This is the mail archive of the binutils@sourceware.org mailing list for the binutils project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [Patch, moxie] Print 'bad' instructions in disassembly instead of aborting

From: Pedro Alves <palves at redhat dot com>
To: Hans-Peter Nilsson <hp at bitrange dot com>
Cc: Joel Brobecker <brobecker at adacore dot com>, Anthony Green <green at moxielogic dot com>, binutils at sourceware dot org
Date: Sat, 29 Sep 2012 08:33:35 +0100
Subject: Re: [Patch, moxie] Print 'bad' instructions in disassembly instead of aborting
References: <CACxje5_LP_+xoshUXDx-OtD9HDtwbuT+14MaRH6znaiUQUaF5w@mail.gmail.com> <5065C493.2090806@redhat.com> <20120928155027.GD4063@adacore.com> <alpine.BSF.2.00.1209281622500.14514@dair.pair.com> <50662FC2.7020305@redhat.com> <alpine.BSF.2.00.1209282030190.69701@dair.pair.com>

On 09/29/2012 01:54 AM, Hans-Peter Nilsson wrote:

> Thank you for the lecture...  But let's keep it real.
> 
> People (hacking bfd) add aborts all the time; I've given up on
> trying to lecture people myself as you do above. ;)  When they
> don't know what else to write, they can at least write
> BFD_ASSERT rather than abort now, with a standing chance of a
> cleanup happening instead of SIGSEGV or calling abort to avoid
> invalid output.

Well, thank you for the anti-lecture, but just because you've given
up, doesn't mean that others should.  ;-)

>>>> and GDB never had a chance to handle the situation
>>>> more gracefully.
>>>
>>> Have a look at bfd_assert in bfd.c.  GDB is one of those libbfd
>>> clients that would benefit from calling bfd_set_assert_handler
>>> (recently added, post binutils-2.22) with a handler function to
>>> do longjmp to error recovery of the current command or
>>> something.  See ld/ldmain.c for usage.
>>
>> Simply longjmp-ing (with no cleanup mechanism like gdb has)
> 
> I didn't mention it, as it was obviously implied that the code
> receiving the longjmp would do such cleanups.  It could do even
> do a graceful exit or suggest that the user exits, as the gdb
> state may be inconsistent.

That's certainly not what gdb wants.  Invalid input should never
end up with gdb wondering whether its state is inconsistent.  It's
bfd that should unwind all its local resources and reject the input,
_before_ returning control to the caller, through longjmp or normal
return.  Through longjmp isn't generally as simple as you make it
sound, as what needs unwinding might be a few frames up the stack
of what detected the error.  That's what gdb's "struct cleanup" mechanism
is for, btw, not for cleanup after the fact.

Anyway, I was writing to the broader audience, not you or anyone directly.
If you don't mention these principles explicitly, and suggest "should use
bfd_assert", that's all people get, not all those "implicit between the lines"
ideas.

Anyway, the points that matter have all come across I guess.

Thanks!

-- 
Pedro Alves

References:
- [Patch, moxie] Print 'bad' instructions in disassembly instead of aborting
  - From: Anthony Green
- Re: [Patch, moxie] Print 'bad' instructions in disassembly instead of aborting
  - From: Pedro Alves
- Re: [Patch, moxie] Print 'bad' instructions in disassembly instead of aborting
  - From: Joel Brobecker
- Re: [Patch, moxie] Print 'bad' instructions in disassembly instead of aborting
  - From: Hans-Peter Nilsson
- Re: [Patch, moxie] Print 'bad' instructions in disassembly instead of aborting
  - From: Pedro Alves
- Re: [Patch, moxie] Print 'bad' instructions in disassembly instead of aborting
  - From: Hans-Peter Nilsson

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]