danmar
stack use after scope on cppcheck --check-config
./cppcheck --check-config gui
crashes inside simplecpp:
49/53 files checked 89% done
Checking gui/translationhandler.cpp ...
[gui/translationhandler.cpp:19]: (information) Include file: <QApplication> not found. Please note: Cppcheck does not need standard library headers to get proper results.
[gui/translationhandler.cpp:20]: (information) Include file: <QFile> not found. Please note: Cppcheck does not need standard library headers to get proper results.
[gui/translationhandler.cpp:21]: (information) Include file: <QDebug> not found. Please note: Cppcheck does not need standard library headers to get proper results.
[gui/translationhandler.cpp:22]: (information) Include file: <QLocale> not found. Please note: Cppcheck does not need standard library headers to get proper results.
[gui/translationhandler.cpp:23]: (information) Include file: <QMessageBox> not found. Please note: Cppcheck does not need standard library headers to get proper results.
[gui/translationhandler.cpp:24]: (information) Include file: <QSettings> not found. Please note: Cppcheck does not need standard library headers to get proper results.
[gui/translationhandler.cpp:25]: (information) Include file: <QFileInfo> not found. Please note: Cppcheck does not need standard library headers to get proper results.
=================================================================
==32629==ERROR: AddressSanitizer: stack-use-after-scope on address 0x7fffd86a9048 at pc 0x000000fa35a3 bp 0x7fffd86a88c0 sp 0x7fffd86a88b8
READ of size 8 at 0x7fffd86a9048 thread T0
#0 0xfa35a2 in std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >::size() const /usr/lib64/gcc/x86_64-pc-linux-gnu/8.1.0/../../../../include/c++/8.1.0/bits/stl_vector.h:806:40
#1 0xfa2e75 in simplecpp::Location::file[abi:cxx11]() const /home/matthias/vcs/github/cppcheck_llvm_debug/externals/simplecpp/simplecpp.h:82:38
#2 0xf8e944 in CppCheck::checkFile(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::istream&) /home/matthias/vcs/github/cppcheck_llvm_debug/lib/cppcheck.cpp:487:46
#3 0xf78552 in CppCheck::check(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) /home/matthias/vcs/github/cppcheck_llvm_debug/lib/cppcheck.cpp:83:12
#4 0x16661ae in CppCheckExecutor::check_internal(CppCheck&, int, char const* const*) /home/matthias/vcs/github/cppcheck_llvm_debug/cli/cppcheckexecutor.cpp:871:41
#5 0x166253c in CppCheckExecutor::check(int, char const* const*) /home/matthias/vcs/github/cppcheck_llvm_debug/cli/cppcheckexecutor.cpp:198:12
#6 0x1681d56 in main /home/matthias/vcs/github/cppcheck_llvm_debug/cli/main.cpp:136:21
#7 0x7f0e1271506a in __libc_start_main (/usr/lib/libc.so.6+0x2306a)
#8 0x99e029 in _start (/home/matthias/vcs/github/cppcheck_llvm_debug/cppcheck+0x99e029)
Address 0x7fffd86a9048 is located in stack of thread T0
SUMMARY: AddressSanitizer: stack-use-after-scope /usr/lib64/gcc/x86_64-pc-linux-gnu/8.1.0/../../../../include/c++/8.1.0/bits/stl_vector.h:806:40 in std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >::size() const
Shadow bytes around the buggy address:
0x10007b0cd1b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x10007b0cd1c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x10007b0cd1d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x10007b0cd1e0: 00 00 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
0x10007b0cd1f0: f8 f8 00 00 00 00 f8 f8 f8 f8 f8 f8 00 00 00 00
=>0x10007b0cd200: f8 f8 f8 00 00 00 00 00 f8[f8]f8 00 00 00 00 00
0x10007b0cd210: f8 f8 f8 f8 f8 f8 f8 f8 f8 00 00 00 00 00 00 00
0x10007b0cd220: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x10007b0cd230: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x10007b0cd240: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x10007b0cd250: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
==32629==ABORTING
Thanks! I doubt that this is a simplecpp issue. Because according to the call stack it does not happen during preprocessing. I assume that you don't see any crash with the simplecpp utility.
Ok. From looking at the stacktrace this looked to me like it was happening in simplecpp but I probably interpreted that wrongly then ....
See https://github.com/danmar/simplecpp/pull/132
BTW, cppcheck's travis/appveyor jobs should also contain --check-configruns
in none-asan mode, it only displays a bunch of corrupted characters but does not crash, so I doubt we would have found this on travis :/
That is the current state after my - obviously failed - attempt to cure a program termination after a C++ exception was not caught at all.
The code triggering for that is within cppcheck. One might consider some changes within simplecpp, maybe using some suitable pointer class instead of the reference, though within C++03 it would require a few lines of additional code...
I have built Cppcheck 1.89 dev via CXXFLAGS="-fsanitize=address -Og -g3" make cppcheck and run ./cppcheck --check-config gui/ and ./cppcheck --check-config ./.
So it looks like there is no longer an issue.
