https://gcc.gnu.org/bugzilla/show_bug.cgi?id=94849
--- Comment #5 from Jakub Jelinek <jakub at gcc dot gnu.org> --- So it might be well defined on Windows, but unless glibc documents it as an extension, it is not valid on Linux. C clearly says: "The fopen function opens the file whose name is the string pointed to by filename" and NULL is not a pointer to a string. Same POSIX, e.g. in 1003.1-2017. So, just don't do this, you invoke undefined behavior, and one such behavior is that it crashes with the sanitizers.