| Issue |
61466
|
| Summary |
UBsan misses a Null-pointer-dereference
|
| Labels |
new issue
|
| Assignees |
|
| Reporter |
shao-hua-li
|
For the following code, UBsan cannot capture the null-pointer-dereference while gcc's UBsan can.
Compiler explorer: https://godbolt.org/z/GYzxrjrav
```shell
$ cat a.c
struct a {
int e;
} * h, i;
struct a j() {
h=0;
return i;
}
int main() {
*h = j();
return h->e;
}
$
$ clang-tk -fsanitize=undefined a.c && ./a.out
UndefinedBehaviorSanitizer:DEADLYSIGNAL
==1==ERROR: UndefinedBehaviorSanitizer: SEGV on unknown address 0x000000000000 (pc 0x5643ff62b53b bp 0x7ffc38e5ff70 sp 0x7ffc38e5ff50 T1)
==1==The signal is caused by a WRITE memory access.
==1==Hint: address points to the zero page.
#0 0x5643ff62b53b (/app/output.s+0x2b53b)
#1 0x7f4ecb185082 (/lib/x86_64-linux-gnu/libc.so.6+0x24082) (BuildId: 1878e6b475720c7c51969e69ab2d276fae6d1dee)
#2 0x5643ff60430d (/app/output.s+0x430d)
UndefinedBehaviorSanitizer can not provide additional info.
SUMMARY: UndefinedBehaviorSanitizer: SEGV (/app/output.s+0x2b53b)
==1==ABORTING
$
$ gcc-tk -fsanitize=undefined a.c && ./a.out
/a.c:9:8: runtime error: store to null pointer of type 'struct a'
$
```
![]()
_______________________________________________
llvm-bugs mailing list
[email protected]
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
