ethereum · pirapira · Mar 3, 2017 · Feb 16, 2017 · Feb 23, 2017 · pirapira
diff --git a/docs/control-structures.rst b/docs/control-structures.rst
@@ -398,10 +398,13 @@ Currently, Solidity automatically generates a runtime exception in the following
 
 While a user-provided exception is generated in the following situations:
 #. Calling ``throw``.
-#. The condition of ``assert(condition)`` is not met.
 
 Internally, Solidity performs a revert operation (instruction ``0xfd``) when a user-provided exception is thrown. In contrast, it performs an invalid operation
-(instruction ``0xfe``) if a runtime exception is encountered. In both cases, this causes
+(instruction ``0xfe``) if a runtime exception is encountered or the condition of an ``assert`` call is not met. In both cases, this causes
 the EVM to revert all changes made to the state. The reason for this is that there is no safe way to continue execution, because an expected effect
 did not occur. Because we want to retain the atomicity of transactions, the safest thing to do is to revert all changes and make the whole transaction
-(or at least call) without effect.
+(or at least call) without effect.
+
+If contracts are written so that ``assert`` is only used to test internal conditions and ``throw`` or
+``revert`` is used in case of malformed input, a formal analysis tool that verifies that the invalid
+opcode can never be reached can be used to check for the absence of errors assuming valid inputs.
diff --git a/docs/miscellaneous.rst b/docs/miscellaneous.rst
@@ -461,7 +461,7 @@ Global Variables
 - ``ecrecover(bytes32 hash, uint8 v, bytes32 r, bytes32 s) returns (address)``: recover address associated with the public key from elliptic curve signature, return zero on error
 - ``addmod(uint x, uint y, uint k) returns (uint)``: compute ``(x + y) % k`` where the addition is performed with arbitrary precision and does not wrap around at ``2**256``
 - ``mulmod(uint x, uint y, uint k) returns (uint)``: compute ``(x * y) % k`` where the multiplication is performed with arbitrary precision and does not wrap around at ``2**256``
-- ``assert(bool condition)``: throws if the condition is false
+- ``assert(bool condition)``: throws if the condition is false (using an invalid opcode)
 - ``this`` (current contract's type): the current contract, explicitly convertible to ``address``
 - ``super``: the contract one level higher in the inheritance hierarchy
 - ``selfdestruct(address recipient)``: destroy the current contract, sending its funds to the given address

diff --git a/libsolidity/codegen/ExpressionCompiler.cpp b/libsolidity/codegen/ExpressionCompiler.cpp
@@ -875,9 +875,8 @@ bool ExpressionCompiler::visit(FunctionCall const& _functionCall)
 			// jump if condition was met
 			m_context << Instruction::ISZERO << Instruction::ISZERO;
 			auto success = m_context.appendConditionalJump();
-			// condition was not met, abort
-			m_context << u256(0) << u256(0);
-			m_context << Instruction::REVERT;
+			// condition was not met, flag an error
+			m_context << Instruction::INVALID;
 			// the success branch
 			m_context << success;
 			break;