[Bug c++/105994] Incorrect optimization with -ftree-sra and casting (strictly compatible) refs

Wed, 15 Jun 2022 17:29:01 -0700 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105994

--- Comment #6 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
Note with -fsanitize=address at runtime, GCC does detect this:

Program returned: 1
=================================================================
==1==ERROR: AddressSanitizer: stack-use-after-scope on address 0x7fe456600020
at pc 0x0000004011e4 bp 0x7ffee65e3850 sp 0x7ffee65e3848
READ of size 4 at 0x7fe456600020 thread T0
    #0 0x4011e3 in g(foo) /app/example.cpp:20
    #1 0x401209 in main /app/example.cpp:28
    #2 0x7fe458c880b2 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x240b2) (BuildId:
9fdb74e7b217d06c93172a8243f8547f947ee6d1)
    #3 0x4010ad in _start (/app/output.s+0x4010ad) (BuildId:
5bbb0ffd1be8c2b44c3b09d7f1bcf41dcd821425)

Address 0x7fe456600020 is located in stack of thread T0 at offset 32 in frame
    #0 0x401175 in g(foo) /app/example.cpp:17

  This frame has 1 object(s):
    [32, 36) '<unknown>' <== Memory access at offset 32 is inside this variable
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism, swapcontext or vfork
      (longjmp and C++ exceptions *are* supported)
SUMMARY: AddressSanitizer: stack-use-after-scope /app/example.cpp:20 in g(foo)
Shadow bytes around the buggy address:
  0x0ffd0acb7fb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0ffd0acb7fc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0ffd0acb7fd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0ffd0acb7fe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0ffd0acb7ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x0ffd0acb8000: f1 f1 f1 f1[f8]f3 f3 f3 00 00 00 00 00 00 00 00
  0x0ffd0acb8010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0ffd0acb8020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0ffd0acb8030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0ffd0acb8040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0ffd0acb8050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==1==ABORTING

Reply via email to