From 33bbbed9dde90b68d3bf88dca1f21b557425db4b Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Thu, 13 May 2010 10:57:30 -0400 Subject: Mark the event_err() functions as __attribute__((noreturn)) This attribute tells gcc (and anything else that understands gcc attributes) that the functions will never return control, and helps the optimizer a little. With luck, it will also tell less-than-full-program dataflow analysis tools that they don't need to worry about any code path that involves calling one of these functions and then returning. This patch also forces event_exit() to always exit, no matter what the user-supplied fatal_callback does. This means that the old unit tests for the event_err* functions don't work any more, since they assume it is safe to call event_err* if you've given it a bogus fatal_callback that doesn't exit. Instead, we have to make the unit tests fork before calling event_err(), and have the main unit test process wait for the event_err() test to exit with a sane exit code. On unix, that's trivial. On windows, let's not bother and just assume that event_err* works. --- log.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'log.c') diff --git a/log.c b/log.c index c1f357c4..06f9efd0 100644 --- a/log.c +++ b/log.c @@ -59,6 +59,7 @@ static void _warn_helper(int severity, const char *errstr, const char *fmt, va_list ap); static void event_log(int severity, const char *msg); +static void event_exit(int errcode) EV_NORETURN; static event_fatal_cb fatal_fn = NULL; @@ -71,9 +72,10 @@ event_set_fatal_callback(event_fatal_cb cb) static void event_exit(int errcode) { - if (fatal_fn) + if (fatal_fn) { fatal_fn(errcode); - else if (errcode == _EVENT_ERR_ABORT) + exit(errcode); /* should never be reached */ + } else if (errcode == _EVENT_ERR_ABORT) abort(); else exit(errcode); -- cgit v1.2.1