From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-bugzilla@gcc.gnu.org>
Received: by sourceware.org (Postfix, from userid 48)
	id A679B3858C2A; Wed, 13 Sep 2023 07:58:09 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org A679B3858C2A
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org;
	s=default; t=1694591889;
	bh=aYGEwZElJmyJDRZoqSyep4V9rRaXEmMTUIRGpSOiDmY=;
	h=From:To:Subject:Date:From;
	b=p4pB4y7mvoM7uDdMDEW6vShZsYvHwdMZ0U4oRjfveWnANlPw8XjkI5LOSChkMlw7D
	 /DyWyezZGSERrnultdAL0cK3BwZjDlYFi3OqqJPpJgYz87PWQLgIHq27yfH1oWT0cq
	 XDEGMETzGTi7KZKTpGiOfKReKl7gNPdD9ACg+iDY=
From: "david at westcontrol dot com" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug c/111400] New: Missing return sanitization only works in C++
Date: Wed, 13 Sep 2023 07:58:09 +0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: new
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: gcc
X-Bugzilla-Component: c
X-Bugzilla-Version: unknown
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: normal
X-Bugzilla-Who: david at westcontrol dot com
X-Bugzilla-Status: UNCONFIRMED
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: P3
X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status
 bug_severity priority component assigned_to reporter target_milestone
Message-ID: <bug-111400-4@http.gcc.gnu.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
List-Id: <gcc-bugs.sourceware.org>

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D111400

            Bug ID: 111400
           Summary: Missing return sanitization only works in C++
           Product: gcc
           Version: unknown
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c
          Assignee: unassigned at gcc dot gnu.org
          Reporter: david at westcontrol dot com
  Target Milestone: ---

With C++ and -fsanitize=3Dreturn, the code :

int foo(void) { }

generates a call to __ubsan_handle_missing_return.

For C, there is no sanitizer call - just a simple "ret" instruction.

This is, of course, because in C (unlike C++), falling off the end of a
non-void function is legal and defined behaviour, as long as caller code do=
es
not try to use the non-existent return value.  But just like in C++, it is
almost certainly an error in the C code if control flow ever falls off the =
end
of a non-void function.

Could -fsanitize=3Dreturn be added to C?  It should not be included by
-fsanitize=3Dundefined in C, since the behaviour is actually allowed, but it
would still be a useful option that could be enabled individually.=