[RFC PATCH] c++/24367: Infinite recursion of typedef substitution

Kevin Buettner kevinb@redhat.com
Thu Apr 4 21:50:00 GMT 2019


On Thu, 28 Mar 2019 10:17:55 -0700
Keith Seitz <keiths@redhat.com> wrote:

> This bug finds another usage where we end up segfaulting while
> normalizing user input.  inspect_type and replace_type recurse,
> attempting to substitute the "real" symbol name for the typedef name.
> However, since the both these names are the same, they keep calling
> each other until the stack overflows.
> 
> A simple reproducer for it is given by
> 
>   typedef struct foo foo;
>   int qux (foo *f) { return 0; }
> 
>   (gdb) b qux(foo*)
>   Segmentation fault
> 
> inspect_type already contains some special handling to prevent a
> similar situation from occurring with namespaces.  I wonder, however,
> whether we need be so pedantic about the exact nature of the substitution.
> 
> Shouldn't we rather prevent these substitutions whenever the replacement
> symbol's name is exactly the same as the one we're trying to substitute?
> [In the above example, we're trying to substitute the tyepdef named "foo"
> with the symbol named "foo" (a struct).]
> 
> Buildbot did not highlight any regrressions from using this more
> "aggressive" defense.
> 
> Comments/opinions?

Sounds reasonable to me.  I tested your patch and found that it works
well.

One nit regarding the patch itself.  There seems to be differing uses of
tabs versus spaces on some of the lines.  I only noticed this because
the indentation appeared to be slightly different when reviewing the
patch in my email client.

Kevin



More information about the Gdb-patches mailing list