Re: KASSERT and clang static analyzer

["J. Lewis Muir" <jlmuir%imca-cat.org@localhost>]

On 04/19, Edgar Fuß wrote:
> > But as Taylor Campbell noted, if KASSERT sometimes does not return but
> > other times *does* return, then it's problematic for the analyzer since
> > it considers an assertion handler to be a function that does not return.
>
> Isn't analyzer_noreturn made for this?

Hmm, good point!  I didn't notice that before.  I'm not knowledgeable
enough about the details of the NetBSD kernel and the KASSERT behavior,
but at

  https://clang-analyzer.llvm.org/annotations.html#attr_analyzer_noreturn 

it says the following:

  The Clang-specific 'analyzer_noreturn' attribute is almost identical
  to 'noreturn' except that it is ignored by the compiler for the
  purposes of code generation.

  This attribute is useful for annotating assertion handlers that
  actually can return, but for the purpose of using the analyzer we want
  to pretend that such functions do not return.

  Because this attribute is Clang-specific, its use should be
  conditioned with the use of preprocessor macros.

  Example:

    #ifndef CLANG_ANALYZER_NORETURN
    #if __has_feature(attribute_analyzer_noreturn)
    #define CLANG_ANALYZER_NORETURN __attribute__((analyzer_noreturn))
    #else
    #define CLANG_ANALYZER_NORETURN
    #endif
    #endif

    void my_assert_rtn(const char *, const char *, int, const char *) CLANG_ANALYZER_NORETURN;

That sounds like it would work, for Clang only, of course.

Lewis