From 323d4b6f6839b472ac02c31105727147660dc4db Mon Sep 17 00:00:00 2001 From: Vadim Markovtsev Date: Mon, 13 Jan 2014 11:54:42 +0400 Subject: [PATCH] Add "__noreturn" to assert and assert2 These functions should print assertion violation messages and then call abort(). They do really not return control flow afterwards. Consider the declaration of the similar __assert_fail from glibc: extern void __assert_fail (const char *__assertion, const char *__file, unsigned int __line, const char *__function) __THROW __attribute__ ((__noreturn__)); Bionic has __noreturn defined in sys/cdefs.h to be that GNU noreturn attribute. This patch has a practical value. Consider the following function: void check(void* ptr) { assert(ptr != NULL); } Without this patch applied, gcc (and presumably clang) shows even in debug mode: warning: unused parameter 'ptr' [-Wunused-parameter] In release mode, NDEBUG is defined and assert() becomes a no-op, as one should expect. Thus, the warning is shown correctly then. Another code sample: float array[2]; int i = 3; ... assert(i < 2); array[i] = 0; gcc says, warning: array subscript is below array bounds [-Warray-bounds] In other words, without noreturn attribute, assertions do not allow a compiler's static analyzer to properly understand the preconditions. Change-Id: I3be92e99787c528899cf243ed448c4730c00c45b Signed-off-by: Vadim Markovtsev --- libc/include/assert.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libc/include/assert.h b/libc/include/assert.h index 62470f5f0..361a5ff09 100644 --- a/libc/include/assert.h +++ b/libc/include/assert.h @@ -60,6 +60,6 @@ #endif __BEGIN_DECLS -__dead void __assert(const char *, int, const char *); -__dead void __assert2(const char *, int, const char *, const char *); +__dead void __assert(const char *, int, const char *) __noreturn; +__dead void __assert2(const char *, int, const char *, const char *) __noreturn; __END_DECLS