diff mbox

gdb: Remove check for gdb_stderr == NULL

Message ID 20170908105429.26563-1-andrew.burgess@embecosm.com
State New, archived
Headers

Commit Message

Andrew Burgess Sept. 8, 2017, 10:54 a.m. UTC 
  Recent changes made gdb_stderr a macro:

  #define gdb_stderr (*current_ui_gdb_stderr_ptr ())

and current_ui_gdb_stderr_ptr return this:

   &current_ui->m_gdb_stderr

The problem is that this is undefined if current_ui is NULL, which can
happen early on during gdb start up.

If we run into an error during early gdb start up then we write the
error message to gdb_stderr.  However, if we are too early during the
start up then current_ui is NULL, and using the gdb_stderr macro
triggers undefined behaviour.

We try to avoid this using a check 'gdb_stderr == NULL' which was fine
before the recent changes, but now, still triggers undefined behaviour.

A better check is instead 'current_ui == NULL' which is what I use in
this patch.

Triggering this failure is pretty hard, most of the really early errors
are only triggered if pretty basic things are not as expected, for
example, if the default signal handlers are not as expected.  Seeing one
of these errors trigger usually means that someone working on gdb has
made an incorrect change.  Still, the errors are present in gdb, and
should we ever trigger one it would be nice if gdb didn't crash.

For testing this change I've been applying this patch which adds an
unconditional error into a function called early during gdb start up.
Later in the same function is a real error call which, in some
circumstances could be triggered:

  ## START ##
  diff --git a/gdb/common/signals-state-save-restore.c b/gdb/common/signals-state-save-restore.c
  index d11a9ae006c..d75ba70f894 100644
  --- a/gdb/common/signals-state-save-restore.c
  +++ b/gdb/common/signals-state-save-restore.c
  @@ -37,6 +37,9 @@ static sigset_t original_signal_mask;
   void
   save_original_signals_state (void)
   {
  +
  +  internal_error (__FILE__, __LINE__, "example error");
  +
   #ifdef HAVE_SIGACTION
     int i;
     int res;
  ## END ##

gdb/ChangeLog:

	* utils.c (abort_with_message): Don't compare gdb_stderr to NULL,
	check current_ui instead.
	(internal_vproblem): Likewise.
---
 gdb/ChangeLog | 6 ++++++
 gdb/utils.c   | 4 ++--
 2 files changed, 8 insertions(+), 2 deletions(-)

Comments

Simon Marchi Sept. 9, 2017, 6:57 p.m. UTC | #1 
On 2017-09-08 12:54, Andrew Burgess wrote:
> Recent changes made gdb_stderr a macro:
> 
>   #define gdb_stderr (*current_ui_gdb_stderr_ptr ())
> 
> and current_ui_gdb_stderr_ptr return this:
> 
>    &current_ui->m_gdb_stderr
> 
> The problem is that this is undefined if current_ui is NULL, which can
> happen early on during gdb start up.
> 
> If we run into an error during early gdb start up then we write the
> error message to gdb_stderr.  However, if we are too early during the
> start up then current_ui is NULL, and using the gdb_stderr macro
> triggers undefined behaviour.
> 
> We try to avoid this using a check 'gdb_stderr == NULL' which was fine
> before the recent changes, but now, still triggers undefined behaviour.
> 
> A better check is instead 'current_ui == NULL' which is what I use in
> this patch.
> 
> Triggering this failure is pretty hard, most of the really early errors
> are only triggered if pretty basic things are not as expected, for
> example, if the default signal handlers are not as expected.  Seeing 
> one
> of these errors trigger usually means that someone working on gdb has
> made an incorrect change.  Still, the errors are present in gdb, and
> should we ever trigger one it would be nice if gdb didn't crash.
> 
> For testing this change I've been applying this patch which adds an
> unconditional error into a function called early during gdb start up.
> Later in the same function is a real error call which, in some
> circumstances could be triggered:
> 
>   ## START ##
>   diff --git a/gdb/common/signals-state-save-restore.c
> b/gdb/common/signals-state-save-restore.c
>   index d11a9ae006c..d75ba70f894 100644
>   --- a/gdb/common/signals-state-save-restore.c
>   +++ b/gdb/common/signals-state-save-restore.c
>   @@ -37,6 +37,9 @@ static sigset_t original_signal_mask;
>    void
>    save_original_signals_state (void)
>    {
>   +
>   +  internal_error (__FILE__, __LINE__, "example error");
>   +
>    #ifdef HAVE_SIGACTION
>      int i;
>      int res;
>   ## END ##
> 
> gdb/ChangeLog:
> 
> 	* utils.c (abort_with_message): Don't compare gdb_stderr to NULL,
> 	check current_ui instead.
> 	(internal_vproblem): Likewise.
> ---
>  gdb/ChangeLog | 6 ++++++
>  gdb/utils.c   | 4 ++--
>  2 files changed, 8 insertions(+), 2 deletions(-)
> 
> diff --git a/gdb/utils.c b/gdb/utils.c
> index f2da2df60f5..1c2bb5b8db9 100644
> --- a/gdb/utils.c
> +++ b/gdb/utils.c
> @@ -335,7 +335,7 @@ error_stream (const string_file &stream)
>  static void ATTRIBUTE_NORETURN
>  abort_with_message (const char *msg)
>  {
> -  if (gdb_stderr == NULL)
> +  if (current_ui == NULL)
>      fputs (msg, stderr);
>    else
>      fputs_unfiltered (msg, gdb_stderr);
> @@ -497,7 +497,7 @@ internal_vproblem (struct internal_problem 
> *problem,
>    }
> 
>    /* Fall back to abort_with_message if gdb_stderr is not set up.  */
> -  if (gdb_stderr == NULL)
> +  if (current_ui == NULL)
>      {
>        fputs (reason, stderr);
>        abort_with_message ("\n");

LGTM.  I remember stumbling on this once, thanks for fixing it!

Simon
diff mbox

Patch

diff --git a/gdb/utils.c b/gdb/utils.c
index f2da2df60f5..1c2bb5b8db9 100644
--- a/gdb/utils.c
+++ b/gdb/utils.c
@@ -335,7 +335,7 @@  error_stream (const string_file &stream)
 static void ATTRIBUTE_NORETURN
 abort_with_message (const char *msg)
 {
-  if (gdb_stderr == NULL)
+  if (current_ui == NULL)
     fputs (msg, stderr);
   else
     fputs_unfiltered (msg, gdb_stderr);
@@ -497,7 +497,7 @@  internal_vproblem (struct internal_problem *problem,
   }
 
   /* Fall back to abort_with_message if gdb_stderr is not set up.  */
-  if (gdb_stderr == NULL)
+  if (current_ui == NULL)
     {
       fputs (reason, stderr);
       abort_with_message ("\n");