public inbox for gcc-bugs@sourceware.org help / color / mirror / Atom feed
From: "daniel.kruegler at googlemail dot com" <gcc-bugzilla@gcc.gnu.org> To: gcc-bugs@gcc.gnu.org Subject: [Bug c++/61543] static_cast<void *>(static_cast<int>(enum_value)) doesn't get an error Date: Tue, 24 Jun 2014 19:22:00 -0000 [thread overview] Message-ID: <bug-61543-4-FdQj3F2X1U@http.gcc.gnu.org/bugzilla/> (raw) In-Reply-To: <bug-61543-4@http.gcc.gnu.org/bugzilla/> https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61543 --- Comment #3 from Daniel Krügler <daniel.kruegler at googlemail dot com> --- (In reply to Vaughn Cato from comment #2) > I'm not sure it is related to bug 49171. I agree and withdraw my previous comparison. I didn't notice that the result of the conversion is not used within a context that would require a constant expression. >From gcc-bugs-return-454831-listarch-gcc-bugs=gcc.gnu.org@gcc.gnu.org Tue Jun 24 19:37:46 2014 Return-Path: <gcc-bugs-return-454831-listarch-gcc-bugs=gcc.gnu.org@gcc.gnu.org> Delivered-To: listarch-gcc-bugs@gcc.gnu.org Received: (qmail 30229 invoked by alias); 24 Jun 2014 19:37:46 -0000 Mailing-List: contact gcc-bugs-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: <gcc-bugs.gcc.gnu.org> List-Archive: <http://gcc.gnu.org/ml/gcc-bugs/> List-Post: <mailto:gcc-bugs@gcc.gnu.org> List-Help: <mailto:gcc-bugs-help@gcc.gnu.org> Sender: gcc-bugs-owner@gcc.gnu.org Delivered-To: mailing list gcc-bugs@gcc.gnu.org Received: (qmail 30206 invoked by uid 48); 24 Jun 2014 19:37:42 -0000 From: "max at cert dot cx" <gcc-bugzilla@gcc.gnu.org> To: gcc-bugs@gcc.gnu.org Subject: [Bug libstdc++/61582] C11 regex memory corruption Date: Tue, 24 Jun 2014 19:37:00 -0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gcc X-Bugzilla-Component: libstdc++ X-Bugzilla-Version: unknown X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: max at cert dot cx X-Bugzilla-Status: RESOLVED X-Bugzilla-Priority: P3 X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: <bug-61582-4-YzeZfmE39m@http.gcc.gnu.org/bugzilla/> In-Reply-To: <bug-61582-4@http.gcc.gnu.org/bugzilla/> References: <bug-61582-4@http.gcc.gnu.org/bugzilla/> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-SW-Source: 2014-06/txt/msg01913.txt.bz2 Content-length: 5173 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61582 --- Comment #2 from Maksymilian A <max at cert dot cx> --- Sorry for mistake. Could you check this again ? cx@cx:~/REstd11/kozak5$ ~/gcc49/bin/g++ -v Using built-in specs. COLLECT_GCC=/home/cx/gcc49/bin/g++ COLLECT_LTO_WRAPPER=/home/cx/gcc49/libexec/gcc/x86_64-unknown-linux-gnu/4.9.0/lto-wrapper Target: x86_64-unknown-linux-gnu Configured with: /home/cx/gcc49/source/gcc-4.9.0/configure --disable-multilib --prefix=/home/cx/gcc49 Thread model: posix gcc version 4.9.0 (GCC) cx@cx:~/REstd11/kozak5$ cat c11re.c #include <iostream> #include <string> #include <regex> using namespace std; int main (int argc, char *argv[]) { if (std::regex_match ("GNUj", std::regex(argv[1]) )) std::cout << "ELO\n"; return 0; } cx@cx:~/REstd11/kozak5$ ~/gcc49/bin/g++ -o c11re c11re.c -std=c++11 cx@cx:~/REstd11/kozak5$ ./c11re '((x|' terminate called after throwing an instance of 'std::regex_error' what(): regex_error Przerwane (core dumped) cx@cx:~/REstd11/kozak5$ ./c11re '((.*)()?*{100})' Naruszenie ochrony pamięci (core dumped) cx@cx:~/REstd11/kozak5$ (gdb) r '((.*)()?*{100})' Starting program: /home/cx/REstd11/kozak5/./c11re '((.*)()?*{100})' Program received signal SIGSEGV, Segmentation fault. 0x0000000000402f15 in std::_Bit_reference::operator bool() const () (gdb) x/i $rip => 0x402f15 <_ZNKSt14_Bit_referencecvbEv+15>: mov (%rax),%rdx (gdb) i r rax 0x200000000063a128 2305843009220223272 rbx 0xffffffffffffffff -1 rcx 0x200000000063a128 2305843009220223272 rdx 0x8000000000000000 -9223372036854775808 rsi 0x200000000063a128 2305843009220223272 rdi 0x7fffffffd350 140737488343888 rbp 0x7fffffffd310 0x7fffffffd310 rsp 0x7fffffffd310 0x7fffffffd310 r8 0x2 2 r9 0x20 32 r10 0x3 3 r11 0x7ffff75b5798 140737343346584 r12 0x402880 4204672 r13 0x7fffffffe260 140737488347744 r14 0x0 0 r15 0x0 0 => 0x402f15 <_ZNKSt14_Bit_referencecvbEv+15>: rip 0x402f15 0x402f15 <std::_Bit_reference::operator bool() const+15> ... #0 0x0000000000402f15 in std::_Bit_reference::operator bool() const () #1 0x000000000040a1bc in void std::__detail::_Executor<char const*, std::allocator<std::sub_match<char const*> >, std::regex_traits<char>, false>::_M_dfs<true>(long) () #2 0x000000000040a275 in void std::__detail::_Executor<char const*, std::allocator<std::sub_match<char const*> >, std::regex_traits<char>, false>::_M_dfs<true>(long) () #3 0x000000000040a493 in void std::__detail::_Executor<char const*, std::allocator<std::sub_match<char const*> >, std::regex_traits<char>, false>::_M_dfs<true>(long) () #4 0x000000000040a28f in void std::__detail::_Executor<char const*, std::allocator<std::sub_match<char const*> >, std::regex_traits<char>, false>::_M_dfs<true>(long) () #5 0x000000000040a3a5 in void std::__detail::_Executor<char const*, std::allocator<std::sub_match<char const*> >, std::regex_traits<char>, false>::_M_dfs<true>(long) () #6 0x000000000040a3a5 in void std::__detail::_Executor<char const*, std::allocator<std::sub_match<char const*> >, std::regex_traits---Type <return> to continue, or q <return> to quit--- <char>, false>::_M_dfs<true>(long) () #7 0x000000000040a3a5 in void std::__detail::_Executor<char const*, std::allocator<std::sub_match<char const*> >, std::regex_traits<char>, false>::_M_dfs<true>(long) () #8 0x0000000000407ee0 in bool std::__detail::_Executor<char const*, std::allocator<std::sub_match<char const*> >, std::regex_traits<char>, false>::_M_main<true>() () #9 0x0000000000406172 in std::__detail::_Executor<char const*, std::allocator<std::sub_match<char const*> >, std::regex_traits<char>, false>::_M_match() () #10 0x0000000000404cf5 in bool std::__detail::__regex_algo_impl<char const*, std::allocator<std::sub_match<char const*> >, char, std::regex_traits<char>, (std::__detail::_RegexExecutorPolicy)0, true>(char const*, char const*, std::match_results<char const*, std::allocator<std::sub_match<char const*> > >&, std::basic_regex<char, std::regex_traits<char> > const&, std::regex_constants::match_flag_type) () #11 0x000000000040449e in bool std::regex_match<char const*, std::allocator<std::sub_match<char const*> >, char, std::regex_traits<c---Type <return> to continue, or q <return> to quit--- har> >(char const*, char const*, std::match_results<char const*, std::allocator<std::sub_match<char const*> > >&, std::basic_regex<char, std::regex_traits<char> > const&, std::regex_constants::match_flag_type) () #12 0x000000000040405c in bool std::regex_match<char const*, char, std::regex_traits<char> >(char const*, char const*, std::basic_regex<char, std::regex_traits<char> > const&, std::regex_constants::match_flag_type) () #13 0x0000000000403d4c in bool std::regex_match<char, std::regex_traits<char> >(char const*, std::basic_regex<char, std::regex_traits<char> > const&, std::regex_constants::match_flag_type) () #14 0x0000000000402a5f in main () >From gcc-bugs-return-454832-listarch-gcc-bugs=gcc.gnu.org@gcc.gnu.org Tue Jun 24 19:44:41 2014 Return-Path: <gcc-bugs-return-454832-listarch-gcc-bugs=gcc.gnu.org@gcc.gnu.org> Delivered-To: listarch-gcc-bugs@gcc.gnu.org Received: (qmail 2636 invoked by alias); 24 Jun 2014 19:44:41 -0000 Mailing-List: contact gcc-bugs-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: <gcc-bugs.gcc.gnu.org> List-Archive: <http://gcc.gnu.org/ml/gcc-bugs/> List-Post: <mailto:gcc-bugs@gcc.gnu.org> List-Help: <mailto:gcc-bugs-help@gcc.gnu.org> Sender: gcc-bugs-owner@gcc.gnu.org Delivered-To: mailing list gcc-bugs@gcc.gnu.org Received: (qmail 2616 invoked by uid 48); 24 Jun 2014 19:44:38 -0000 From: "max at cert dot cx" <gcc-bugzilla@gcc.gnu.org> To: gcc-bugs@gcc.gnu.org Subject: [Bug c++/61601] New: C11 regex resource exhaustion Date: Tue, 24 Jun 2014 19:44:00 -0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gcc X-Bugzilla-Component: c++ X-Bugzilla-Version: 4.9.0 X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: max at cert dot cx X-Bugzilla-Status: UNCONFIRMED X-Bugzilla-Priority: P3 X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter Message-ID: <bug-61601-4@http.gcc.gnu.org/bugzilla/> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-SW-Source: 2014-06/txt/msg01914.txt.bz2 Content-length: 1503 https://gcc.gnu.org/bugzilla/show_bug.cgi?ida601 Bug ID: 61601 Summary: C11 regex resource exhaustion Product: gcc Version: 4.9.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: c++ Assignee: unassigned at gcc dot gnu.org Reporter: max at cert dot cx cx@cx:~/REstd11/kozak5$ ~/gcc49/bin/g++ -v Using built-in specs. COLLECT_GCC=/home/cx/gcc49/bin/g++ COLLECT_LTO_WRAPPER=/home/cx/gcc49/libexec/gcc/x86_64-unknown-linux-gnu/4.9.0/lto-wrapper Target: x86_64-unknown-linux-gnu Configured with: /home/cx/gcc49/source/gcc-4.9.0/configure --disable-multilib --prefix=/home/cx/gcc49 Thread model: posix gcc version 4.9.0 (GCC) cx@cx:~/REstd11/kozak5$ ~/gcc49/bin/g++ -o regr regr.cpp -std=c++11cx@cx:~/REstd11/kozak5$ cat ./regr.cpp #include <regex> using namespace std; int main (int argc, char *argv[]) { string input; regex r(argv[1]); return 0; } Memory Resource Exhaustion cx@cx:~/REstd11/kozak5$ ./regr '((.*)$1{100}{100}{100}{100}{100}{100}{100}{100}{100}{100}{100}{100}{100}{100}{100}{100}{100}{100}{100}{100}{100}{100}{100}{100}{100}{100}{100}{100}{100}{100})' expected: error_complexity CPU Resource Exhaustion cx@cx:~/REstd11/kozak5$ ./regr '((.*)((.*){10}(.*{2444444444,1})' # ps -aux cx 13836 99.9 5.8 666828 442248 pts/3 R+ cze23 577:46 ./regr ((.*)((.*){10}(.*{2444444444,1}) expected: error_space BR, Maksymilian Arciemowicz
next prev parent reply other threads:[~2014-06-24 19:22 UTC|newest] Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top 2014-06-18 1:50 [Bug c++/61543] New: " vcato1701 at yahoo dot com 2014-06-24 18:37 ` [Bug c++/61543] " daniel.kruegler at googlemail dot com 2014-06-24 19:20 ` vcato1701 at yahoo dot com 2014-06-24 19:22 ` daniel.kruegler at googlemail dot com [this message] 2021-08-05 3:27 ` pinskia at gcc dot gnu.org 2021-08-05 15:33 ` redi at gcc dot gnu.org
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=bug-61543-4-FdQj3F2X1U@http.gcc.gnu.org/bugzilla/ \ --to=gcc-bugzilla@gcc.gnu.org \ --cc=gcc-bugs@gcc.gnu.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).