Re: Coverity Open Source Defect Scan of PostgreSQL

On Tue, Mar 07, 2006 at 05:39:18PM -0500, Tom Lane wrote:
> Martijn van Oosterhout <kleptog(at)svana(dot)org> writes:
> > #ifdef STATIC_ANALYSIS
> > #define ereport(elevel, rest) \
> > (errstart(elevel, __FILE__, __LINE__, PG_FUNCNAME_MACRO) ? \
> > (errfinish rest) : (void) 0), (elevel >= ERROR ? exit(0) : 0)
> > #else
> > /* Normal def */
> > #endif
>
> Hmm, neat idea ... though I wonder whether either gcc or Coverity's tool
> is smart enough to draw the right conclusions from a conditional exit()
> call ...

Well, remember this is a macro so the conditional is known at compile
time and the optimiser should see that the exit is unconditional. A
quick test with the attached program shows that gcc does correctly
determine that the last few lines are unreachable and are optimised out
entirely (with -Wunreachable-code which is not the default).

I tried to create an empty static inline function with
attribute((noreturn)) to optimise out the call to exit(), but gcc
merely points out the function does actually return and proceeds to
assume that the rest of main() is also reachable.

Another possibility would be to create two versions of errfinish, one
marked (noreturn), and use a conditional on elevel to decide which to
use. However, then you get issues with multiple evaluation of macro
arguments...

gcc 3.3.5
--
Martijn van Oosterhout <kleptog(at)svana(dot)org> http://svana.org/kleptog/
> Patent. n. Genius is 5% inspiration and 95% perspiration. A patent is a
> tool for doing 5% of the work and then sitting around waiting for someone
> else to do the other 95% so you can sue them.