Pádraig Brady <[email protected]> writes:
> * src/digest.c (sha2_sum_stream): Change from unreachable()
> to affirm() so that we have defined behavior unless
> we configure with --disable-assert.
> [...]
> #include "assure.h"
> #include "system.h"
> #include "argmatch.h"
> #include "c-ctype.h"
> @@ -300,7 +301,7 @@ sha2_sum_stream (FILE *stream, void *resstream, uintmax_t
> *length)
> case SHA512_DIGEST_SIZE:
> return sha512_stream (stream, resstream);
> default:
> - unreachable ();
> + affirm (0);
> }
Paul and I discussed this previously and both said we prefer
unreachable () [1].
You may be unaware like I was that you can make unreachable () kill the
program if reached:
$ cat main.c
#include <stddef.h>
int
main (void)
{
unreachable ();
}
$ gcc -std=gnu23 -fsanitize=undefined main.c
$ ./a.out
main.c:5:3: runtime error: execution reached an unreachable program point
I was going to change all the affirm (false) occurrences to
unreachable (), but decided it was best not to before the release.
Collin
[1] https://lists.gnu.org/archive/html/coreutils/2025-09/msg00112.html
