https://gcc.gnu.org/bugzilla/show_bug.cgi?id=84340
Bug ID: 84340 Summary: [8 regression] g++.dg/asan/use-after-scope-types-1.C (and others) fails after r257585 Product: gcc Version: 8.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: sanitizer Assignee: unassigned at gcc dot gnu.org Reporter: seurer at gcc dot gnu.org CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org, jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxin at gcc dot gnu.org Target Milestone: --- I saw this on powerpc64 both le and be FAIL: g++.dg/asan/use-after-scope-types-1.C -O1 execution test FAIL: g++.dg/asan/use-after-scope-types-1.C -O2 execution test FAIL: g++.dg/asan/use-after-scope-types-1.C -O2 -flto -fno-use-linker-plugin -flto-partition=none execution test FAIL: g++.dg/asan/use-after-scope-types-1.C -O2 -flto -fuse-linker-plugin -fno-fat-lto-objects execution test FAIL: g++.dg/asan/use-after-scope-types-1.C -O3 -g execution test FAIL: g++.dg/asan/use-after-scope-types-1.C -Os execution test FAIL: g++.dg/asan/use-after-scope-types-2.C -O1 execution test FAIL: g++.dg/asan/use-after-scope-types-2.C -O2 execution test FAIL: g++.dg/asan/use-after-scope-types-2.C -O2 -flto -fno-use-linker-plugin -flto-partition=none execution test FAIL: g++.dg/asan/use-after-scope-types-2.C -O2 -flto -fuse-linker-plugin -fno-fat-lto-objects execution test FAIL: g++.dg/asan/use-after-scope-types-2.C -O3 -g execution test FAIL: g++.dg/asan/use-after-scope-types-2.C -Os execution test FAIL: g++.dg/asan/use-after-scope-types-3.C -O1 execution test FAIL: g++.dg/asan/use-after-scope-types-3.C -O2 execution test FAIL: g++.dg/asan/use-after-scope-types-3.C -O2 -flto -fno-use-linker-plugin -flto-partition=none execution test FAIL: g++.dg/asan/use-after-scope-types-3.C -O2 -flto -fuse-linker-plugin -fno-fat-lto-objects execution test FAIL: g++.dg/asan/use-after-scope-types-3.C -O3 -g execution test FAIL: g++.dg/asan/use-after-scope-types-3.C -Os execution test FAIL: g++.dg/asan/use-after-scope-types-5.C -O1 execution test FAIL: g++.dg/asan/use-after-scope-types-5.C -O2 execution test FAIL: g++.dg/asan/use-after-scope-types-5.C -O2 -flto -fno-use-linker-plugin -flto-partition=none execution test FAIL: g++.dg/asan/use-after-scope-types-5.C -O2 -flto -fuse-linker-plugin -fno-fat-lto-objects execution test FAIL: g++.dg/asan/use-after-scope-types-5.C -O3 -g execution test FAIL: g++.dg/asan/use-after-scope-types-5.C -Os execution test The failures all appear to be something like this: ================================================================= ==53100==ERROR: AddressSanitizer: stack-use-after-scope on address 0x3fffe6d3c880 at pc 0x00001000103c bp 0x3fffe6d3c7c0 sp 0x3fffe6d3c7e0 WRITE of size 1 at 0x3fffe6d3c880 thread T0 #0 0x10001038 in Ptr<bool>::Access() /home/seurer/gcc/gcc-trunk/gcc/testsuite/g++.dg/asan/use-after-scope-types.h:8 #1 0x10000e6c in void test<bool>() /home/seurer/gcc/gcc-trunk/gcc/testsuite/g++.dg/asan/use-after-scope-types.h:29 #2 0x10000c74 in main /home/seurer/gcc/gcc-trunk/gcc/testsuite/g++.dg/asan/use-after-scope-types-1.C:10 #3 0x3fffb38d3098 (/lib/powerpc64le-linux-gnu/libc.so.6+0x23098) Address 0x3fffe6d3c880 is located in stack of thread T0 at offset 32 in frame #0 0x10000d60 in void test<bool>() /home/seurer/gcc/gcc-trunk/gcc/testsuite/g++.dg/asan/use-after-scope-types.h:22 This frame has 2 object(s): [32, 33) 'x' <== Memory access at offset 32 is inside this variable [96, 104) 'ptr' HINT: this may be a false positive if your program uses some custom stack unwind mechanism or swapcontext (longjmp and C++ exceptions *are* supported) SUMMARY: AddressSanitizer: stack-use-after-scope /home/seurer/gcc/gcc-trunk/gcc/testsuite/g++.dg/asan/use-after-scope-types.h:8 in Ptr<bool>::Access() Shadow bytes around the buggy address: 0x09fffcda78c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x09fffcda78d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x09fffcda78e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x09fffcda78f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x09fffcda7900: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 =>0x09fffcda7910:[f8]f2 f2 f2 f2 f2 f2 f2 00 f2 f2 f2 f3 f3 f3 f3 0x09fffcda7920: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x09fffcda7930: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x09fffcda7940: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x09fffcda7950: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x09fffcda7960: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb ==53100==ABORTING