| Issue |
75797
|
| Summary |
clang++ should always emit `@llvm.trap()` when flowing off the end of a non-void function
|
| Labels |
clang
|
| Assignees |
|
| Reporter |
Eisenwave
|
Currently, when optimizations are enabled, flowing off the end of a function in C++ mode emits `unreachable`. This means that a function such as:
```cpp
int get(int x) {
if (x == 0) { }
else std::abort();
}
```
... is equivalent to simply calling `abort()`. This behavior does not reflect developer intent, and it's possible to fall through into other code sections as a result of simply treating this as optimizable UB.
Even with no warning flags enabled, clang emits
> ```none
> <source>:6:1: warning: non-void function does not return a value in all control paths [-Wreturn-type]
> 6 | }
> | ^
> ```
Flowing off the end of a function is a common developer mistake and basically never intentional. It should not be hidden by the optimizer because it may result in security vulnerabilities such as [CVE-2014-9296](https://access.redhat.com/security/cve/cve-2014-9296).
If a developer actually wants the current behavior, they can simply write:
```cpp
int get(int x) {
if (x == 0) {
__builtin_unreachable(); // or, since C++23
std::unreachable(); // or, alternatively
[[assume(false)]];
}
else std::abort();
}
```
There is zero motivation for violating programmer intent and emitting security vulnerabilities. This offers no optimization opportunities that could not be trivially obtained with more explicit code.
![]()
_______________________________________________
llvm-bugs mailing list
[email protected]
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
