<table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Issue</th>
<td>
<a href=https://github.com/llvm/llvm-project/issues/66451>66451</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>
Sanitizer `pointer-overflow` does not appear to function
</td>
</tr>
<tr>
<th>Labels</th>
<td>
new issue
</td>
</tr>
<tr>
<th>Assignees</th>
<td>
</td>
</tr>
<tr>
<th>Reporter</th>
<td>
kees
</td>
</tr>
</table>
<pre>
Using `-fsanitize=pointer-overflow` doesn't appear to provide any checking on pointer math. GCC's implementation correctly triggers if `NULL` is operated on or if a value would wrap around.
https://godbolt.org/z/1c6ec9TTP
```
#include <stdlib.h>
#include <stdio.h>
/* Using stderr for all output or else godbolt doesn't intermix output. */
int main(int argc, char *argv[]) {
void *p = NULL;
fprintf(stderr, "%p (%zu)\n", p, (unsigned long)p);
/* argc is a stand-in for "1" to avoid optimization */
p -= argc;
fprintf(stderr, "%p (%zu)\n", p, (unsigned long)p);
p += argc;
fprintf(stderr, "%p (%zu)\n", p, (unsigned long)p);
return 0;
}
```
Clang just shows the value wrapping:
```
(nil) (0)
0xffffffffffffffff (18446744073709551615)
(nil) (0)
```
But GCC will catch it:
```
(nil) (0)
/app/example.c:11:7: runtime error: applying non-zero offset 18446744073709551615 to null pointer
0xffffffffffffffff (18446744073709551615)
/app/example.c:15:7: runtime error: applying non-zero offset to non-null pointer 0xffffffffffffffff produced null pointer
(nil) (0)
```
</pre>
<img width="1px" height="1px" alt="" src="http://email.email.llvm.org/o/eJzEVcuu2zYQ_ZrxZmBDoqzXQgtfu-4mKAo0-QBKHElMaJLgw77XX19Qdhoj9S3aZhHDkC3O8PDM4Ty493LSRB2UL1AeVjyG2bjuC5Ff9Ua8dZ-81BNCla1Hz7UM8kpQHKyROpBbmzO5UZkLVBkKQ14DqwNya4k7DAatM2cpCLl-w2Gm4UsCMxrv-_HEw7zBX_d7YLVHebKKTqQDD9JoHIxzNAT1hsHJaSLnUY6Jym-fPnxIJ0qPxpLjgUQCNS7ZOZ65ioQXE5XAi-MWuTNRiw1kB8h2t-ccgvVQ7IAdgR0nI3qjwsa4CdjxCuyYDxUN7cePvz9ugiq7f2-vrJB6UFEQQrH3QSjZb2YofnnHLM2j9e5zBLbDm8g-CHIOR-OQK4UmBhtDioqUJ7xzfJB5kfAkX--eGwS2AC7IUgc8camBNekvd9MAbI_DzF3y4246364cWItQv9x2ISKejRTJxSIUB1y0Ll4eSSen0TqpwwisubFO2MAYsNIisAZYeY3AWij3elneo725NFEvGSdQGT0Ba21y-_sBd2US73TPHH3gWqylXvQBxnJgLKUYX_gaG-RJXm-J86hDwrK4TqEsGvyEUBLMy88k4ChEpzH7ZqoPzzN6ee4V1xN-jj6gn83FY5jpa1E5bq3UU6qcfyqMRku1JBZrssRpWc5ex-8-yZ43221Vb7dZXdRZW5Z5lZd_bXkH6SntlxhSJ8GLVAoHHoYZZfhfRIEdubXAjvTKU0vaDFDs8hyKXQ3FDl3UQZ4IyTnj0gK3Vr2lCtZGr6_kDJpx9BTwWWwpZ3VU6msP_AFtnrEs_zvLRMjo9SMpfMLHOiPiQOIJ-393TSvRFaItWr6iLq_abV3Ubc5Wc8eoL0ReFQ3nY9OPnPO2qETLe2LVWObNSnYsY0XW5mWWFXnJNtQUbTtuq77eMsH7FrYZnbhUG6XOp9TGV9L7SF1Vbct8pXhPyi8jjjFNF1yMqZbKw8p1ac-6j5OHbaakD_4bSpBBUffHffC5NHzeG32ozePkG6MeUjNaRae676aNDHPsN4M5ATumo-4_a-vMZxoCsONC0AM7LgH8GQAA__9-Bjzn">