Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 22 Feb 2020 20:24:45 +0100
From:      Dimitry Andric <dimitry@andric.com>
To:        Ian Lepore <ian@freebsd.org>
Cc:        Mateusz Guzik <mjguzik@gmail.com>, Kyle Evans <kevans@freebsd.org>, svn-src-head <svn-src-head@freebsd.org>, svn-src-all <svn-src-all@freebsd.org>, src-committers <src-committers@freebsd.org>
Subject:   Re: svn commit: r358248 - head/sys/vm
Message-ID:  <63F5EABB-78D3-4DA5-B306-CF12CC3A6FAF@andric.com>
In-Reply-To: <b5a0d991f1d03e6cac2f7e0c1c54ac83124e8ca0.camel@freebsd.org>
References:  <202002221620.01MGK46E072303@repo.freebsd.org> <a3b2125de10d214d6e422d183f1fdc7e0e38e014.camel@freebsd.org> <CACNAnaHZnrqRv9J-B7XRCc7eN7Hkccf1R-7e36LiAXvZR4etVw@mail.gmail.com> <CAGudoHHg5R0zOc7RYge36roz%2B3C_sSRZcsyXC55W0yAyQpuuBA@mail.gmail.com> <6D39FAD8-E581-42A8-97B4-EE63800D78A4@andric.com> <b5a0d991f1d03e6cac2f7e0c1c54ac83124e8ca0.camel@freebsd.org>

next in thread | previous in thread | raw e-mail | index | archive | help

--Apple-Mail=_74EFF5FB-06C1-4E9E-B720-B20CA9152046
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
	charset=us-ascii

On 22 Feb 2020, at 20:13, Ian Lepore <ian@freebsd.org> wrote:
> 
> On Sat, 2020-02-22 at 20:01 +0100, Dimitry Andric wrote:
...
>> E.g. this is *not* meant as a way to enforce the program to abort at
>> runtime, if the supposedly unreachable part is actually reached.
>> 
>> For this purpose, one should use an abort() or panic() function call,
>> with such functions being annotated to never return.
>> 
>> -Dimitry
>> 
> 
> The problem is, people will see usages such as what Kyle did, where the
> code truly is unreachable (due to -Werror=switch), and not realizing
> that's why it's valid there, they'll assume it's a type of assert-
> unreachable and copy it/use it in other places as if that's what it was
> for.
> 
> So, IMO, using it should be exceedingly rare and there should be a
> comment nearby about why it's valid in that context, or our
> __unreachable cover for it should panic on INVARIANTS, as Kyle proposed
> in an earlier reply.

It might be better to define our own UNREACHABLE macro, similar to what
llvm itself does, roughly something like:

__noreturn void internal_unreachable(const char *, const char *, int);
#define UNREACHABLE(msg) internal_unreachable(msg, __FILE__, __LINE__)

And have the implementation of internal_unreachable() log the file,
line and message, then abort or panic in some appropriate way.

-Dimitry


--Apple-Mail=_74EFF5FB-06C1-4E9E-B720-B20CA9152046
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
	filename=signature.asc
Content-Type: application/pgp-signature;
	name=signature.asc
Content-Description: Message signed with OpenPGP

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.2

iF0EARECAB0WIQR6tGLSzjX8bUI5T82wXqMKLiCWowUCXlF//QAKCRCwXqMKLiCW
o0psAKCTBducQdnim8tIXnlqDLYMD9U+uwCfcoy+vLWT9O/DJ9Kg/XZ8R/cQcl0=
=QBIH
-----END PGP SIGNATURE-----

--Apple-Mail=_74EFF5FB-06C1-4E9E-B720-B20CA9152046--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?63F5EABB-78D3-4DA5-B306-CF12CC3A6FAF>