On 8/23/21 3:38 AM, Darren Kenny wrote:
What I did here was to not overwrite the value if DEBUG is set,
since it appeared to never be checked anyway within the for-loop.
Yes, but although your patch pacified Coverity I still don't understand
exactly why. I'd like to get to the bottom of it before continuing.
I can only assume (pun not intended) that this
is ending up as a no-op for our build, which means that Coverity sees it
as never being read after the for-loop.
I'm working blind here, since Coverity's documentation is secret, which
means you'll need to help out by reading its documentation and/or
running Coverity yourself. Can you do that and let us know the following?
* What values does Coverity define the macros __GNUC__ and
__GNUC_MINOR__ to? Or does it leave these symbols undefined?
* Similarly for _MSC_VER (defined by Microsoft C compilers).
* Does Coverity support the __builtin_unreachable and/or __builtin_trap
functions, like GCC does? (See their use in verify.h.)
* Does Coverity support __assume, like Microsoft C does? (Also see
verify.h.)
* Does Coverity support __has_builtin, like GCC and Clang do? (Again,
see verify.h.)
* Are you compiling with -DGCC_LINT and/or -Dlint?
* Does the attached patch work for you? If not, why not, and what sort
of improvements could be made?
Thanks.
diff --git a/lib/verify.h b/lib/verify.h
index a8ca59b09..3cd71b280 100644
--- a/lib/verify.h
+++ b/lib/verify.h
@@ -305,6 +305,8 @@ template <int w>
--enable-gcc-warnings, which compiles with -Dlint. It's nicer
when 'assume' silences warnings even with older GCCs. */
# define assume(R) ((R) ? (void) 0 : __builtin_trap ())
+#elif defined __COVERITY__
+# define assume(R) ((R) ? (void) 0 : __coverity_panic__ ())
#else
/* Some tools grok NOTREACHED, e.g., Oracle Studio 12.6. */
# define assume(R) ((R) ? (void) 0 : /*NOTREACHED*/ (void) 0)
