Re: [PATCH 1/2] Annotate internal_error with the attribute noreturn

Subject: Re: [PATCH 1/2] Annotate internal_error with the attribute noreturn

Date: Sat, 22 Sep 2012 23:03:40 +0300

To: Austin Clements, Justus Winter

Cc: notmuch@notmuchmail.org

From: Tomi Ollila

On Sat, Sep 22 2012, Austin Clements wrote:

> LGTM, though I agree with David that this should return void now, if
> that's possible.
>
> Do we want to wrap the __attribute__((noreturn)) in an #ifdef __GNUC__
> (or provide a PRINTF_ATTRIBUTE-like macro) or is that already a lost
> cause?

Good point -- this should be NORETURN_ATTRIBUTE instead...

Also, http://gcc.gnu.org/onlinedocs/gcc-4.3.2//gcc/Function-Attributes.html states:

"It does not make sense for a noreturn function to have a return type other
than void."

(I think that hasn't changed since :)

Tomi

>
> Quoth Justus Winter on Sep 21 at  2:50 pm:
>> Annotating functions that do not return with the noreturn attribute
>> (which is understood by both gcc and clang) prevents static analyzers
>> from generating false positives (internal_error is used to terminate
>> the process and is used extensively in error handling code paths).
>> 
>> Remove the return statement that was placed there to appease the
>> compiler. Functions annotated with noreturn are not supposed to return
>> any values.
>> 
>> Signed-off-by: Justus Winter <4winter@informatik.uni-hamburg.de>
>> ---
>>  util/error_util.c |    2 --
>>  util/error_util.h |    2 +-
>>  2 files changed, 1 insertion(+), 3 deletions(-)
>> 
>> diff --git a/util/error_util.c b/util/error_util.c
>> index 630d228..3cf353a 100644
>> --- a/util/error_util.c
>> +++ b/util/error_util.c
>> @@ -35,7 +35,5 @@ _internal_error (const char *format, ...)
>>      vfprintf (stderr, format, va_args);
>>  
>>      exit (1);
>> -
>> -    return 1;
>>  }
>>  
>> diff --git a/util/error_util.h b/util/error_util.h
>> index bb15822..24a644b 100644
>> --- a/util/error_util.h
>> +++ b/util/error_util.h
>> @@ -30,7 +30,7 @@
>>   * Note that PRINTF_ATTRIBUTE comes from talloc.h
>>   */
>>  int
>> -_internal_error (const char *format, ...) PRINTF_ATTRIBUTE (1, 2);
>> +_internal_error (const char *format, ...) PRINTF_ATTRIBUTE (1, 2) __attribute__ ((noreturn));
>>  
>>  /* There's no point in continuing when we've detected that we've done
>>   * something wrong internally (as opposed to the user passing in a
> _______________________________________________
> notmuch mailing list
> notmuch@notmuchmail.org
> http://notmuchmail.org/mailman/listinfo/notmuch

Thread: