https://gcc.gnu.org/bugzilla/show_bug.cgi?id=63564
Bug ID: 63564 Summary: -fsanitize=address obscures access to free memory Product: gcc Version: 5.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: sanitizer Assignee: unassigned at gcc dot gnu.org Reporter: bernd.edlinger at hotmail dot de CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org, jakub at gcc dot gnu.org, kcc at gcc dot gnu.org Created attachment 33737 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=33737&action=edit test example with sem_post to free memory Hi, apparently the address sanitizer does not check the sem_post, sem_wait and similar if the memory is free or the semaphore already deleted. what makes this worse, is that the attached example crashes in the following malloc but "works" with -fsanitize=address. gcc -pthread test.c ./a.out Segmentation fault (core dumped) => app crashes in malloc, not in sem_post! gcc -pthread -fsanitize=address test.c ./a.out => works, and sanitizer "fixes" the malloc!