https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81021
Bug ID: 81021 Summary: stack-use-after-scope false positive error with exceptions Product: gcc Version: 7.1.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: sanitizer Assignee: unassigned at gcc dot gnu.org Reporter: matt at godbolt dot org CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org, jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxin at gcc dot gnu.org Target Milestone: --- GCC 7.1 compiled from source, testing on Ubuntu and Arch linux. The following minimal reproduction code: ---snip--- #include <string> struct ConfigFile { ConfigFile(std::string filename, std::string delimiter) { throw "error"; } }; struct Configuration { ConfigFile _configFile; Configuration(const std::string &root, const char *baseName) : _configFile(root + baseName, "=") { } }; void test() { std::string root("etc"); try { Configuration config(root, "notthere"); } catch (...) { // exception is thrown, caught here and ignored... } Configuration config(root, "sample"); // ASAN error during constructor here } int main(int argc, const char *argv[]) { test(); } ---snip--- when compiled and run with the address sanitizer with `g++ -fsanitize=address test.cc -o test` gives the following apparent false positive. ================================================================= ==44114==ERROR: AddressSanitizer: stack-use-after-scope on address 0x7ffd3b2bf6f0 at pc 0x0000004fa7bf bp 0x7ffd3b2bf660 sp 0x7ffd3b2bf658 WRITE of size 32 at 0x7ffd3b2bf6f0 thread T0 #0 0x4fa7be in Configuration::Configuration(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, char const*) (/home/mgodbolt/dev/gcc7-bug/test+0x4fa7be) #1 0x4fa4b9 in test() (/home/mgodbolt/dev/gcc7-bug/test+0x4fa4b9) #2 0x4fa5de in main (/home/mgodbolt/dev/gcc7-bug/test+0x4fa5de) #3 0x2b6b74945f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44) #4 0x405ebb (/home/mgodbolt/dev/gcc7-bug/test+0x405ebb) Address 0x7ffd3b2bf6f0 is located in stack of thread T0 at offset 96 in frame #0 0x4fa689 in Configuration::Configuration(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, char const*) (/home/mgodbolt/dev/gcc7-bug/test+0x4fa689) This frame has 3 object(s): [32, 33) '<unknown>' [96, 128) '<unknown>' <== Memory access at offset 96 is inside this variable [160, 192) '<unknown>' HINT: this may be a false positive if your program uses some custom stack unwind mechanism or swapcontext (longjmp and C++ exceptions *are* supported) SUMMARY: AddressSanitizer: stack-use-after-scope (/home/mgodbolt/dev/gcc7-bug/test+0x4fa7be) in Configuration::Configuration(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, char const*) Shadow bytes around the buggy address: 0x10002764fe80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x10002764fe90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x10002764fea0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x10002764feb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x10002764fec0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 =>0x10002764fed0: 00 00 f1 f1 f1 f1 01 f2 f2 f2 f2 f2 f2 f2[f8]f8 0x10002764fee0: f8 f8 f2 f2 f2 f2 f8 f8 f8 f8 f3 f3 f3 f3 00 00 0x10002764fef0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x10002764ff00: 00 00 f8 00 00 00 00 00 00 00 01 00 00 00 00 00 0x10002764ff10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x10002764ff20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Reducing the file further (removing the apparently unnecessary std::strings) prevents this issue from being flagged up.