https://gcc.gnu.org/bugzilla/show_bug.cgi?id=115345
--- Comment #15 from Djordje Baljozovic <djordje.baljozovic at ac dot rwth-aachen.de> --- (In reply to Sam James from comment #14) > It's worth keeping in mind: > * Fuzzers are distinct from sanitizers (fuzzers run with random or ~random > input and often use sanitizers to help find issues) > * Fuzzers might not be hitting the code you're having trouble with > * The implementations of sanitizers in gcc vs clang are different (and AFAIK > oss-fuzz uses clang). They share libsanitizer but when to add > instrumentation varies. > * Valgrind can find things that some sanitizers can't. Hi Sam, Thanks for this useful information. To be perfectly honest, I did not even run address/unknown GCC sanitisers as I thought that Clang and GCC sanitizers are identical (I can confirm that oss-fuzz uses Clang sanitisers). Will try Valgrind as I have already detected a share of issues with this inherited code just by reading it, which did not show up in any fuzzers'/sanitisers' reports. Thanks, George
