From: Ian Campbell <ian.campbell@citrix.com>
To: George Dunlap <george.dunlap@citrix.com>,
George Dunlap <george.dunlap@eu.citrix.com>,
xen-devel@lists.xen.org
Cc: Ian Jackson <ian.jackson@citrix.com>, Wei Liu <wei.liu2@citrix.com>
Subject: Re: [PATCH 4/8] tools/xenalyze: Mark unreachable code as unreachable
Date: Thu, 25 Feb 2016 15:52:40 +0000 [thread overview]
Message-ID: <1456415560.6225.225.camel@citrix.com> (raw)
In-Reply-To: <56CF210D.4080203@citrix.com>
On Thu, 2016-02-25 at 15:43 +0000, George Dunlap wrote:
> On 25/02/16 15:28, Ian Campbell wrote:
> > On Thu, 2016-02-25 at 15:09 +0000, George Dunlap wrote:
> > > On 25/02/16 15:03, Ian Campbell wrote:
> > > > On Thu, 2016-02-25 at 14:48 +0000, George Dunlap wrote:
> > > > > ...so that coverity knows it's unreachable.
> > > >
> > > > I would not be surprised if Coverity starts complaining about the
> > > > dead
> > > > code
> > > > once this is in place. fprintf + abort is probably what would be
> > > > wanted
> > > > to
> > > > placate it in this case.
> > >
> > > Hrm -- it would be nice to have a way to figure out what coverity
> > > likes
> > > without having to actually check something into the tree...
> >
> > If this code is truly unreachable (i.e. it is after a while(1) with no
> > breaks etc) then you should just drop the logging since it will never
> > be
> > reached, then the __builtin_unreachable() is appropriate.
> >
> > If, as the log message implies, this is code which _should_ be
> > unreachable
> > by design but would be reached in the case of a logic error in the
> > preceding code then what you want is either fprintf()+abort() or maybe
> > assert().
>
> Right -- well basically error(ASSERT,...) is a custom abort(). But in
> the current case it isn't actually doing anything more than an abort()
> would, so perhaps I should use that instead (since coverity knows about
> abort() and assert() but not my custom function).
Personally this is what I would do in this case.
> > But Coverity seems to have disproven this possibility, correctly AFAICT
> > because all of the preceeding cases of the if chain end with a goto,
> > this
> > removing the logging and leaving the __builtin_unreachable() is the way
> > to
> > go.
> >
> > I don't think this is really about what would keep Coverity happy, more
> > to
> > do with the intended semantics of execution reaching this point.
>
> It's already doing what I want mostly; so maybe I should just close the
> bug as "intentional" (or "needs modelling" or something).
This is also a valid thing to do.
Remember, the goal of coverity is to provide a list of places where there
might be opportunities for improvements to be made to the code, not to
provide a list of places to change just to make coverity shut up. If the
code isn't actually improved by fixing whatever coverity is complaining
about then "intentional" or "needs modelling" is the right response.
Ian.
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
next prev parent reply other threads:[~2016-02-25 15:52 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-02-25 14:48 [PATCH 0/8] Fixes to Coverity issues reported on xenalyze George Dunlap
2016-02-25 14:48 ` [PATCH 1/8] tools/xenalyze: Close symbol_file after reading it George Dunlap
2016-02-26 12:22 ` Ian Jackson
2016-02-29 16:11 ` Konrad Rzeszutek Wilk
2016-02-25 14:48 ` [PATCH 2/8] tools/xenalyze: Avoid redundant check George Dunlap
2016-02-26 12:23 ` Ian Jackson
2016-02-29 16:15 ` Konrad Rzeszutek Wilk
2016-02-25 14:48 ` [PATCH 3/8] tools/xenalyze: Handle fstat errors properly George Dunlap
2016-02-26 12:25 ` Ian Jackson
2016-03-03 12:28 ` George Dunlap
2016-02-25 14:48 ` [PATCH 4/8] tools/xenalyze: Mark unreachable code as unreachable George Dunlap
2016-02-25 15:03 ` Ian Campbell
2016-02-25 15:09 ` George Dunlap
2016-02-25 15:28 ` Ian Campbell
2016-02-25 15:43 ` George Dunlap
2016-02-25 15:52 ` Ian Campbell [this message]
2016-02-26 12:28 ` Ian Jackson
2016-02-25 14:49 ` [PATCH 5/8] tools/xenalyze: Fix check for error return value George Dunlap
2016-02-26 12:29 ` Ian Jackson
2016-02-29 16:16 ` Konrad Rzeszutek Wilk
2016-02-25 14:49 ` [PATCH 6/8] tools/xenalyze: Fix off-by-one in MAX_CPUS range checks George Dunlap
2016-02-26 12:30 ` Ian Jackson
2016-02-29 16:58 ` George Dunlap
2016-03-03 12:44 ` George Dunlap
2016-02-25 14:49 ` [PATCH 7/8] tools/xenalyze: Fix multiple instances of *HYPERCALL_MAX George Dunlap
2016-02-26 12:33 ` Ian Jackson
2016-02-29 17:29 ` George Dunlap
2016-03-01 13:36 ` Ian Jackson
2016-02-25 14:49 ` [PATCH 8/8] tools/xenalyze: Actually handle case where number of ipi vectors exceeds static max George Dunlap
2016-02-26 12:34 ` Ian Jackson
2016-02-29 16:16 ` Konrad Rzeszutek Wilk
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1456415560.6225.225.camel@citrix.com \
--to=ian.campbell@citrix.com \
--cc=george.dunlap@citrix.com \
--cc=george.dunlap@eu.citrix.com \
--cc=ian.jackson@citrix.com \
--cc=wei.liu2@citrix.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.