<html>
<head>
<base href="http://llvm.org/bugs/" />
</head>
<body><table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Bug ID</th>
<td><a class="bz_bug_link
bz_status_NEW "
title="NEW --- - __dfsw_strchr( ..., '\0' ) gives wrong answer."
href="http://llvm.org/bugs/show_bug.cgi?id=22392">22392</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>__dfsw_strchr( ..., '\0' ) gives wrong answer.
</td>
</tr>
<tr>
<th>Product</th>
<td>compiler-rt
</td>
</tr>
<tr>
<th>Version</th>
<td>3.6
</td>
</tr>
<tr>
<th>Hardware</th>
<td>PC
</td>
</tr>
<tr>
<th>OS</th>
<td>Linux
</td>
</tr>
<tr>
<th>Status</th>
<td>NEW
</td>
</tr>
<tr>
<th>Severity</th>
<td>normal
</td>
</tr>
<tr>
<th>Priority</th>
<td>P
</td>
</tr>
<tr>
<th>Component</th>
<td>compiler-rt
</td>
</tr>
<tr>
<th>Assignee</th>
<td>unassignedbugs@nondot.org
</td>
</tr>
<tr>
<th>Reporter</th>
<td>christian.convey@gmail.com
</td>
</tr>
<tr>
<th>CC</th>
<td>llvmbugs@cs.uiuc.edu
</td>
</tr>
<tr>
<th>Classification</th>
<td>Unclassified
</td>
</tr></table>
<p>
<div>
<pre>Created <span class=""><a href="attachment.cgi?id=13766" name="attach_13766" title="x.c">attachment 13766</a> <a href="attachment.cgi?id=13766&action=edit" title="x.c">[details]</a></span>
x.c
It seems that when dataflow sanitizer replaces a call to "strchr" with
"_dfsw_strchr", and the call's second parameter is '\0', we get wrong behavior.
>From the Linux man page for strchr, I think "strchr( x, '\0' )" should return
the address of x's null terminator. But it seems that "_dfsw_strchr" is
returning NULL in this case.
To see the discrepancy, try compiling and running the attached source file
(x.c) with and without dataflow sanitizer enabled. The 'assert' only fails
when the x.c is built with "-fsanitize=dataflow".</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are on the CC list for the bug.</li>
</ul>
</body>
</html>