| Issue |
130292
|
| Summary |
Stack-Use-After-Scope in clang/lib/Sema/SemaChecking.cpp Detected by AddressSanitizer
|
| Labels |
clang
|
| Assignees |
|
| Reporter |
sivan-shani
|
AddressSanitizer reports a stack-use-after-scope in clang/lib/Sema/SemaChecking.cpp.
The issue occurs in the function:
```
template<typename Range>
void CheckFormatHandler::EmitFormatDiagnostic(PartialDiagnostic PDiag,
SourceLocation Loc,
bool IsStringLocation,
Range StringRange,
ArrayRef<FixItHint> FixIt) {
EmitFormatDiagnostic(S, inFunctionCall, Args[FormatIdx], PDiag,
Loc, IsStringLocation, StringRange, FixIt);
}
```
Args is a member of CheckFormatHandler:
```
ArrayRef<const Expr *> Args;
```
ASan Error Message:
```
ERROR: AddressSanitizer: stack-use-after-scope on address 0x71194979f170
READ of size 8 at 0x71194979f170 thread T0
#0 0x56f9fa7b823f in EmitFormatDiagnostic<clang::CharSourceRange> clang/lib/Sema/SemaChecking.cpp:6925:43
Environment:
Ubuntu 24.04
Clang version 21.0.0
Target: x86_64-unknown-linux-gn
#1 0x56f9fa7b823f in CheckFormatHandler::HandleInvalidConversionSpecifier
...
SUMMARY: AddressSanitizer: stack-use-after-scope clang/lib/Sema/SemaChecking.cpp:6925:43 in EmitFormatDiagnostic<clang::CharSourceRange>
```
Steps to Reproduce:
- Compile llvm with ASan enabled (with flag `-fsanitize=address` or, Cmake: `-DLLVM_USE_SANITIZER=Address`)
- Enable ASan checks via environment variable:
```
export ASAN_OPTIONS=detect_leaks=1:strict_string_checks=1:detect_stack_use_after_return=1:check_initialization_order=1
```
- Run `ninja chack-all`
![]()
_______________________________________________
llvm-bugs mailing list
llvm-bugs@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
