *>,0> >::erase+0x18 LitWare!Widget::~Widget+0xc8 LitWare!Widget::`scalar deleting destructor'+0x14 LitWare!DestroyWidget+0x15 Fabrikam!Doodad::~Doodad+0x75 Fabrikam!Doodad::`scalar deleting destructor'+0x14 Fabrikam!Doodad::Release+0x40 Contoso!Gadget::~Gadget+0x66 ucrtbase!<lambda_⟦...⟧>::operator()+0xa5 ucrtbase!__crt_seh_guarded_call<int>::operator()<⟦...⟧>+0x3b ucrtbase!__acrt_lock_and_call+0x1c ucrtbase!_execute_onexit_table+0x3d Contoso!dllmain_crt_process_detach+0x45 Contoso!dllmain_dispatch+0xe6 ntdll!LdrpCallInitRoutine+0xb0 ntdll!LdrShutdownProcess+0x260 ntdll!RtlExitUserProcess+0x114 kernel32!FatalExit+0xb ucrtbased!exit_or_terminate_process+0x3a ucrtbased!common_exit+0x85 ucrtbased!exit+0x16
Add a Comment
Comments are closed.