From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by sourceware.org (Postfix) with ESMTPS id 0CF75384D191 for ; Fri, 24 Jun 2022 14:26:12 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 0CF75384D191 Received: from mail-qk1-f200.google.com (mail-qk1-f200.google.com [209.85.222.200]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-166-g_h_siSEM-yvT7w9cmJLCg-1; Fri, 24 Jun 2022 10:26:10 -0400 X-MC-Unique: g_h_siSEM-yvT7w9cmJLCg-1 Received: by mail-qk1-f200.google.com with SMTP id o10-20020a05620a2a0a00b006a77a64cd23so2740277qkp.21 for ; Fri, 24 Jun 2022 07:26:10 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent:subject :content-language:from:to:cc:references:in-reply-to :content-transfer-encoding; bh=J9VzqxPLNLy8jmTnHhMwLsy7+C/XNFUO58srRH47wZ8=; b=KRxAHCQL0Dt3I8tGpHwhEz25ppnPbr+bDs3gPI0jHJs1Yul/g+2CEFzFSwnZBTq/oG EOF7SP598F0XQqnKbWyey2rgW8z+NrMBlOfcODB0K253odXR3qb2DE/if9P4iC7VkZ1X R6dJOAb0j3EfqzaPM0L8gnFkvNJ1d7TAmPEEHmVZbrrNOlAt31Kq5qT8lm5kWtc5mv/+ hlsriLcWF/JSLXrYzhJI1hTnTlJ8bZW0Cm5Tsxg4z4cXrSjSxSbvmgWv5Y0637BpRDkf pI9VuG4BhWNwO+JWnK30Bxge2cggkVimRtHtBHtYs1RXKMayzl+/AI2ejPuUz1bsS3HU HrKQ== X-Gm-Message-State: AJIora8egnBv8zphHn4vvW0cd0ZQlnC2iCY+NsFMNX5k2abVo6PpEvRc vIiwRvqXANPsV6AIudlORBGa5tT1SMuu/nRTRs7mCaArzbMQ07xk55PFeFxNJ5kvmk5d0jjgZkS 2LF1kKd/MX07rtUjnXg== X-Received: by 2002:a05:622a:1049:b0:305:2f0f:63c6 with SMTP id f9-20020a05622a104900b003052f0f63c6mr13106113qte.331.1656080769571; Fri, 24 Jun 2022 07:26:09 -0700 (PDT) X-Google-Smtp-Source: AGRyM1uFpRJFBwTTlXxySAuhK14AyV8QsrsGzN27cfwMi6GLr8YlEv4ZYfrnqtqx7AlVp4X0oCGTug== X-Received: by 2002:a05:622a:1049:b0:305:2f0f:63c6 with SMTP id f9-20020a05622a104900b003052f0f63c6mr13106082qte.331.1656080769191; Fri, 24 Jun 2022 07:26:09 -0700 (PDT) Received: from [192.168.1.100] (130-44-159-43.s15913.c3-0.arl-cbr1.sbo-arl.ma.cable.rcncustomer.com. [130.44.159.43]) by smtp.gmail.com with ESMTPSA id o1-20020a05620a2a0100b006a79479657fsm2120563qkp.108.2022.06.24.07.26.08 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 24 Jun 2022 07:26:08 -0700 (PDT) Message-ID: <94857e20-cd61-3356-ef61-fb4d3fc3f85a@redhat.com> Date: Fri, 24 Jun 2022 10:26:08 -0400 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.10.0 Subject: Re: [PATCH RFA] ubsan: do return check with -fsanitize=unreachable From: Jason Merrill To: Jakub Jelinek Cc: gcc-patches@gcc.gnu.org References: <20220617212002.3747825-1-jason@redhat.com> In-Reply-To: X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-6.7 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, NICE_REPLY_A, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_NONE, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: gcc-patches@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Jun 2022 14:26:13 -0000 On 6/22/22 00:04, Jason Merrill wrote: > On 6/20/22 16:16, Jason Merrill wrote: >> On 6/20/22 07:05, Jakub Jelinek wrote: >>> On Fri, Jun 17, 2022 at 05:20:02PM -0400, Jason Merrill wrote: >>>> Related to PR104642, the current situation where we get less return >>>> checking >>>> with just -fsanitize=unreachable than no sanitize flags seems >>>> undesirable; I >>>> propose that we do return checking when -fsanitize=unreachable. >>> >>> __builtin_unreachable itself (unless turned into trap or >>> __ubsan_handle_builtin_unreachable) is not any kind of return >>> checking, it >>> is just an optimization. >> >> Yes, but I'm talking about "when -fsanitize=unreachable". >> >>>> Looks like clang just traps on missing return if not >>>> -fsanitize=return, but >>>> the approach in this patch seems more helpful to me if we're already >>>> sanitizing other should-be-unreachable code. >>>> >>>> I'm assuming that the difference in treatment of >>>> SANITIZE_UNREACHABLE and >>>> SANITIZE_RETURN with regard to loop optimization is deliberate. >>> >>> return and unreachable are separate sanitizers and such silent one way >>> implication can have quite unexpected consequences, especially with >>> -fsanitize-trap=. >>> Say with -fsanitize=unreachable -fsanitize-trap=unreachable, both >>> current >>> trunk and clang will link without -lubsan, because the only enabled >>> UBSan >>> sanitizers use __builtin_trap () which doesn't need library. >>> With -fsanitize=unreachable silently meaning >>> -fsanitize=unreachable,return >>> the above would link in -lubsan, because while SANITIZE_UNREACHABLE uses >>> __builtin_trap, SANITIZE_RETURN doesn't. >>> Similarly, one has no_sanitize attribute, one could in certain function >>> __attribute__((no_sanitize ("unreachable"))) and because on the command >>> line using -fsanitize=unreachable assume other sanitizers aren't >>> enabled, >>> but the silent addition of return sanitizer would break that. >> >> Ah, true.  How about this approach instead? > > Or, this approach relies on the PR104642 patch, and just fixes the line > number issue.  This is less clear about the problem than using the > return ubsan library function, but avoids using one entry point to > implement the other sanitizer, if that's important. Ping?