commit fa8ecf88202dfe3af9e02331ca9dee6768870911
Author: Nick Mathewson <nickm(a)torproject.org>
Date: Wed Jan 13 09:48:00 2021 -0500
Better fix for #40241 (--enable-all-bugs-are-fatal and fallthrough)
This one should work on GCC _and_ on Clang. The previous version
made Clang happier by not having unreachable "fallthrough"
statements, but made GCC sad because GCC didn't think that the
unconditional failures were really unconditional, and therefore
_wanted_ a FALLTHROUGH.
This patch adds a FALLTHROUGH_UNLESS_ALL_BUGS_ARE_FATAL macro that
seems to please both GCC and Clang in this case: ordinarily it is a
FALLTHROUGH, but when ALL_BUGS_ARE_FATAL is defined, it's an
abort().
Fixes bug 40241 again. Bugfix on earlier fix for 40241, which was
merged into maint-0.3.5 and forward, and released in 0.4.5.3-rc.
---
changes/40241_v2 | 4 ++++
src/core/or/channeltls.c | 4 +---
src/core/or/circuitlist.c | 4 +---
src/feature/client/entrynodes.c | 4 +---
src/feature/rend/rendclient.c | 4 +---
src/lib/log/util_bug.h | 11 +++++++++++
6 files changed, 19 insertions(+), 12 deletions(-)
diff --git a/changes/40241_v2 b/changes/40241_v2
new file mode 100644
index 0000000000..85038297f7
--- /dev/null
+++ b/changes/40241_v2
@@ -0,0 +1,4 @@
+ o Minor bugfixes (compilation):
+ - Fix another warning about unreachable fallthrough annotations
+ when building with "--enable-all-bugs-are-fatal" on some compilers.
+ Fixes bug 40241; bugfix on 0.4.5.3-rc.
diff --git a/src/core/or/channeltls.c b/src/core/or/channeltls.c
index bdd82f3138..18025ff73a 100644
--- a/src/core/or/channeltls.c
+++ b/src/core/or/channeltls.c
@@ -1225,9 +1225,7 @@ channel_tls_handle_var_cell(var_cell_t *var_cell, or_connection_t *conn)
* the v2 and v3 handshakes. */
/* But that should be happening any longer've disabled bufferevents. */
tor_assert_nonfatal_unreached_once();
-#ifndef ALL_BUGS_ARE_FATAL
- FALLTHROUGH;
-#endif
+ FALLTHROUGH_UNLESS_ALL_BUGS_ARE_FATAL;
case OR_CONN_STATE_TLS_SERVER_RENEGOTIATING:
if (!(command_allowed_before_handshake(var_cell->command))) {
log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
diff --git a/src/core/or/circuitlist.c b/src/core/or/circuitlist.c
index 83e2124498..ccf3041bb4 100644
--- a/src/core/or/circuitlist.c
+++ b/src/core/or/circuitlist.c
@@ -787,9 +787,7 @@ circuit_purpose_to_controller_hs_state_string(uint8_t purpose)
"Unrecognized circuit purpose: %d",
(int)purpose);
tor_fragile_assert();
-#ifndef ALL_BUGS_ARE_FATAL
- FALLTHROUGH;
-#endif
+ FALLTHROUGH_UNLESS_ALL_BUGS_ARE_FATAL;
case CIRCUIT_PURPOSE_OR:
case CIRCUIT_PURPOSE_C_GENERAL:
diff --git a/src/feature/client/entrynodes.c b/src/feature/client/entrynodes.c
index c930fe244f..6c7f8057bd 100644
--- a/src/feature/client/entrynodes.c
+++ b/src/feature/client/entrynodes.c
@@ -2263,9 +2263,7 @@ entry_guards_note_guard_success(guard_selection_t *gs,
break;
default:
tor_assert_nonfatal_unreached();
-#ifndef ALL_BUGS_ARE_FATAL
- FALLTHROUGH;
-#endif
+ FALLTHROUGH_UNLESS_ALL_BUGS_ARE_FATAL;
case GUARD_CIRC_STATE_USABLE_IF_NO_BETTER_GUARD:
if (guard->is_primary) {
/* XXXX #20832 -- I don't actually like this logic. It seems to make
diff --git a/src/feature/rend/rendclient.c b/src/feature/rend/rendclient.c
index acff805c0e..6e95142c0b 100644
--- a/src/feature/rend/rendclient.c
+++ b/src/feature/rend/rendclient.c
@@ -819,9 +819,7 @@ rend_client_report_intro_point_failure(extend_info_t *failed_intro,
log_warn(LD_BUG, "Unknown failure type %u. Removing intro point.",
failure_type);
tor_fragile_assert();
-#ifndef ALL_BUGS_ARE_FATAL
- FALLTHROUGH;
-#endif
+ FALLTHROUGH_UNLESS_ALL_BUGS_ARE_FATAL;
case INTRO_POINT_FAILURE_GENERIC:
rend_cache_intro_failure_note(failure_type,
(uint8_t *)failed_intro->identity_digest,
diff --git a/src/lib/log/util_bug.h b/src/lib/log/util_bug.h
index 2a4d68127e..17e8d0c5a7 100644
--- a/src/lib/log/util_bug.h
+++ b/src/lib/log/util_bug.h
@@ -215,6 +215,17 @@
IF_BUG_ONCE__(ASSERT_PREDICT_UNLIKELY_(cond), \
IF_BUG_ONCE_VARNAME__(__LINE__))
+/**
+ * Use this macro after a nonfatal assertion, and before a case statement
+ * where you would want to fall through.
+ */
+#ifdef ALL_BUGS_ARE_FATAL
+#define FALLTHROUGH_UNLESS_ALL_BUGS_ARE_FATAL \
+ abort()
+#else
+#define FALLTHROUGH_UNLESS_ALL_BUGS_ARE_FATAL FALLTHROUGH
+#endif
+
/** Define this if you want Tor to crash when any problem comes up,
* so you can get a coredump and track things down. */
// #define tor_fragile_assert() tor_assert_unreached(0)