https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112510
--- Comment #17 from Vladimir Sadovnikov <sadko4u at gmail dot com> ---
Reproducible with 11.4.0
~$ export ASAN_OPTIONS=detect_stack_use_after_return=1
~$ g++ -fsanitize=address -Og test-case.cpp
~$ ./a.out
Aborted (core dumped)
~$ gcc --version
gcc (Ubuntu 11.4.0-1ubuntu1~22.04) 11.4.0
Copyright (C) 2021 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Not reproducible with 7.5.0:
sadko@tuf-gaming:~/tmp> export ASAN_OPTIONS=detect_stack_use_after_return=1
sadko@tuf-gaming:~/tmp> g++ -fsanitize=address -Og test-case.cpp
sadko@tuf-gaming:~/tmp> ./a.out
sadko@tuf-gaming:~/tmp> gcc --version
gcc (SUSE Linux) 7.5.0
Copyright (C) 2017 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Generated code for 11.4.0:
00000000000011e9 <_Z3barP1SPc>:
11e9: f3 0f 1e fa endbr64
11ed: 40 f6 c7 3f test $0x3f,%dil
11f1: 75 01 jne 11f4 <_Z3barP1SPc+0xb>
11f3: c3 ret
11f4: 48 83 ec 08 sub $0x8,%rsp
11f8: e8 c3 fe ff ff call 10c0
<__asan_handle_no_return@plt>
11fd: e8 9e fe ff ff call 10a0 <abort@plt>
0000000000001202 <_Z3foov>:
1202: f3 0f 1e fa endbr64
1206: 55 push %rbp
1207: 48 89 e5 mov %rsp,%rbp
120a: 41 55 push %r13
120c: 41 54 push %r12
120e: 53 push %rbx
120f: 48 83 e4 c0 and $0xffffffffffffffc0,%rsp
1213: 48 81 ec 00 01 00 00 sub $0x100,%rsp
121a: 48 8d 5c 24 20 lea 0x20(%rsp),%rbx
121f: 49 89 dd mov %rbx,%r13
1222: 83 3d e7 2d 00 00 00 cmpl $0x0,0x2de7(%rip) # 4010
<__asan_option_detect_stack_use_after_return@@Base>
1229: 0f 85 bb 00 00 00 jne 12ea <_Z3foov+0xe8>
122f: 48 c7 03 b3 8a b5 41 movq $0x41b58ab3,(%rbx)
1236: 48 8d 05 c7 0d 00 00 lea 0xdc7(%rip),%rax # 2004
<_IO_stdin_used+0x4>
123d: 48 89 43 08 mov %rax,0x8(%rbx)
1241: 48 8d 05 ba ff ff ff lea -0x46(%rip),%rax # 1202
<_Z3foov>
1248: 48 89 43 10 mov %rax,0x10(%rbx)
124c: 49 89 dc mov %rbx,%r12
124f: 49 c1 ec 03 shr $0x3,%r12
1253: 41 c7 84 24 00 80 ff movl $0xf1f1f1f1,0x7fff8000(%r12)
125a: 7f f1 f1 f1 f1
125f: 41 c7 84 24 04 80 ff movl $0xf1f1f1f1,0x7fff8004(%r12)
1266: 7f f1 f1 f1 f1
126b: 41 c7 84 24 08 80 ff movl $0xf201f1f1,0x7fff8008(%r12)
1272: 7f f1 f1 01 f2
1277: 41 c7 84 24 14 80 ff movl $0xf3f3f3f3,0x7fff8014(%r12)
127e: 7f f3 f3 f3 f3
1283: 64 48 8b 04 25 28 00 mov %fs:0x28,%rax
128a: 00 00
128c: 48 89 84 24 f8 00 00 mov %rax,0xf8(%rsp)
1293: 00
1294: 31 c0 xor %eax,%eax
1296: 48 8d 73 50 lea 0x50(%rbx),%rsi
129a: 48 8d 7b 60 lea 0x60(%rbx),%rdi
129e: e8 46 ff ff ff call 11e9 <_Z3barP1SPc>
12a3: 49 39 dd cmp %rbx,%r13
12a6: 75 5d jne 1305 <_Z3foov+0x103>
12a8: 49 c7 84 24 00 80 ff movq $0x0,0x7fff8000(%r12)
12af: 7f 00 00 00 00
12b4: 41 c7 84 24 08 80 ff movl $0x0,0x7fff8008(%r12)
12bb: 7f 00 00 00 00
12c0: 41 c7 84 24 14 80 ff movl $0x0,0x7fff8014(%r12)
12c7: 7f 00 00 00 00
12cc: 48 8b 84 24 f8 00 00 mov 0xf8(%rsp),%rax
12d3: 00
12d4: 64 48 2b 04 25 28 00 sub %fs:0x28,%rax
12db: 00 00
12dd: 75 65 jne 1344 <_Z3foov+0x142>
12df: 48 8d 65 e8 lea -0x18(%rbp),%rsp
12e3: 5b pop %rbx
12e4: 41 5c pop %r12
12e6: 41 5d pop %r13
12e8: 5d pop %rbp
12e9: c3 ret
12ea: bf c0 00 00 00 mov $0xc0,%edi
12ef: e8 ec fd ff ff call 10e0 <__asan_stack_malloc_2@plt>
12f4: 48 85 c0 test %rax,%rax
12f7: 0f 84 32 ff ff ff je 122f <_Z3foov+0x2d>
12fd: 48 89 c3 mov %rax,%rbx
1300: e9 2a ff ff ff jmp 122f <_Z3foov+0x2d>
1305: 48 c7 03 0e 36 e0 45 movq $0x45e0360e,(%rbx)
130c: 48 b8 f5 f5 f5 f5 f5 movabs $0xf5f5f5f5f5f5f5f5,%rax
1313: f5 f5 f5
1316: 49 89 84 24 00 80 ff mov %rax,0x7fff8000(%r12)
131d: 7f
131e: 49 89 84 24 08 80 ff mov %rax,0x7fff8008(%r12)
1325: 7f
1326: 48 b8 f5 f5 f5 f5 f5 movabs $0xf5f5f5f5f5f5f5f5,%rax
132d: f5 f5 f5
1330: 49 89 84 24 10 80 ff mov %rax,0x7fff8010(%r12)
1337: 7f
1338: 48 8b 83 f8 00 00 00 mov 0xf8(%rbx),%rax
133f: c6 00 00 movb $0x0,(%rax)
1342: eb 88 jmp 12cc <_Z3foov+0xca>
1344: e8 67 fd ff ff call 10b0 <__stack_chk_fail@plt>
Generated code for 7.5.0:
0000000000400727 <_Z3barP1SPc>:
400727: 40 f6 c7 3f test $0x3f,%dil
40072b: 75 02 jne 40072f <_Z3barP1SPc+0x8>
40072d: f3 c3 repz ret
40072f: 48 83 ec 08 sub $0x8,%rsp
400733: e8 c8 fe ff ff call 400600
<__asan_handle_no_return@plt>
400738: e8 b3 fe ff ff call 4005f0 <abort@plt>
000000000040073d <_Z3foov>:
40073d: 4c 8d 54 24 08 lea 0x8(%rsp),%r10
400742: 48 83 e4 c0 and $0xffffffffffffffc0,%rsp
400746: 41 ff 72 f8 push -0x8(%r10)
40074a: 55 push %rbp
40074b: 48 89 e5 mov %rsp,%rbp
40074e: 41 55 push %r13
400750: 41 54 push %r12
400752: 41 52 push %r10
400754: 53 push %rbx
400755: 48 81 ec 10 01 00 00 sub $0x110,%rsp
40075c: 48 8d 9d d0 fe ff ff lea -0x130(%rbp),%rbx
400763: 49 89 dd mov %rbx,%r13
400766: 83 3d 13 19 00 00 00 cmpl $0x0,0x1913(%rip) #
402080 <__asan_option_detect_stack_use_after_return@@Base>
40076d: 0f 85 bf 00 00 00 jne 400832 <_Z3foov+0xf5>
400773: 48 c7 03 b3 8a b5 41 movq $0x41b58ab3,(%rbx)
40077a: 48 c7 43 08 54 09 40 movq $0x400954,0x8(%rbx)
400781: 00
400782: 48 c7 43 10 3d 07 40 movq $0x40073d,0x10(%rbx)
400789: 00
40078a: 49 89 dc mov %rbx,%r12
40078d: 49 c1 ec 03 shr $0x3,%r12
400791: 41 c7 84 24 00 80 ff movl $0xf1f1f1f1,0x7fff8000(%r12)
400798: 7f f1 f1 f1 f1
40079d: 41 c7 84 24 04 80 ff movl $0xf1f1f1f1,0x7fff8004(%r12)
4007a4: 7f f1 f1 f1 f1
4007a9: 41 c7 84 24 08 80 ff movl $0xf2f2f201,0x7fff8008(%r12)
4007b0: 7f 01 f2 f2 f2
4007b5: 41 c7 84 24 0c 80 ff movl $0xf2f2f2f2,0x7fff800c(%r12)
4007bc: 7f f2 f2 f2 f2
4007c1: 41 c7 84 24 18 80 ff movl $0xf3f3f3f3,0x7fff8018(%r12)
4007c8: 7f f3 f3 f3 f3
4007cd: 41 c7 84 24 1c 80 ff movl $0xf3f3f3f3,0x7fff801c(%r12)
4007d4: 7f f3 f3 f3 f3
4007d9: 48 8d 73 40 lea 0x40(%rbx),%rsi
4007dd: 48 8d bb 80 00 00 00 lea 0x80(%rbx),%rdi
4007e4: e8 3e ff ff ff call 400727 <_Z3barP1SPc>
4007e9: 49 39 dd cmp %rbx,%r13
4007ec: 75 5f jne 40084d <_Z3foov+0x110>
4007ee: 49 c7 84 24 00 80 ff movq $0x0,0x7fff8000(%r12)
4007f5: 7f 00 00 00 00
4007fa: 49 c7 84 24 08 80 ff movq $0x0,0x7fff8008(%r12)
400801: 7f 00 00 00 00
400806: 49 c7 84 24 10 80 ff movq $0x0,0x7fff8010(%r12)
40080d: 7f 00 00 00 00
400812: 49 c7 84 24 18 80 ff movq $0x0,0x7fff8018(%r12)
400819: 7f 00 00 00 00
40081e: 48 81 c4 10 01 00 00 add $0x110,%rsp
400825: 5b pop %rbx
400826: 41 5a pop %r10
400828: 41 5c pop %r12
40082a: 41 5d pop %r13
40082c: 5d pop %rbp
40082d: 49 8d 62 f8 lea -0x8(%r10),%rsp
400831: c3 ret
400832: bf 00 01 00 00 mov $0x100,%edi
400837: e8 e4 fd ff ff call 400620
<__asan_stack_malloc_2@plt>
40083c: 48 85 c0 test %rax,%rax
40083f: 0f 84 2e ff ff ff je 400773 <_Z3foov+0x36>
400845: 48 89 c3 mov %rax,%rbx
400848: e9 26 ff ff ff jmp 400773 <_Z3foov+0x36>
40084d: 48 c7 03 0e 36 e0 45 movq $0x45e0360e,(%rbx)
400854: 48 b8 f5 f5 f5 f5 f5 movabs $0xf5f5f5f5f5f5f5f5,%rax
40085b: f5 f5 f5
40085e: 49 89 84 24 00 80 ff mov %rax,0x7fff8000(%r12)
400865: 7f
400866: 49 89 84 24 08 80 ff mov %rax,0x7fff8008(%r12)
40086d: 7f
40086e: 49 89 84 24 10 80 ff mov %rax,0x7fff8010(%r12)
400875: 7f
400876: 49 89 84 24 18 80 ff mov %rax,0x7fff8018(%r12)
40087d: 7f
40087e: eb 9e jmp 40081e <_Z3foov+0xe1>
