https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108879
Bug ID: 108879 Summary: -Wanalyzer-malloc-leak false positive stl string in try catch block Product: gcc Version: 13.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: analyzer Assignee: dmalcolm at gcc dot gnu.org Reporter: jg at jguk dot org Target Milestone: --- Tested just now on gcc (trunk). Source code below and the output. https://godbolt.org/z/Ms6fezGvT <source>: In function 'void make_string(const char*, std::string&)': <source>:11:27: warning: leak of '<anonymous>.std::__cxx11::basic_string<char>::_M_dataplus.std::__cxx11::basic_string<char>::_Alloc_hider::_M_p' [CWE-401] [-Wanalyzer-malloc-leak] 11 | out_string = std::string(str); | ^~~~~~~~~~~ 'void make_string(const char*, std::string&)': events 1-2 | | 7 | void make_string(const char * const str, std::string & out_string) | | ^~~~~~~~~~~ | | | | | (1) entry to 'make_string' |...... | 11 | out_string = std::string(str); | | ~~~~~~~~~~~ | | | | | (2) calling 'std::__cxx11::basic_string<char>::basic_string<>' from 'make_string' // -fanalyzer -std=c++23 -O1 -Wall -Wno-analyzer-use-of-uninitialized-value #include <string> #include <cstdio> void make_string(const char * const str, std::string & out_string) { try { out_string = std::string(str); } catch (std::exception& ex) { printf("exception %s\n", ex.what()); fflush(stdout); } } int main() { std::string str; make_string(NULL, str); }