Re: Change "set history size" back to signed (Re: [committed]: [PATCH 1/3] var_integer -> var_uinteger)

Mirror of the gdb-patches mailing list
 help / color / mirror / Atom feed

From: Yao Qi <yao@codesourcery.com>
To: Pedro Alves <palves@redhat.com>
Cc: <dje@google.com>, <gdb-patches@sourceware.org>
Subject: Re: Change "set history size" back to signed (Re: [committed]: [PATCH 1/3] var_integer -> var_uinteger)
Date: Tue, 26 Mar 2013 16:48:00 -0000	[thread overview]
Message-ID: <515176BB.4000702@codesourcery.com> (raw)
In-Reply-To: <5150A09D.3090202@redhat.com>

On 03/26/2013 03:08 AM, Pedro Alves wrote:
> I'd like to revert "set history size" back to signed.
> 
> http://sourceware.org/ml/gdb-patches/2012-08/msg00832.html
> 
> All the variables associated with the command are int,
> and they need to be, because that's how the readline interfaces
> are defined.
> 

Pedro,
I understand that your point of choosing signed command is readline
interface is signed.  However, my point of choosing unsigned command
is the characteristic of command "set history size" is unsigned.  I
don't know why readline interface is signed, but I don't want this
affect or restrict the design of the command.

> As it stands, this introduced signed/unsigned comparisons
> and undefined overflows, like in:
> 
> void
> show_commands (char *args, int from_tty)
> {
>    /* Index for history commands.  Relative to history_base.  */
>    int offset;
> ...
>    /* Print out some of the commands from the command history.  */
>    /* First determine the length of the history list.  */
>    hist_len = history_size;
>    for (offset = 0; offset < history_size; offset++)
>                     ^^^^^^^^^^^^^^^^^^^^^  ^^^^^^^^
>      {
>        if (!history_get (history_base + offset))
> ...
>      }
> 
> With history_size set to UINT_MAX, with a (very) large history,
> that will overflow the signed "offset".  Making "offset" itself
> unsigned is useless, as then we'd overflow on the call to
> history_get.

The potential overflow needs to be fixed.  I prefer to change "offset"
to unsigned, and check the range when passing "history_base + offset"
to history_get.  Change everything to signed still has the risk of
overflow in "history_get (history_base + offset)".

> 
> The fact that all the code that uses these interfaces and
> variables is "signed", and that "history_size" ends up trimmed
> to INT_MAX anyway:
> 
> /* Called by do_setshow_command.  */
> static void
> set_history_size_command (char *args, int from_tty, struct cmd_list_element *c)
> {
>    /* The type of parameter in stifle_history is int, so values from INT_MAX up
>       mean 'unlimited'.  */
>    if (history_size >= INT_MAX)
>      {
>        /* Ensure that 'show history size' prints 'unlimited'.  */
>        history_size = UINT_MAX;
>        unstifle_history ();
>      }
>    else
>      stifle_history (history_size);
> }
> 
> very much reads to me that making this "unsigned" is not
> justified.
> 
> This patch changes the command back to var_integer.  It's
> not a reversion -- I'm doing things differently from what
> was done before.  Namely, if a negative value is specified,
> the user sees the exact same error the uinteger command throws.
> Also, in that case, the command reverts back to the previous
> setting, like current code does implicitly, but unlike the original,
> that would change the setting to the default on range error.
> IOW, there's no user visible change compared to the current code.

Your patch changes the command back to signed, and at the same time,
keep the command behaves like unsigned.  This makes code a little bit
hard, IMO.  Isn't better to keep the command unsigned (from the
user's perspective) and take care of potential signed overflow
(to fit the internal readline interface)?  How about the patch
below?
 
-- 
Yao (é½å°§)

gdb:

2013-03-26  Yao Qi  <yao@codesourcery.com>

	* top.c (show_commands): Change local var 'offset' to
	'unsigned int'.  Check the overflow of 'history_base + offset'
	before pass it to history_get.
---
 gdb/top.c |    7 +++++--
 1 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/gdb/top.c b/gdb/top.c
index 7905b51..1cedfe9 100644
--- a/gdb/top.c
+++ b/gdb/top.c
@@ -1373,7 +1373,7 @@ void
 show_commands (char *args, int from_tty)
 {
   /* Index for history commands.  Relative to history_base.  */
-  int offset;
+  unsigned int offset;
 
   /* Number of the history entry which we are planning to display next.
      Relative to history_base.  */
@@ -1388,7 +1388,10 @@ show_commands (char *args, int from_tty)
   hist_len = history_size;
   for (offset = 0; offset < history_size; offset++)
     {
-      if (!history_get (history_base + offset))
+      /* Avoid overflow when passing 'history_base + offset' to
+	 history_get.  */
+      if ((offset + history_base > INT_MAX)
+	  || !history_get (history_base + offset))
 	{
 	  hist_len = offset;
 	  break;
-- 
1.7.7.6

next prev parent reply	other threads:[~2013-03-26 10:23 UTC|newest]

Thread overview: 31+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-07-18 12:52 [PATCH] Handle var_uinteger/var_zuinteger and case var_integer/var_zinteger together Yao Qi
2012-07-24 12:51 ` [committed]: " Yao Qi
2012-07-27 17:40 ` Khoo Yit Phang
2012-07-29 14:25   ` Yao Qi
2012-08-01 13:56   ` [RFC 0/3] New var_types var_zuinteger_unlimited Yao Qi
2012-08-01 13:56     ` [PATCH 2/3] use zuinteger_unlimited for some remote commands Yao Qi
2012-08-01 13:56     ` [PATCH 3/3] use zuinteger_unlimited for heuristic-fence-post Yao Qi
2012-08-01 13:56     ` [PATCH 1/3] var_zuinteger_unlimited and 'set listsize' Yao Qi
2012-08-01 16:14       ` Eli Zaretskii
2012-08-02  8:34       ` Doug Evans
2012-08-02 12:53         ` Yao Qi
2012-08-13 15:28   ` [RFC 0/3] Get rid of var_integer in CLI Yao Qi
2012-08-13 15:28     ` [PATCH 2/3] var_integer -> var_zuinteger_unlimited Yao Qi
2012-08-13 17:54       ` Eli Zaretskii
2012-09-14 18:12       ` Tom Tromey
2012-09-17  8:43         ` [committed]: " Yao Qi
2012-08-13 15:28     ` [PATCH 3/3] comments update Yao Qi
2012-09-14 18:13       ` Tom Tromey
2012-08-13 15:28     ` [PATCH 1/3] var_integer -> var_uinteger Yao Qi
2012-08-23 18:20       ` dje
2012-08-24  6:56         ` Yao Qi
2012-08-24 17:06           ` dje
2012-08-27 10:10             ` Yao Qi
2012-08-27 22:14               ` dje
2012-08-28 14:09                 ` [committed]: " Yao Qi
2013-03-25 22:55                   ` Change "set history size" back to signed (Re: [committed]: [PATCH 1/3] var_integer -> var_uinteger) Pedro Alves
2013-03-26 16:48                     ` Yao Qi [this message]
2013-03-26 17:48                       ` Pedro Alves
2013-03-27  8:54                         ` Yao Qi
2013-03-27 17:34                           ` Pedro Alves
2012-08-22 14:30     ` [ping] : [RFC 0/3] Get rid of var_integer in CLI Yao Qi

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=515176BB.4000702@codesourcery.com \
    --to=yao@codesourcery.com \
    --cc=dje@google.com \
    --cc=gdb-patches@sourceware.org \
    --cc=palves@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox