https://gcc.gnu.org/bugzilla/show_bug.cgi?id=62307
--- Comment #2 from Zack Weinberg <zackw at panix dot com> --- (In reply to Marc Glisse from comment #1) > -fsanitize=null seems to imply -fno-delete-null-pointer-checks, so I assume > this is on purpose. It would actually be quite natural for the sanitizer to > insert an extra check after every call to a returns_nonnull function, > checking that the result is indeed !=0. Otherwise yes, sanopt is way too > late for any other optimization to take place. I had a different mental model of how ubsan was supposed to function -- I was expecting it to insert explicit checks before every construct with potentially runtime-undefined behavior (not due to array bounds or pointer lifetimes), but then for the compiler to try as hard as possible to *eliminate* the checks where provably unnecessary. I was hoping, in fact, to be able to use -fsanitize=undefined -fdump-tree-optimized as a poor man's "tell me all the places where the program can't be proven *not* to have runtime-undefined behavior."