Date: Wed, 13 Jul 2016 12:54:01 +0100 (BST) From: Robert Watson <rwatson@FreeBSD.org> To: Garrett Cooper <ngie@FreeBSD.org> Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r302577 - head/sys/dev/drm2 Message-ID: <alpine.BSF.2.20.1607131252340.36917@fledge.watson.org> In-Reply-To: <201607111701.u6BH189R083052@repo.freebsd.org> References: <201607111701.u6BH189R083052@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 11 Jul 2016, Garrett Cooper wrote: > Add missing default case to capable(..) function definition > > By definition (enum __drm_capabilities), cases other than CAP_SYS_ADMIN > aren't possible. Add in a KASSERT safety belt and return false in > !INVARIANTS case if an invalid value is passed in, as it would be a > programmer error. > > This fixes a -Wreturn-type error with gcc 5.3.0. > > Differential Revision: https://reviews.freebsd.org/D7188 > MFC after: 1 week > Reported by: devel/amd64-gcc (5.3.0) > Reviewed by: dumbbell > Sponsored by: EMC / Isilon Storage Division Per my comment in the review, I think a panic() here would be preferable to a KASSERT(), as it would come without perceptible runtime cost, and failstop the system if we were violating a design-time security invariant. Robert
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.20.1607131252340.36917>