https://gcc.gnu.org/bugzilla/show_bug.cgi?id=117457
Andrew Pinski <pinskia at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Last reconfirmed| |2024-12-19
Summary|regex global buffer |regex global buffer
|overflow LTO |overflow LTO due to IPA
| |constprop and having 2
| |different string constants
| |across both TU
Ever confirmed|0 |1
Status|UNCONFIRMED |NEW
Component|middle-end |lto
--- Comment #6 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
This is a LTO only issue.
What is happening is we had originally:
std::regex _r{"\\/some\\/http\\/(\\d{1,2})\\/(\\d{1,2})\\/(\\d{1,2})\\/test",
std::regex::ECMAScript};
But then with IPA-constprop we generate a constprop clone of _M_compile and
call like (in one ltrans):
_M_compile.constprop (&_r, &MEM <const char[52]> [(void
*)"\\/some\\/http\\/(\\d{1,2})\\/(\\d{1,2})\\/(\\d{1,2})\\/test" + 51B]);
But in the other ltrans we produce:
....
MEM[(struct _Scanner *)&__c + 8B]._M_current =
"\\/some\\/http\\/(\\d{1,2})\\/(\\d{1,2})\\/(\\d{1,2})\\/test";
...
MEM[(struct _Scanner *)&__c + 8B]._M_end = __last_3(D);
Where __last_3 is the second argument of _M_compile.constprop.
Now in the 2 ltrans we have 2 different string constants BUT they have
different addresses.
The reason why you need -fsanitize=address to hit the bug is you need a large
enough TU to have it split into 2 ltrans.
