[gcc r16-7246] libstdc++/regex: Zero-initialize _ExecutorFrame flags

Mon, 02 Feb 2026 12:15:04 -0800 

https://gcc.gnu.org/g:8978da072f9ea7653416d59167a07e79be6cadaf

commit r16-7246-g8978da072f9ea7653416d59167a07e79be6cadaf
Author: Patrick Palka <[email protected]>
Date:   Mon Feb 2 15:14:20 2026 -0500

    libstdc++/regex: Zero-initialize _ExecutorFrame flags
    
    Prevents uninitialized read bugs, and it's also just natural to assume
    flags are initially cleared rather than uninitialized.
    
    In passing rename the _M_end flag to _M_subexpr_end to make it distinct
    from _Executor::_M_end.
    
    libstdc++-v3/ChangeLog:
    
            * include/bits/regex_executor.tcc (_ExecutorFrameBase):
            Zero-initialize _M_byte0.
            (_ExecutorFrameBase::_M_end): Rename to ...
            (_ExecutorFrameBase::_M_subexpr_end): ... this.
            (_Executor::_M_handle_subexpr_begin): Remove now redundant
            clearing of _M_subexpr_end.
            (_Executor::_M_handle_subexpr_end): Adjust after renaming.
            (_Executor::_M_dfs) <case _S_fopcode_restore_cur_results>:
            Likewise.
    
    Reviewed-by: Jonathan Wakely <[email protected]>

Diff:
---
 libstdc++-v3/include/bits/regex_executor.tcc | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/libstdc++-v3/include/bits/regex_executor.tcc 
b/libstdc++-v3/include/bits/regex_executor.tcc
index 6c8deff2f21e..19b5ad27df40 100644
--- a/libstdc++-v3/include/bits/regex_executor.tcc
+++ b/libstdc++-v3/include/bits/regex_executor.tcc
@@ -79,12 +79,12 @@ _GLIBCXX_BEGIN_INLINE_ABI_NAMESPACE(_V2)
 
     _ExecutorFrameOpcode _M_op;
     union {
-      unsigned char _M_byte0;
+      unsigned char _M_byte0 = 0;
       struct { // Used by restore_rep_count frame
        unsigned char _M_count : 2;
       };
       struct { // Used by restore_cur_results frame
-       unsigned char _M_end : 1;
+       unsigned char _M_subexpr_end : 1;
        unsigned char _M_matched : 1;
       };
     };
@@ -338,7 +338,6 @@ _GLIBCXX_BEGIN_INLINE_ABI_NAMESPACE(_V2)
       _M_frames.emplace_back(_S_fopcode_restore_cur_results,
                             static_cast<_StateIdT>(__state._M_subexpr),
                             __res.first);
-      _M_frames.back()._M_end = false;
       __res.first = _M_current;
       _M_frames.emplace_back(_S_fopcode_next, __state._M_next);
     }
@@ -353,7 +352,7 @@ _GLIBCXX_BEGIN_INLINE_ABI_NAMESPACE(_V2)
       _M_frames.emplace_back(_S_fopcode_restore_cur_results,
                             static_cast<_StateIdT>(__state._M_subexpr),
                             __res.second);
-      _M_frames.back()._M_end = true;
+      _M_frames.back()._M_subexpr_end = true;
       _M_frames.back()._M_matched = __res.matched;
       __res.second = _M_current;
       __res.matched = true;
@@ -670,7 +669,7 @@ _GLIBCXX_BEGIN_INLINE_ABI_NAMESPACE(_V2)
              break;
 
            case _S_fopcode_restore_cur_results:
-             if (!__frame._M_end)
+             if (!__frame._M_subexpr_end)
                _M_cur_results[__frame._M_state_id].first = __frame._M_pos;
              else
                {

Reply via email to