Commit fa8ecf88 authored by Nick Mathewson's avatar Nick Mathewson 🎨
Browse files

Better fix for #40241 (--enable-all-bugs-are-fatal and fallthrough)

This one should work on GCC _and_ on Clang.  The previous version
made Clang happier by not having unreachable "fallthrough"
statements, but made GCC sad because GCC didn't think that the
unconditional failures were really unconditional, and therefore
_wanted_ a FALLTHROUGH.

This patch adds a FALLTHROUGH_UNLESS_ALL_BUGS_ARE_FATAL macro that
seems to please both GCC and Clang in this case: ordinarily it is a
FALLTHROUGH, but when ALL_BUGS_ARE_FATAL is defined, it's an
abort().

Fixes bug 40241 again.  Bugfix on earlier fix for 40241, which was
merged into maint-0.3.5 and forward, and released in 0.4.5.3-rc.
parent 6c0f1550
o Minor bugfixes (compilation):
- Fix another warning about unreachable fallthrough annotations
when building with "--enable-all-bugs-are-fatal" on some compilers.
Fixes bug 40241; bugfix on 0.4.5.3-rc.
......@@ -1225,9 +1225,7 @@ channel_tls_handle_var_cell(var_cell_t *var_cell, or_connection_t *conn)
* the v2 and v3 handshakes. */
/* But that should be happening any longer've disabled bufferevents. */
tor_assert_nonfatal_unreached_once();
#ifndef ALL_BUGS_ARE_FATAL
FALLTHROUGH;
#endif
FALLTHROUGH_UNLESS_ALL_BUGS_ARE_FATAL;
case OR_CONN_STATE_TLS_SERVER_RENEGOTIATING:
if (!(command_allowed_before_handshake(var_cell->command))) {
log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
......
......@@ -787,9 +787,7 @@ circuit_purpose_to_controller_hs_state_string(uint8_t purpose)
"Unrecognized circuit purpose: %d",
(int)purpose);
tor_fragile_assert();
#ifndef ALL_BUGS_ARE_FATAL
FALLTHROUGH;
#endif
FALLTHROUGH_UNLESS_ALL_BUGS_ARE_FATAL;
case CIRCUIT_PURPOSE_OR:
case CIRCUIT_PURPOSE_C_GENERAL:
......
......@@ -2263,9 +2263,7 @@ entry_guards_note_guard_success(guard_selection_t *gs,
break;
default:
tor_assert_nonfatal_unreached();
#ifndef ALL_BUGS_ARE_FATAL
FALLTHROUGH;
#endif
FALLTHROUGH_UNLESS_ALL_BUGS_ARE_FATAL;
case GUARD_CIRC_STATE_USABLE_IF_NO_BETTER_GUARD:
if (guard->is_primary) {
/* XXXX #20832 -- I don't actually like this logic. It seems to make
......
......@@ -819,9 +819,7 @@ rend_client_report_intro_point_failure(extend_info_t *failed_intro,
log_warn(LD_BUG, "Unknown failure type %u. Removing intro point.",
failure_type);
tor_fragile_assert();
#ifndef ALL_BUGS_ARE_FATAL
FALLTHROUGH;
#endif
FALLTHROUGH_UNLESS_ALL_BUGS_ARE_FATAL;
case INTRO_POINT_FAILURE_GENERIC:
rend_cache_intro_failure_note(failure_type,
(uint8_t *)failed_intro->identity_digest,
......
......@@ -215,6 +215,17 @@
IF_BUG_ONCE__(ASSERT_PREDICT_UNLIKELY_(cond), \
IF_BUG_ONCE_VARNAME__(__LINE__))
/**
* Use this macro after a nonfatal assertion, and before a case statement
* where you would want to fall through.
*/
#ifdef ALL_BUGS_ARE_FATAL
#define FALLTHROUGH_UNLESS_ALL_BUGS_ARE_FATAL \
abort()
#else
#define FALLTHROUGH_UNLESS_ALL_BUGS_ARE_FATAL FALLTHROUGH
#endif
/** Define this if you want Tor to crash when any problem comes up,
* so you can get a coredump and track things down. */
// #define tor_fragile_assert() tor_assert_unreached(0)
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment