Add virtual destructor to tui_layout_base
authorSimon Marchi <simon.marchi@polymtl.ca>
Tue, 17 Dec 2019 20:01:15 +0000 (15:01 -0500)
committerSimon Marchi <simon.marchi@efficios.com>
Tue, 17 Dec 2019 20:01:15 +0000 (15:01 -0500)
I stumbled on some ASan failures when using the TUI, when tearing down a
TUI layout.  The simplest way to trigger it is to run:

  $ ./gdb --data-directory=data-directory -batch -ex "layout next"

The ASan report is:

    =================================================================
    ==2829136==ERROR: AddressSanitizer: new-delete-type-mismatch on 0x608000009a20 in thread T0:
      object passed to delete has wrong type:
      size of the allocated type:   88 bytes;
      size of the deallocated type: 24 bytes.
        #0 0x7f470fe2507e in operator delete(void*, unsigned long) /build/gcc/src/gcc/libsanitizer/asan/asan_new_delete.cc:177
        #1 0x55f88c75700d in std::default_delete<tui_layout_base>::operator()(tui_layout_base*) const /usr/include/c++/9.2.0/bits/unique_ptr.h:81
        #2 0x55f88c756328 in std::unique_ptr<tui_layout_base, std::default_delete<tui_layout_base> >::~unique_ptr() /usr/include/c++/9.2.0/bits/unique_ptr.h:284
        #3 0x7f470ee536a6 in __run_exit_handlers (/usr/lib/libc.so.6+0x3e6a6)
        #4 0x7f470ee5385d in __GI_exit (/usr/lib/libc.so.6+0x3e85d)
        #5 0x55f88c69f2ac in quit_force(int*, int) /home/simark/src/binutils-gdb/gdb/top.c:1766
        #6 0x55f88becc29a in captured_main_1 /home/simark/src/binutils-gdb/gdb/main.c:1183
        #7 0x55f88becc814 in captured_main /home/simark/src/binutils-gdb/gdb/main.c:1192
        #8 0x55f88becc8a9 in gdb_main(captured_main_args*) /home/simark/src/binutils-gdb/gdb/main.c:1217
        #9 0x55f88b3159cd in main /home/simark/src/binutils-gdb/gdb/gdb.c:32
        #10 0x7f470ee3c152 in __libc_start_main (/usr/lib/libc.so.6+0x27152)
        #11 0x55f88b31579d in _start (/home/simark/build/binutils-gdb/gdb/gdb+0x11fb79d)

    0x608000009a20 is located 0 bytes inside of 88-byte region [0x608000009a20,0x608000009a78)
    allocated by thread T0 here:
        #0 0x7f470fe238f8 in operator new(unsigned long) /build/gcc/src/gcc/libsanitizer/asan/asan_new_delete.cc:104
        #1 0x55f88c750906 in tui_layout_split::clone() const /home/simark/src/binutils-gdb/gdb/tui/tui-layout.c:515
        #2 0x55f88c74e60e in show_layout /home/simark/src/binutils-gdb/gdb/tui/tui-layout.c:90
        #3 0x55f88c74e7db in tui_set_layout(tui_layout_type) /home/simark/src/binutils-gdb/gdb/tui/tui-layout.c:116
        #4 0x55f88c782f4f in tui_enable() /home/simark/src/binutils-gdb/gdb/tui/tui.c:481
        #5 0x55f88c74eeb2 in tui_layout_command /home/simark/src/binutils-gdb/gdb/tui/tui-layout.c:286
        #6 0x55f88b6f969b in do_const_cfunc /home/simark/src/binutils-gdb/gdb/cli/cli-decode.c:107
        #7 0x55f88b701859 in cmd_func(cmd_list_element*, char const*, int) /home/simark/src/binutils-gdb/gdb/cli/cli-decode.c:1952
        #8 0x55f88c69b455 in execute_command(char const*, int) /home/simark/src/binutils-gdb/gdb/top.c:652
        #9 0x55f88bec9026 in catch_command_errors /home/simark/src/binutils-gdb/gdb/main.c:400
        #10 0x55f88becc1f2 in captured_main_1 /home/simark/src/binutils-gdb/gdb/main.c:1167
        #11 0x55f88becc814 in captured_main /home/simark/src/binutils-gdb/gdb/main.c:1192
        #12 0x55f88becc8a9 in gdb_main(captured_main_args*) /home/simark/src/binutils-gdb/gdb/main.c:1217
        #13 0x55f88b3159cd in main /home/simark/src/binutils-gdb/gdb/gdb.c:32
        #14 0x7f470ee3c152 in __libc_start_main (/usr/lib/libc.so.6+0x27152)

The problem is that the tui_layout_base is missing a virtual destructor.
We allocate a derived object (tui_layout_split), but delete it through a
tui_layout_base pointer.  Since the tui_layout_base destructor is not
virtual, the derived (tui_layout_split) destructor is not called, only
the base destructor.

That code is not in gdb-9-branch, so I don't think this patch is
relevant for the stable branch.

Note that this is caught as a diagnostic with clang:

    In file included from /home/simark/src/binutils-gdb/gdb/tui/tui-layout.c:22:
    In file included from /home/simark/src/binutils-gdb/gdb/defs.h:28:
    In file included from /home/simark/src/binutils-gdb/gdb/gdbsupport/common-defs.h:133:
    In file included from /home/simark/src/binutils-gdb/gdb/gdbsupport/common-exceptions.h:25:
    In file included from /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/9.2.0/../../../../include/c++/9.2.0/memory:80:
    /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/9.2.0/../../../../include/c++/9.2.0/bits/unique_ptr.h:81:2: error: delete called on 'tui_layout_base' that is abstract but has non-virtual destructor [-Werror,-Wdelete-abstract-non-virtual-dtor]
            delete __ptr;
            ^
    /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/9.2.0/../../../../include/c++/9.2.0/bits/unique_ptr.h:284:4: note: in instantiation of member function 'std::default_delete<tui_layout_base>::operator()' requested here
              get_deleter()(std::move(__ptr));
              ^
    /home/simark/src/binutils-gdb/gdb/tui/tui-layout.c:54:41: note: in instantiation of member function 'std::unique_ptr<tui_layout_base, std::default_delete<tui_layout_base> >::~unique_ptr' requested here
    static std::unique_ptr<tui_layout_base> applied_layout;
                                            ^
    1 error generated.

GCC has the similar -Wdelete-non-virtual-dtor, enabled by -Wall, but it
doesn't show up because warnings are inhibited for system headers, where
std::unique_ptr is defined.  There is a bug about it here:

    https://gcc.gnu.org/bugzilla/show_bug.cgi?id=58876

gdb/ChangeLog:

* tui/tui-layout.h (class tui_layout_base): Add virtual
destructor.

gdb/ChangeLog
gdb/tui/tui-layout.h

index 6f193c378b633f8a0803c362901c8175e94fa5e1..5464461c62cc795230c93f763a937f31208c2b4a 100644 (file)
@@ -1,3 +1,8 @@
+2019-12-17  Simon Marchi  <simon.marchi@polymtl.ca>
+
+       * tui/tui-layout.h (class tui_layout_base): Add virtual
+       destructor.
+
 2019-12-16  Bernd Edlinger  <bernd.edlinger@hotmail.de>
 
        * infcmd.c (prepare_one_step): Step over skipped inline functions.
index 691d4ad2e22b05a0ba6f09e9310d980ef9439aed..cfe807d8690a12b3e4f8dc6be3e4abd1678dac56 100644 (file)
@@ -34,6 +34,8 @@ public:
 
   DISABLE_COPY_AND_ASSIGN (tui_layout_base);
 
+  virtual ~tui_layout_base () = default;
+
   /* Clone this object.  Ordinarily a layout is cloned before it is
      used, so that any necessary modifications do not affect the
      "skeleton" layout.  */