public inbox for gdb-prs@sourceware.org
help / color / mirror / Atom feed
* [Bug gdb/26056] New: SIGSEGV in tui_async_resize_screen -> rl_resize_terminal on SIGWINCH with non-tty stdin/stdout
@ 2020-05-27 21:11 mpratt at google dot com
  2020-08-09 18:51 ` [Bug gdb/26056] " tromey at sourceware dot org
                   ` (6 more replies)
  0 siblings, 7 replies; 8+ messages in thread
From: mpratt at google dot com @ 2020-05-27 21:11 UTC (permalink / raw)
  To: gdb-prs

https://sourceware.org/bugzilla/show_bug.cgi?id=26056

            Bug ID: 26056
           Summary: SIGSEGV in tui_async_resize_screen ->
                    rl_resize_terminal on SIGWINCH with non-tty
                    stdin/stdout
           Product: gdb
           Version: HEAD
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: gdb
          Assignee: unassigned at sourceware dot org
          Reporter: mpratt at google dot com
  Target Milestone: ---

When GDB is run with stdin == /dev/null and stdout/stderr == pipe [1] and
subsequently sent sent a SIGWINCH signal, it will crash with a SIGSEGV/SIGABRT
(depending on version).

At HEAD (specifically dcb5d41befce097d48875e744f57fe3209c61aab):

$ gdb/gdb -nx -batch -ex 'run' --args sleep 60 </dev/null 2>&1 | cat            
Python Exception <type 'exceptions.ImportError'> No module named gdb:  
gdb/gdb: warning:                                                               
Could not load the Python gdb module from `/usr/local/share/gdb/python'.
Limited Python support is available from the _gdb module.
Suggest passing --data-directory=/path/to/gdb/data-directory.
zsh: abort      gdb/gdb -nx -batch -ex 'run' --args sleep 60 < /dev/null 2>&1 | 
zsh: done       cat 

While running:
$ pkill -WINCH gdb

The crashing stack is:

(gdb) bt
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1  0x00007f3e39c4b55b in __GI_abort () at abort.c:79
#2  0x000055d51f121260 in handle_sigsegv (sig=11) at event-top.c:885
#3  <signal handler called>
#4  __GI___fileno (fp=0x0) at fileno.c:35
#5  0x000055d51f4964a0 in rl_resize_terminal () at terminal.c:368
#6  0x000055d51f44117b in tui_async_resize_screen (arg=<optimized out>) at
tui/tui-win.c:541
#7  0x000055d51f171a02 in invoke_async_signal_handlers () at async-event.c:206
#8  0x000055d51f5581ae in gdb_do_one_event () at event-loop.cc:172
#9  0x000055d51f41ef9c in wait_sync_command_done () at top.c:526
#10 0x000055d51f41f435 in maybe_wait_sync_command_done (was_sync=0) at
top.c:543
#11 execute_command (p=<optimized out>, p@entry=<error reading variable: value
has been optimized out>, from_tty=<error reading variable: value has been
optimized out>) at top.c:657
#12 0x000055d51f3042f0 in catch_command_errors (command=<optimized out>,
arg=<optimized out>, from_tty=<optimized out>) at main.c:457
#13 0x000055d51f3058d9 in captured_main_1 (context=<optimized out>) at
main.c:1219
#14 0x000055d51f30615b in captured_main (data=<optimized out>) at main.c:1269
#15 gdb_main (args=<optimized out>) at main.c:1269
#16 0x000055d51f13750c in main (argc=<optimized out>, argv=<optimized out>) at
gdb.c:32

With my system GDB (Debian 8.3.1-1):

$ gdb -nx -batch -ex 'run' --args sleep 60 </dev/null 2>&1 | cat    
zsh: segmentation fault  gdb -nx -batch -ex 'run' --args sleep 60 < /dev/null
2>&1 | 
zsh: done                cat

The crashing stack is the same, there is just no SIGSEGV handler that
translates the SIGSEGV to SIGABRT.

I've seen this crash on HEAD, 8.3, 8.2, 8.1, and 7.12.

This bug was discovered when investigating flaky GDB integration tests in the
Go project: https://github.com/golang/go/issues/39021. Those tests use the Go
os/exec.Command.CombinedOutput() stdlib function (same Go code:
https://github.com/golang/go/issues/39021#issuecomment-634919443). This
function runs the subprocess with stdin set to /dev/null and stdout and stderr
set to a pipe.

As I understand it, the immediate problem is that rl_resize_terminal is
expected to crash when rl_initialize has not been called. In some
non-interactive cases (not sure of the exact behavior), GDB doesn't call
rl_initialize because it is "unnecessary". Yet, it still installs the
tui_async_resize_screen SIGWINCH handler, which unconditionally calls
rl_resize_terminal.

In addition to a fix, I've been looking for a good workaround to convince GDB
not to crash.

[1] I believe a more common set of non-tty I/O will trigger this bug, but these
are the specific inputs I've used to reproduce the issue.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

^ permalink raw reply	[flat|nested] 8+ messages in thread
end of thread, other threads:[~2021-12-17 22:12 UTC | newest]

Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-05-27 21:11 [Bug gdb/26056] New: SIGSEGV in tui_async_resize_screen -> rl_resize_terminal on SIGWINCH with non-tty stdin/stdout mpratt at google dot com
2020-08-09 18:51 ` [Bug gdb/26056] " tromey at sourceware dot org
2020-08-10 14:58 ` mpratt at google dot com
2021-02-10 10:28 ` anudeephomes247 at gmail dot com
2021-02-10 10:30 ` mark at klomp dot org
2021-05-20 12:15 ` tulzakasi at gmail dot com
2021-09-08  8:27 ` ashish.lumar2902 at gmail dot com
2021-12-17 22:12 ` lsix at lancelotsix dot com

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).