| Issue |
120855
|
| Summary |
Missed tysan violation with optimization
|
| Labels |
new issue
|
| Assignees |
|
| Reporter |
thesamesam
|
With `-O0 -fsanitize=type`, we detect the violation correctly, but fail to with `-O1` or greater:
```
#include <stdbool.h>
typedef struct k {
int a;
int b;
} k;
typedef struct l {
bool a;
bool b;
} l;
k my_k;
l my_l;
void frobnicate_the_struct(k *my_k) {
int a = ((k*) &my_k)->a;
__builtin_printf("got k.a=%d\n", a);
}
int main() {
frobnicate_the_struct((k*)&my_l);
}
```
```
$ clang -O0 -fsanitize=type a.c -o a && ./a
==1==ERROR: TypeSanitizer: type-aliasing-violation on address 0x7ffcfff2a198 (pc 0x5f6739b118d1 bp 0x7ffcfff2a110 sp 0x7ffcfff2a0b8 tid 1)
READ of size 4 at 0x7ffcfff2a198 with type int (in k at offset 0) accesses an existing object of type p1 _ZTS1k
#0 0x5f6739b118d0 (/app/output.s+0x2a8d0)
got k.a=977714280
```
```
$ clang -O1 -fsanitize=type a.c -o a && ./a
got k.a=1389137000
```
godbolt: https://godbolt.org/z/cYPT3vYnY
![]()
_______________________________________________
llvm-bugs mailing list
llvm-bugs@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
