This is the mail archive of the gdb-patches@sourceware.org mailing list for the GDB project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [RFA] Implement show | set can-call-inferior-functions [on|off]

From: Pedro Alves <palves at redhat dot com>
To: Philippe Waroquiers <philippe dot waroquiers at skynet dot be>, gdb-patches at sourceware dot org
Date: Thu, 25 Apr 2019 18:16:55 +0100
Subject: Re: [RFA] Implement show | set can-call-inferior-functions [on|off]
References: <20190423215826.9936-1-philippe.waroquiers@skynet.be>

Hi Philippe,

On 4/23/19 10:58 PM, Philippe Waroquiers wrote:

> +* New commands
> +
> +set can-call-inferior-functions [on|off]
> +show can-call-inferior-functions
> +  Control whether GDB is allowed to do inferior function calls.
> +  Inferior function calls are e.g. needed to evaluate and print
> +  some expressions.  Such inferior function calls can have undesired
> +  side effects.  It is now possible to forbid such inferior function
> +  calls.
> +  By default, GDB is allowed to do inferior function calls.
> +

GDB already has a set of knobs that prevent the user from doing
something that might not be safe or desirable:

 (gdb) set may-[TAB]
 may-insert-breakpoints       may-insert-tracepoints       may-write-memory             
 may-insert-fast-tracepoints  may-interrupt                may-write-registers          

See the "Observer Mode" node in the manual.

I think it'd make sense to call this new knob "may-xxx" too, so it shows
up alongside those above.  It's also more correct in the strict
English sense -- "can" denotes capability, while "may" denotes
permission, and here we're talking about permission, not some target
backend capability.

> diff --git a/gdb/testsuite/gdb.base/callexit.exp b/gdb/testsuite/gdb.base/callexit.exp
> index b6d9ae3f87..ac93125eb4 100644
> --- a/gdb/testsuite/gdb.base/callexit.exp
> +++ b/gdb/testsuite/gdb.base/callexit.exp
> @@ -37,6 +37,13 @@ if { ![runto_main] } {
>      return 0
>  }
>  
> +# Verify set can-call-inferior-functions behaviour.
> +gdb_test_no_output "set can-call-inferior-functions off"
> +gdb_test "call callexit()" \
> +    "Cannot call inferior function: can-call-inferior-functions is off." \
> +    "Inferior function call refused in off state"

Lowercase "Inferior".

On 4/23/19 10:58 PM, Philippe Waroquiers wrote:
> +@item set can-call-inferior-functions
> +@kindex set can-call-inferior-functions
> +@cindex disabling inferior function calls.
> +Set debugger's willingness to call inferior functions.

I think talking about "willingness" here is a bit weird.

I can tell that this was copied from "set can-use-hw-watchpoints".
In that case, if GDB is not willing to use HW watchpoints, it'll
still support watchpoints, it's just that they'll be slower.
"set can-use-hw-watchpoints" exists to inform GDB about
the target's actual capability wrt to hardware watchpoints
("can" vs "may").

This case is different.  It's about whether GDB allows
the _user_ to call functions.

I think modeling this on e.g., "set may-write-memory"'s documentation
would be better.  E.g.,:

This controls whether @value{GDBN} will attempt to call functions in
the program, such as with expressions in @code{print}.  It
defaults to @code{on}.

> +To call an inferior function, @value{GDBN} has to temporarily modify the state
> +of the inferior.  This has potentially undesired side effects.
> +Also, having @value{GDBN} calling nested functions is likely to be erroneous

"having @value{GDBN} call"

> +and may even crash the program being debugged.
> +You can avoid such hazards by forbidding  @value{GDBN} to do inferior

"forbidding @value{GDBN} from doing inferior ..."

> +functions calls.
> +The default is to allow inferior function calls.

I'm not really sure we should refer to infcalls as "inferior function calls"
in the manual.  Throughout, we tend to refer to those as "calling functions
in the program".  E.g.,:

~~~
@node Calling
@section Calling Program Functions
~~~

~~~
When you issue the @code{run} command, your program begins to execute
immediately.  @xref{Stopping, ,Stopping and Continuing}, for discussion
of how to arrange for your program to stop.  Once your program has
stopped, you may call functions in your program, using the @code{print}
or @code{call} commands.  @xref{Data, ,Examining Data}.
~~~

~~~
It is possible for the function you call via the @code{print} or
@code{call} command to generate a signal (e.g., if there's a bug in
~~~

~~~
@kindex dprintf-style call
Handle the output by calling a function in your program (normally
@code{printf}).
~~~

~~~
If you call a function interactively using @code{print} or @code{call},
~~~

So I'd rephrase the new texts throughout (docs, code, NEWS, error
output, etc.) in that vein.  E.g.:

"You can avoid such hazards by forbidding @value{GDBN} from calling
functions in the program being debugged."

I'd also drop the "inferior in the new knob, like:

 "set may-call-functions"

Thanks,
Pedro Alves

References:
- [RFA] Implement show | set can-call-inferior-functions [on|off]
  - From: Philippe Waroquiers

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]