Xen project Mailing List

Re: [PATCH v2] hypfs: add ASSERT_UNREACHABLE() in hypfs_get_entry_rel()

To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>

From: Dmytro Prokopchuk1 <dmytro_prokopchuk1@xxxxxxxx>

Date: Wed, 29 Apr 2026 13:07:32 +0000

Accept-language: en-US, uk-UA, ru-RU

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=epam.com; dmarc=pass action=none header.from=epam.com; dkim=pass header.d=epam.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=8Urg5CnjzZTSUreJYqhKTDnY+Nhbqw/GjLE4oB+NKBs=; b=uxPi+/grsIwL3ormanQl1Xr8VRyIoq5zbHhdSsM4MAndcMnaNPEXxClJMEIFWGyYVuH/e5/pIunqJdaS6N+vtf+OEZlAh5W4noB9IB081hi06MyI9vRS2DvOGangBFSZ1fhIcb2kR5fV/sqmvKGF14TKQVqeErJYUTFAFHQisO122YEih1kkZUsP2BYriLmBJIdonLs6gtFuexHVbh1V2250N6nFXlvwR9IIDpqBh3e3LOOqpftnBx18VzBfUHIS39UMJpy6Vrw6GbEXIncy/u0FwApJSL3TEU7azg1cVd/ZfBy3qJu6LmhJc41UmBXGzwPWry4HYI2zBW26ROLThg==

Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=S198Y/Vlo+ZJ8H2pwWPoiw4+POCSFmRmEWhUWZ9pCcUc2Fflh4+628/0GiV7Eb1EWvTLU/UJZyTpl78amvhYDfsQuyzAPUsiGM0dydfG/VHl7o8R2KDFQBLISle6DpOlxV2vF6RMxha7C8DQ5D3TnhQkdTCzKjhgJgF+OMZ1qorGG5StseXCzL6sUduvrISm9IfF3bPZ03tqru7uFnKBDYynAA+toaD+6Q2x1I+/ntBrIkuxLJojFzRuiwsxUMqfFUnJvsuDbsHPRjouAlKSpxPvJdk3+mY4OsAP/KFEmsOJvyQWKsgX3QEs7BH5OKK4hANm+EjWrsPRM5AMvVsomw==

Authentication-results: eu.smtp.expurgate.cloud; dkim=pass header.s=selector1 header.d=epam.com header.i="@epam.com" header.h="From:Date:Subject:Message-ID:Content-Type:MIME-Version:x-ms-exchange-senderadcheck"

Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=epam.com;

Cc: Juergen Gross <jgross@xxxxxxxx>

Delivery-date: Wed, 29 Apr 2026 13:08:06 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Thread-index: AQHc1zuKSCUJ+s/V9k2YkPF8TK6+GrX1yyWAgAA4qwA=

Thread-topic: [PATCH v2] hypfs: add ASSERT_UNREACHABLE() in hypfs_get_entry_rel()

On 4/29/26 12:44, Andrew Cooper wrote: > On 28/04/2026 7:19 pm, Dmytro Prokopchuk1 wrote: >> The statement 'return ERR_PTR(-ENOENT);' on the final line of the >> function 'hypfs_get_entry_rel()' is unreachable because the logic within >> the infinite loop 'for (;;)' provides all possible exit paths for the >> function. So there is no execution path to exit the loop and reach the >> final that statement. >> >> This unreachable code violates MISRA C Rule 2.1 which states: "A project >> shall not contain unreachable code". >> >> To fix that and potential compilers "control reaches end of non-void >> function" warning, mark the code path as unreachable using macro >> 'ASSERT_UNREACHABLE()'. >> >> Signed-off-by: Dmytro Prokopchuk <dmytro_prokopchuk1@xxxxxxxx> >> --- >> Changes in v2: >> - add ASSERT_UNREACHABLE() before the final return statement instead of >> removing it >> Test CI pipeline: >> https://gitlab.com/xen-project/people/dimaprkp4k/xen/-/pipelines/2485661910 >> Link to v1: >> https://patchew.org/Xen/341811ced2943fb79d0235c27781c564c7bdaf02.1775749146.git.dmytro._5Fprokopchuk1@xxxxxxxx/ >> --- >> xen/common/hypfs.c | 1 + >> 1 file changed, 1 insertion(+) >> >> diff --git a/xen/common/hypfs.c b/xen/common/hypfs.c >> index cdf4ee0171..02fb234568 100644 >> --- a/xen/common/hypfs.c >> +++ b/xen/common/hypfs.c >> @@ -348,6 +348,7 @@ static struct hypfs_entry *hypfs_get_entry_rel(struct >> hypfs_entry_dir *dir, >> dir = container_of(entry, struct hypfs_entry_dir, e); >> } >> >> + ASSERT_UNREACHABLE(); >> return ERR_PTR(-ENOENT); >> } >> > > No. This is absurd. > > Not to mention that you are *definitely* not fixing the stated MISRA rule. > > ~Andrew Hello Andrew. Looks like there is a conflict between compiler and Eclair. A compiler is smart enough (should be at least) to understand that "return ERR_PTR(-ENOENT);" is unreachable in this case, and remove it during DCE, and at the same time to ignore *potential* warning, that non-void function doesn't have return statement at the end. The ECLAIR scans code after preprocessing, so "return ERR_PTR(-ENOENT);" is still there --> violation. With "ASSERT_UNREACHABLE();" we just make Eclair happy. In the patch v1 the return statement was removed. Do you think it is OK? Making assumption that we will never get compiler error [-Werror=return-type]... Dmytro.

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.