Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 367246

Summary: no return from non-void false positive because CODAN doesn't recognize assert(false) as noreturn
Product: [Tools] CDT Reporter: Matt Hargett <matt>
Component: cdt-codanAssignee: CDT Codan Inbox <cdt-codan-inbox>
Status: NEW --- QA Contact: Elena Laskavaia <elaskavaia.cdt>
Severity: normal    
Priority: P3 CC: cdtdoug, yevshif, zeratul976
Version: 8.0   
Target Milestone: ---   
Hardware: PC   
OS: Linux   
Whiteboard:

Description Matt Hargett CLA 2011-12-20 15:30:35 EST 
Build Identifier: Build id: 20111215-0110

For code like this (observed in real code as well, of course):
int f(void) {
  assert(false);
}

One solution would be to special-case assert(), but here I think it would be better to correctly parse the glibc assert macro and the __noreturn__ attributed functions that it resolves to:
/* This prints an "Assertion failed" message and aborts.  */
extern void __assert_fail (__const char *__assertion, __const char *__file,
			   unsigned int __line, __const char *__function)
     __THROW __attribute__ ((__noreturn__));

/* Likewise, but prints the error text for ERRNUM.  */
extern void __assert_perror_fail (int __errnum, __const char *__file,
				  unsigned int __line,
				  __const char *__function)
     __THROW __attribute__ ((__noreturn__));


/* The following is not at all used here but needed for standard
   compliance.  */
extern void __assert (const char *__assertion, const char *__file, int __line)
     __THROW __attribute__ ((__noreturn__));


__END_DECLS
#endif /* Not _ASSERT_H_DECLS */

# define assert(expr)							\
  ((expr)								\
   ? __ASSERT_VOID_CAST (0)						\
   : __assert_fail (__STRING(expr), __FILE__, __LINE__, __ASSERT_FUNCTION))

This is technically a duplicate of #346557, as far as the root cause, but a different symptom.

Reproducible: Always
Comment 1 Elena Laskavaia CLA 2011-12-20 22:35:55 EST 
That is not that easy - we cannot just assume that assert not returns, we also
have to do constant folding propagation and static evaluation to evaluate ?: expression. I think fixing this code to return 0 is a lot easier.
Comment 2 Matt Hargett CLA 2011-12-21 15:42:43 EST 
The code I presented is a reduced testcase, of course. In context, they are trying to halt the system if the end of a function is reached. Due to the nature of the custom embedded operating system, they have chosen to do it with assert(false). 

Thankfully, they didn't use a macro with inline asm -- the macro resolves to real functions that have attributes to help. I hear what you are saying about static evaluation, which would likely be very useful for other circumstances as well. Is this bug an appropriate way to track that feature for a future release?