From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id 407153959C39; Wed, 27 May 2020 21:11:10 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 407153959C39 From: "mpratt at google dot com" To: gdb-prs@sourceware.org Subject: [Bug gdb/26056] New: SIGSEGV in tui_async_resize_screen -> rl_resize_terminal on SIGWINCH with non-tty stdin/stdout Date: Wed, 27 May 2020 21:11:10 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gdb X-Bugzilla-Component: gdb X-Bugzilla-Version: HEAD X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: mpratt at google dot com X-Bugzilla-Status: UNCONFIRMED X-Bugzilla-Resolution: X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: unassigned at sourceware dot org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter target_milestone Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://sourceware.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: gdb-prs@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gdb-prs mailing list List-Unsubscribe: , List-Archive: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2020 21:11:10 -0000 https://sourceware.org/bugzilla/show_bug.cgi?id=3D26056 Bug ID: 26056 Summary: SIGSEGV in tui_async_resize_screen -> rl_resize_terminal on SIGWINCH with non-tty stdin/stdout Product: gdb Version: HEAD Status: UNCONFIRMED Severity: normal Priority: P2 Component: gdb Assignee: unassigned at sourceware dot org Reporter: mpratt at google dot com Target Milestone: --- When GDB is run with stdin =3D=3D /dev/null and stdout/stderr =3D=3D pipe [= 1] and subsequently sent sent a SIGWINCH signal, it will crash with a SIGSEGV/SIGA= BRT (depending on version). At HEAD (specifically dcb5d41befce097d48875e744f57fe3209c61aab): $ gdb/gdb -nx -batch -ex 'run' --args sleep 60 &1 | cat=20=20= =20=20=20=20=20=20=20=20=20=20 Python Exception No module named gdb:=20=20 gdb/gdb: warning:=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20 Could not load the Python gdb module from `/usr/local/share/gdb/python'. Limited Python support is available from the _gdb module. Suggest passing --data-directory=3D/path/to/gdb/data-directory. zsh: abort gdb/gdb -nx -batch -ex 'run' --args sleep 60 < /dev/null 2>= &1 |=20 zsh: done cat=20 While running: $ pkill -WINCH gdb The crashing stack is: (gdb) bt #0 __GI_raise (sig=3Dsig@entry=3D6) at ../sysdeps/unix/sysv/linux/raise.c:= 50 #1 0x00007f3e39c4b55b in __GI_abort () at abort.c:79 #2 0x000055d51f121260 in handle_sigsegv (sig=3D11) at event-top.c:885 #3 #4 __GI___fileno (fp=3D0x0) at fileno.c:35 #5 0x000055d51f4964a0 in rl_resize_terminal () at terminal.c:368 #6 0x000055d51f44117b in tui_async_resize_screen (arg=3D) at tui/tui-win.c:541 #7 0x000055d51f171a02 in invoke_async_signal_handlers () at async-event.c:= 206 #8 0x000055d51f5581ae in gdb_do_one_event () at event-loop.cc:172 #9 0x000055d51f41ef9c in wait_sync_command_done () at top.c:526 #10 0x000055d51f41f435 in maybe_wait_sync_command_done (was_sync=3D0) at top.c:543 #11 execute_command (p=3D, p@entry=3D, from_tty=3D) at top.c:657 #12 0x000055d51f3042f0 in catch_command_errors (command=3D, arg=3D, from_tty=3D) at main.c:457 #13 0x000055d51f3058d9 in captured_main_1 (context=3D) at main.c:1219 #14 0x000055d51f30615b in captured_main (data=3D) at main.c:= 1269 #15 gdb_main (args=3D) at main.c:1269 #16 0x000055d51f13750c in main (argc=3D, argv=3D) at gdb.c:32 With my system GDB (Debian 8.3.1-1): $ gdb -nx -batch -ex 'run' --args sleep 60 &1 | cat=20=20=20=20 zsh: segmentation fault gdb -nx -batch -ex 'run' --args sleep 60 < /dev/nu= ll 2>&1 |=20 zsh: done cat The crashing stack is the same, there is just no SIGSEGV handler that translates the SIGSEGV to SIGABRT. I've seen this crash on HEAD, 8.3, 8.2, 8.1, and 7.12. This bug was discovered when investigating flaky GDB integration tests in t= he Go project: https://github.com/golang/go/issues/39021. Those tests use the = Go os/exec.Command.CombinedOutput() stdlib function (same Go code: https://github.com/golang/go/issues/39021#issuecomment-634919443). This function runs the subprocess with stdin set to /dev/null and stdout and std= err set to a pipe. As I understand it, the immediate problem is that rl_resize_terminal is expected to crash when rl_initialize has not been called. In some non-interactive cases (not sure of the exact behavior), GDB doesn't call rl_initialize because it is "unnecessary". Yet, it still installs the tui_async_resize_screen SIGWINCH handler, which unconditionally calls rl_resize_terminal. In addition to a fix, I've been looking for a good workaround to convince G= DB not to crash. [1] I believe a more common set of non-tty I/O will trigger this bug, but t= hese are the specific inputs I've used to reproduce the issue. --=20 You are receiving this mail because: You are on the CC list for the bug.=