<table border="1" cellspacing="0" cellpadding="8">
    <tr>
        <th>Issue</th>
        <td>
            <a href=https://github.com/llvm/llvm-project/issues/130292>130292</a>
        </td>
    </tr>

    <tr>
        <th>Summary</th>
        <td>
            Stack-Use-After-Scope in clang/lib/Sema/SemaChecking.cpp Detected by AddressSanitizer
        </td>
    </tr>

    <tr>
      <th>Labels</th>
      <td>
            clang
      </td>
    </tr>

    <tr>
      <th>Assignees</th>
      <td>
      </td>
    </tr>

    <tr>
      <th>Reporter</th>
      <td>
          sivan-shani
      </td>
    </tr>
</table>

<pre>
    AddressSanitizer reports a stack-use-after-scope in clang/lib/Sema/SemaChecking.cpp.
The issue occurs in the function:
```
template<typename Range>
void CheckFormatHandler::EmitFormatDiagnostic(PartialDiagnostic PDiag,
 SourceLocation Loc,
 bool IsStringLocation,
 Range StringRange,
 ArrayRef<FixItHint> FixIt) {
  EmitFormatDiagnostic(S, inFunctionCall, Args[FormatIdx], PDiag,
                       Loc, IsStringLocation, StringRange, FixIt);
}
```
Args is a member of CheckFormatHandler:
```
ArrayRef<const Expr *> Args;
```
ASan Error Message:
```
ERROR: AddressSanitizer: stack-use-after-scope on address 0x71194979f170
READ of size 8 at 0x71194979f170 thread T0
    #0 0x56f9fa7b823f in EmitFormatDiagnostic<clang::CharSourceRange> clang/lib/Sema/SemaChecking.cpp:6925:43

Environment:
Ubuntu 24.04
Clang version 21.0.0
Target: x86_64-unknown-linux-gn




    #1 0x56f9fa7b823f in CheckFormatHandler::HandleInvalidConversionSpecifier
 ...
SUMMARY: AddressSanitizer: stack-use-after-scope clang/lib/Sema/SemaChecking.cpp:6925:43 in EmitFormatDiagnostic<clang::CharSourceRange>
```
Steps to Reproduce:
- Compile llvm with ASan enabled (with flag `-fsanitize=address` or, Cmake: `-DLLVM_USE_SANITIZER=Address`)
- Enable ASan checks via environment variable: 
```
export ASAN_OPTIONS=detect_leaks=1:strict_string_checks=1:detect_stack_use_after_return=1:check_initialization_order=1
```
- Run `ninja chack-all`
</pre>
<img width="1" height="1" alt="" src="http://email.email.llvm.org/o/eJycVU1v2zgQ_TX0ZSCDImXLPvig-gM1kLSFlSywezFoaSSzoUiBpFynv35BSU263gTYrCFA1nBm-N7MG1I4J2uNuCKzT2S2mYjOn41dOXkROnJnoeXkZMrnVVaWFp3LhZZe_kQLFltjvQMBzoviKeocRqLyaCNXmBZBaiiU0DVhOyVPhO1ybMT4Wp-xeJK6nhZtOyU0ezgjSOc6BFMUnXUh2J8Rqk4XXhpNeEZoRuZ0fGjmsWmV8Ej42j-3qEWDcBC6RsK3hGYXI0vod9kZ2wj_WehSoQ15eLZtpB_MGylqbZyXBWGLb8J6KdSrDb6F_4StCc0gN50t8M4UIgCCO1OMCydjFOxd7q3U9a_1ca1HBMPSgG6wZ9aK5wNWhK938rr3n6X2hG-h_yBsCST9FPzgHag5YWuQejeWZy2UCpbM1o7MPg0B-_JKZptg_p3G27-BzVssbsC_ICQ8ACTp5qYvAQLIoIoGmxNaMNU7fbiNe6lIYbTzsL22FgjLQll6XsOGv4fkQsPWWmPhHp0Tofe3abeHw9cD4RncyjfY3tat0SAGZ6DXNI6XyTJdVnEa0h222SYwcvInwgKEv3EBf7YoSnigY60J4xTodTavlpVITwvGq6DtN9vK18O89Bpdn4UdJPdL1f9tmgjP5ks2IzxLeKgFzbb6Iq3RDQaJBcPjqdO-A5ZMaUJotg5p4YLWBV2zeEqnAf2DsDWGCLgu5sd5EnX6SZsfOlJSd9eo1kP2l2dkG7_B9r05HD72-iKULNdGjxjyFgtZSbQh63Qazof88f4-O_z5sUZ-uF7_tzM3mss9tg68gQO21pRdMeoygrVpWqkQlLo08EP6M_QaRi1OCksgbNEbKyVqIHMaVW5kSfhm1CSZUzA2TOK6EU8hc--5ubv74_74mG-PefZl_7D_a3sgfJO9xISJDQi2_VbDtkUog4OLFICvGoGLsDI49an_yQyv4ciHLM--HL9-e9h__ZITvinRY-GPCsWTI3wTE545b2Xhj64_O47DRuPS6N237Ng5PPYtO1r0ndWjTx9wlIG7UPJnfxYdjS1DtzfxDagIDp0ORdBSfxdQnIMWwoE4p5NyxcslX4oJruI0ifmcJjGbnFd8IcoqSalYxAmrZvGS4SJBmixEjHxR0IlcMcpmlNM0nsWcsymms0VapXFKZ_xE4xlJKDZCqmno5dTYetLfX6uYU7ZkEyVOqFx_pzI2CpGF69WuQkB06mpHEqqk8-41hZde4Srv1fzoMMp6Necfuk5h0xcYSzg9_2tYJp1Vq7P3rQuSZDvCdrX05-40LUwTMqvLr1fUWvMdC0_YrmfmCNuN5C4r9ncAAAD__8JDme8">