From patchwork Fri Apr 26 21:34:50 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Philippe Waroquiers X-Patchwork-Id: 32435 Received: (qmail 72787 invoked by alias); 26 Apr 2019 21:35:01 -0000 Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org Delivered-To: mailing list gdb-patches@sourceware.org Received: (qmail 72779 invoked by uid 89); 26 Apr 2019 21:35:01 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-24.5 required=5.0 tests=AWL, BAYES_00, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, RCVD_IN_DNSWL_LOW, SPF_PASS autolearn=ham version=3.3.1 spammy=driven, debugged, unwinding, 556 X-HELO: mailsec108.isp.belgacom.be Received: from mailsec108.isp.belgacom.be (HELO mailsec108.isp.belgacom.be) (195.238.20.104) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Fri, 26 Apr 2019 21:34:58 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=skynet.be; i=@skynet.be; q=dns/txt; s=securemail; t=1556314498; x=1587850498; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=9VaPO+sY7+QiH4n81jP/L4erT2BhiNhA4o25TGbG5S0=; b=cX3IsrKFJjM2zDwGcpZ3LPhS9uaHXjFADb7db/e+0ZlPVMVG/ZXiPTjJ kgofFwG77VjN11UuFJynUYCPTigGeg==; Received: from 59.151-129-109.adsl-dyn.isp.belgacom.be (HELO md.home) ([109.129.151.59]) by relay.skynet.be with ESMTP/TLS/DHE-RSA-AES128-GCM-SHA256; 26 Apr 2019 23:34:56 +0200 From: Philippe Waroquiers To: gdb-patches@sourceware.org Cc: Philippe Waroquiers Subject: [RFAv2] Implement show | set may-call-functions [on|off] Date: Fri, 26 Apr 2019 23:34:50 +0200 Message-Id: <20190426213450.22345-1-philippe.waroquiers@skynet.be> MIME-Version: 1.0 X-IsSubscribed: yes Inferior function calls are powerful but might lead to undesired results such as crashes when calling nested functions (frequently used in particular in Ada). This implements a GDB setting to disable calling inferior functions. Note: the idea is that if/when the 'slash command' patch is pushed, that this setting can be changed e.g. by using the shortcut /c. This is version 2 of the patch. It handles all the received comments, mostly replace 'can-call' by 'may-call', and avoid using 'inferior function call' in factor of 'calling function in the program'. 2019-04-26 Philippe Waroquiers gdb/ChangeLog * NEWS: Mention the new set|show may-call-functions. * infcall.c (may_call_functions_p): New variable. (show_may_call_functions_p): New function. (call_function_by_hand_dummy): Throws an error if not may-call-functions. (_initialize_infcall): Call add_setshow_boolean_cmd for may-call-functions. gdb/testsuite/ChangeLog * gdb.base/callexit.exp: Test may-call-functions off. gdb/doc/ChangeLog * gdb.texinfo (Calling): Document the new set|show may-call-functions. --- gdb/NEWS | 12 ++++++++++++ gdb/doc/gdb.texinfo | 22 ++++++++++++++++++++++ gdb/infcall.c | 26 ++++++++++++++++++++++++++ gdb/testsuite/gdb.base/callexit.exp | 7 +++++++ 4 files changed, 67 insertions(+) diff --git a/gdb/NEWS b/gdb/NEWS index 5309a8f923..bf6a655cd9 100644 --- a/gdb/NEWS +++ b/gdb/NEWS @@ -27,6 +27,18 @@ 'array_indexes', 'symbols', 'unions', 'deref_refs', 'actual_objects', 'static_members', 'max_elements', 'repeat_threshold', and 'format'. +* New commands + +set may-call-functions [on|off] +show may-call-functions + This controls whether GDB will attempt to call functions in + the program, such as with expressions in print command. It + defaults to on. Calling functions in the program being debugged + can have undesired side effects. It is now possible to forbid + such function calls. If function calls are forbidden, GDB will throw + an error when a command (such as print an expression) calls a function + in the program. + *** Changes in GDB 8.3 * GDB and GDBserver now support access to additional registers on diff --git a/gdb/doc/gdb.texinfo b/gdb/doc/gdb.texinfo index 0733e1acfd..2e4affd6c4 100644 --- a/gdb/doc/gdb.texinfo +++ b/gdb/doc/gdb.texinfo @@ -18693,6 +18693,28 @@ the default C@t{++} exception handler and the inferior terminated. Show the current setting of stack unwinding in the functions called by @value{GDBN}. +@item set may-call-functions +@kindex set may-call-functions +@cindex disabling calling functions in the program +@cindex calling functions in the program, disabling +Set permission to call functions in the program. +This controls whether @value{GDBN} will attempt to call functions in +the program, such as with expressions in @code{print}. It +defaults to @code{on}. + +To call a function in the program, @value{GDBN} has to temporarily +modify the state of the inferior. This has potentially undesired side +effects. Also, having @value{GDBN} call nested functions is likely to +be erroneous and may even crash the program being debugged. You can +avoid such hazards by forbidding @value{GDBN} from calling functions +in the program being debugged. If calling functions in the program +are forbidden, GDB will throw an error when a command (such as print +an expression) starts a function call in the program. + +@item show may-call-functions +@kindex show may-call-functions +Show permission to call functions in the program. + @end table @subsection Calling functions with no debug info diff --git a/gdb/infcall.c b/gdb/infcall.c index af60fdc56b..f99206c458 100644 --- a/gdb/infcall.c +++ b/gdb/infcall.c @@ -55,6 +55,17 @@ asynchronous inferior function call implementation, and that in turn means restructuring the code so that it is event driven. */ +static int may_call_functions_p = 1; +static void +show_may_call_functions_p (struct ui_file *file, int from_tty, + struct cmd_list_element *c, + const char *value) +{ + fprintf_filtered (file, + _("Permission to call functions in the program is %s.\n"), + value); +} + /* How you should pass arguments to a function depends on whether it was defined in K&R style or prototype style. If you define a function using the K&R syntax that takes a `float' argument, then @@ -708,6 +719,10 @@ call_function_by_hand_dummy (struct value *function, struct gdb_exception e; char name_buf[RAW_FUNCTION_ADDRESS_SIZE]; + if (!may_call_functions_p) + error (_("Cannot call functions in the program: " + "may-call-functions is off.")); + if (!target_has_execution) noprocess (); @@ -1359,6 +1374,17 @@ When the function is done executing, GDB will silently stop."), void _initialize_infcall (void) { + add_setshow_boolean_cmd ("may-call-functions", no_class, + &may_call_functions_p, _("\ +Set permission to call functions in the program."), _("\ +Show permission to call functions in the program."), _("\ +When this permission is on, GDB may call functions in the program.\n\ +Otherwise, any sort of attempt to call a function in the program\n\ +will result in an error."), + NULL, + show_may_call_functions_p, + &setlist, &showlist); + add_setshow_boolean_cmd ("coerce-float-to-double", class_obscure, &coerce_float_to_double_p, _("\ Set coercion of floats to doubles when calling functions."), _("\ diff --git a/gdb/testsuite/gdb.base/callexit.exp b/gdb/testsuite/gdb.base/callexit.exp index b6d9ae3f87..9a32d3d54a 100644 --- a/gdb/testsuite/gdb.base/callexit.exp +++ b/gdb/testsuite/gdb.base/callexit.exp @@ -37,6 +37,13 @@ if { ![runto_main] } { return 0 } +# Verify set may-call-functions behaviour. +gdb_test_no_output "set may-call-functions off" +gdb_test "call callexit()" \ + "Cannot call functions in the program: may-call-functions is off." \ + "inferior function call refused in off state" +gdb_test_no_output "set may-call-functions on" + # Call function (causing the program to exit), and see if gdb handles # it properly. gdb_test "call callexit()" \